<html><head><meta name="color-scheme" content="light dark"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;">(self.webpackChunk_products_service_bridge=self.webpackChunk_products_service_bridge||[]).push([["56909"],{284221:function(e,t,r){"use strict";r.d(t,{B6:function(){return M},ql:function(){return X}});var s=r(202784),n=r(213980),i=r.n(n),a=r(578435),o=r.n(a),c=r(647677),p=r.n(c),d=r(588665),u=r.n(d);function l(){return(l=Object.assign||function(e){for(var t=1;t&lt;arguments.length;t++){var r=arguments[t];for(var s in r)Object.prototype.hasOwnProperty.call(r,s)&amp;&amp;(e[s]=r[s])}return e}).apply(this,arguments)}function m(e,t){e.prototype=Object.create(t.prototype),e.prototype.constructor=e,h(e,t)}function h(e,t){return(h=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function g(e,t){if(null==e)return{};var r,s,n={},i=Object.keys(e);for(s=0;s&lt;i.length;s++)t.indexOf(r=i[s])&gt;=0||(n[r]=e[r]);return n}var f={BASE:"base",BODY:"body",HEAD:"head",HTML:"html",LINK:"link",META:"meta",NOSCRIPT:"noscript",SCRIPT:"script",STYLE:"style",TITLE:"title",FRAGMENT:"Symbol(react.fragment)"},y={rel:["amphtml","canonical","alternate"]},v={type:["application/ld+json"]},b={charset:"",name:["robots","description"],property:["og:type","og:title","og:url","og:image","og:image:alt","og:description","twitter:url","twitter:title","twitter:description","twitter:image","twitter:image:alt","twitter:card","twitter:site"]},w=Object.keys(f).map(function(e){return f[e]}),x={accesskey:"accessKey",charset:"charSet",class:"className",contenteditable:"contentEditable",contextmenu:"contextMenu","http-equiv":"httpEquiv",itemprop:"itemProp",tabindex:"tabIndex"},S=Object.keys(x).reduce(function(e,t){return e[x[t]]=t,e},{}),_=function(e,t){for(var r=e.length-1;r&gt;=0;r-=1){var s=e[r];if(Object.prototype.hasOwnProperty.call(s,t))return s[t]}return null},A=function(e){var t=_(e,f.TITLE),r=_(e,"titleTemplate");if(Array.isArray(t)&amp;&amp;(t=t.join("")),r&amp;&amp;t)return r.replace(/%s/g,function(){return t});var s=_(e,"defaultTitle");return t||s||void 0},q=function(e,t){return t.filter(function(t){return void 0!==t[e]}).map(function(t){return t[e]}).reduce(function(e,t){return l({},e,t)},{})},k=function(e,t,r){var s={};return r.filter(function(t){return!!Array.isArray(t[e])||(void 0!==t[e]&amp;&amp;console&amp;&amp;"function"==typeof console.warn&amp;&amp;console.warn("Helmet: "+e+' should be of type "Array". Instead found type "'+typeof t[e]+'"'),!1)}).map(function(t){return t[e]}).reverse().reduce(function(e,r){var n={};r.filter(function(e){for(var r,i=Object.keys(e),a=0;a&lt;i.length;a+=1){var o=i[a],c=o.toLowerCase();-1===t.indexOf(c)||"rel"===r&amp;&amp;"canonical"===e[r].toLowerCase()||"rel"===c&amp;&amp;"stylesheet"===e[c].toLowerCase()||(r=c),-1===t.indexOf(o)||"innerHTML"!==o&amp;&amp;"cssText"!==o&amp;&amp;"itemprop"!==o||(r=o)}if(!r||!e[r])return!1;var p=e[r].toLowerCase();return s[r]||(s[r]={}),n[r]||(n[r]={}),!s[r][p]&amp;&amp;(n[r][p]=!0,!0)}).reverse().forEach(function(t){return e.push(t)});for(var i=Object.keys(n),a=0;a&lt;i.length;a+=1){var o=i[a],c=l({},s[o],n[o]);s[o]=c}return e},[]).reverse()},T=function(e,t){if(Array.isArray(e)&amp;&amp;e.length){for(var r=0;r&lt;e.length;r+=1)if(e[r][t])return!0}return!1},z=function(e){return Array.isArray(e)?e.join(""):e},j=function(e,t){return Array.isArray(e)?e.reduce(function(e,r){return!function(e,t){for(var r=Object.keys(e),s=0;s&lt;r.length;s+=1)if(t[r[s]]&amp;&amp;t[r[s]].includes(e[r[s]]))return!0;return!1}(r,t)?e.default.push(r):e.priority.push(r),e},{priority:[],default:[]}):{default:e}},I=function(e,t){var r;return l({},e,((r={})[t]=void 0,r))},P=[f.NOSCRIPT,f.SCRIPT,f.STYLE],$=function(e,t){return void 0===t&amp;&amp;(t=!0),!1===t?String(e):String(e).replace(/&amp;/g,"&amp;amp;").replace(/&lt;/g,"&amp;lt;").replace(/&gt;/g,"&amp;gt;").replace(/"/g,"&amp;quot;").replace(/'/g,"&amp;#x27;")},R=function(e){return Object.keys(e).reduce(function(t,r){var s=void 0!==e[r]?r+'="'+e[r]+'"':""+r;return t?t+" "+s:s},"")},E=function(e,t){return void 0===t&amp;&amp;(t={}),Object.keys(e).reduce(function(t,r){return t[x[r]||r]=e[r],t},t)},O=function(e,t){return t.map(function(t,r){var n,i=((n={key:r})["data-rh"]=!0,n);return Object.keys(t).forEach(function(e){var r=x[e]||e;"innerHTML"===r||"cssText"===r?i.dangerouslySetInnerHTML={__html:t.innerHTML||t.cssText}:i[r]=t[e]}),s.createElement(e,i)})},C=function(e,t,r){switch(e){case f.TITLE:return{toComponent:function(){var e,r,n,i;return r=t.titleAttributes,(n={key:e=t.title})["data-rh"]=!0,i=E(r,n),[s.createElement(f.TITLE,i,e)]},toString:function(){var s,n,i;return s=t.title,n=R(t.titleAttributes),i=z(s),n?"&lt;"+e+' data-rh="true" '+n+"&gt;"+$(i,r)+"&lt;/"+e+"&gt;":"&lt;"+e+' data-rh="true"&gt;'+$(i,r)+"&lt;/"+e+"&gt;"}};case"bodyAttributes":case"htmlAttributes":return{toComponent:function(){return E(t)},toString:function(){return R(t)}};default:return{toComponent:function(){return O(e,t)},toString:function(){return t.reduce(function(t,s){var n=Object.keys(s).filter(function(e){return!("innerHTML"===e||"cssText"===e)}).reduce(function(e,t){var n=void 0===s[t]?t:t+'="'+$(s[t],r)+'"';return e?e+" "+n:n},""),i=s.innerHTML||s.cssText||"",a=-1===P.indexOf(e);return t+"&lt;"+e+' data-rh="true" '+n+(a?"/&gt;":"&gt;"+i+"&lt;/"+e+"&gt;")},"")}}}},L=function(e){var t=e.baseTag,r=e.bodyAttributes,s=e.encode,n=e.htmlAttributes,i=e.noscriptTags,a=e.styleTags,o=e.title,c=e.titleAttributes,p=e.linkTags,d=e.metaTags,u=e.scriptTags,l={toComponent:function(){},toString:function(){return""}};if(e.prioritizeSeoTags){var m,h,g,w,x,S,_=(m=e.linkTags,h=e.scriptTags,g=e.encode,w=j(e.metaTags,b),x=j(m,y),S=j(h,v),{priorityMethods:{toComponent:function(){return[].concat(O(f.META,w.priority),O(f.LINK,x.priority),O(f.SCRIPT,S.priority))},toString:function(){return C(f.META,w.priority,g)+" "+C(f.LINK,x.priority,g)+" "+C(f.SCRIPT,S.priority,g)}},metaTags:w.default,linkTags:x.default,scriptTags:S.default});l=_.priorityMethods,p=_.linkTags,d=_.metaTags,u=_.scriptTags}return{priority:l,base:C(f.BASE,t,s),bodyAttributes:C("bodyAttributes",r,s),htmlAttributes:C("htmlAttributes",n,s),link:C(f.LINK,p,s),meta:C(f.META,d,s),noscript:C(f.NOSCRIPT,i,s),script:C(f.SCRIPT,u,s),style:C(f.STYLE,a,s),title:C(f.TITLE,{title:void 0===o?"":o,titleAttributes:c},s)}},D=[],B=function(e,t){var r=this;void 0===t&amp;&amp;(t="undefined"!=typeof document),this.instances=[],this.value={setHelmet:function(e){r.context.helmet=e},helmetInstances:{get:function(){return r.canUseDOM?D:r.instances},add:function(e){(r.canUseDOM?D:r.instances).push(e)},remove:function(e){var t=(r.canUseDOM?D:r.instances).indexOf(e);(r.canUseDOM?D:r.instances).splice(t,1)}}},this.context=e,this.canUseDOM=t,t||(e.helmet=L({baseTag:[],bodyAttributes:{},encodeSpecialCharacters:!0,htmlAttributes:{},linkTags:[],metaTags:[],noscriptTags:[],scriptTags:[],styleTags:[],title:"",titleAttributes:{}}))},N=s.createContext({}),G=i().shape({setHelmet:i().func,helmetInstances:i().shape({get:i().func,add:i().func,remove:i().func})}),W="undefined"!=typeof document,M=function(e){function t(r){var s;return(s=e.call(this,r)||this).helmetData=new B(s.props.context,t.canUseDOM),s}return m(t,e),t.prototype.render=function(){return s.createElement(N.Provider,{value:this.helmetData.value},this.props.children)},t}(s.Component);M.canUseDOM=W,M.propTypes={context:i().shape({helmet:i().shape()}),children:i().node.isRequired},M.defaultProps={context:{}},M.displayName="HelmetProvider";var U=function(e,t){var r,s=document.head||document.querySelector(f.HEAD),n=s.querySelectorAll(e+"[data-rh]"),i=[].slice.call(n),a=[];return t&amp;&amp;t.length&amp;&amp;t.forEach(function(t){var s=document.createElement(e);for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&amp;&amp;("innerHTML"===n?s.innerHTML=t.innerHTML:"cssText"===n?s.styleSheet?s.styleSheet.cssText=t.cssText:s.appendChild(document.createTextNode(t.cssText)):s.setAttribute(n,void 0===t[n]?"":t[n]));s.setAttribute("data-rh","true"),i.some(function(e,t){return r=t,s.isEqualNode(e)})?i.splice(r,1):a.push(s)}),i.forEach(function(e){return e.parentNode.removeChild(e)}),a.forEach(function(e){return s.appendChild(e)}),{oldTags:i,newTags:a}},F=function(e,t){var r=document.getElementsByTagName(e)[0];if(r){for(var s=r.getAttribute("data-rh"),n=s?s.split(","):[],i=[].concat(n),a=Object.keys(t),o=0;o&lt;a.length;o+=1){var c=a[o],p=t[c]||"";r.getAttribute(c)!==p&amp;&amp;r.setAttribute(c,p),-1===n.indexOf(c)&amp;&amp;n.push(c);var d=i.indexOf(c);-1!==d&amp;&amp;i.splice(d,1)}for(var u=i.length-1;u&gt;=0;u-=1)r.removeAttribute(i[u]);n.length===i.length?r.removeAttribute("data-rh"):r.getAttribute("data-rh")!==a.join(",")&amp;&amp;r.setAttribute("data-rh",a.join(","))}},H=function(e,t){var r=e.baseTag,s=e.htmlAttributes,n=e.linkTags,i=e.metaTags,a=e.noscriptTags,o=e.onChangeClientState,c=e.scriptTags,p=e.styleTags,d=e.title,u=e.titleAttributes;F(f.BODY,e.bodyAttributes),F(f.HTML,s),void 0!==d&amp;&amp;document.title!==d&amp;&amp;(document.title=z(d)),F(f.TITLE,u);var l={baseTag:U(f.BASE,r),linkTags:U(f.LINK,n),metaTags:U(f.META,i),noscriptTags:U(f.NOSCRIPT,a),scriptTags:U(f.SCRIPT,c),styleTags:U(f.STYLE,p)},m={},h={};Object.keys(l).forEach(function(e){var t=l[e],r=t.newTags,s=t.oldTags;r.length&amp;&amp;(m[e]=r),s.length&amp;&amp;(h[e]=l[e].oldTags)}),t&amp;&amp;t(),o(e,m,h)},V=null,Q=function(e){function t(){for(var t,r=arguments.length,s=Array(r),n=0;n&lt;r;n++)s[n]=arguments[n];return(t=e.call.apply(e,[this].concat(s))||this).rendered=!1,t}m(t,e);var r=t.prototype;return r.shouldComponentUpdate=function(e){return!u()(e,this.props)},r.componentDidUpdate=function(){this.emitChange()},r.componentWillUnmount=function(){this.props.context.helmetInstances.remove(this),this.emitChange()},r.emitChange=function(){var e,t,r=this.props.context,s=r.setHelmet,n=null,i={baseTag:(e=["href"],(t=r.helmetInstances.get().map(function(e){var t=l({},e.props);return delete t.context,t})).filter(function(e){return void 0!==e[f.BASE]}).map(function(e){return e[f.BASE]}).reverse().reduce(function(t,r){if(!t.length)for(var s=Object.keys(r),n=0;n&lt;s.length;n+=1){var i=s[n].toLowerCase();if(-1!==e.indexOf(i)&amp;&amp;r[i])return t.concat(r)}return t},[])),bodyAttributes:q("bodyAttributes",t),defer:_(t,"defer"),encode:_(t,"encodeSpecialCharacters"),htmlAttributes:q("htmlAttributes",t),linkTags:k(f.LINK,["rel","href"],t),metaTags:k(f.META,["name","charset","http-equiv","property","itemprop"],t),noscriptTags:k(f.NOSCRIPT,["innerHTML"],t),onChangeClientState:_(t,"onChangeClientState")||function(){},scriptTags:k(f.SCRIPT,["src","innerHTML"],t),styleTags:k(f.STYLE,["cssText"],t),title:A(t),titleAttributes:q("titleAttributes",t),prioritizeSeoTags:T(t,"prioritizeSeoTags")};M.canUseDOM?(V&amp;&amp;cancelAnimationFrame(V),i.defer?V=requestAnimationFrame(function(){H(i,function(){V=null})}):(H(i),V=null)):L&amp;&amp;(n=L(i)),s(n)},r.init=function(){this.rendered||(this.rendered=!0,this.props.context.helmetInstances.add(this),this.emitChange())},r.render=function(){return this.init(),null},t}(s.Component);Q.propTypes={context:G.isRequired},Q.displayName="HelmetDispatcher";var K=["children"],J=["children"],X=function(e){function t(){return e.apply(this,arguments)||this}m(t,e);var r=t.prototype;return r.shouldComponentUpdate=function(e){return!o()(I(this.props,"helmetData"),I(e,"helmetData"))},r.mapNestedChildrenToProps=function(e,t){if(!t)return null;switch(e.type){case f.SCRIPT:case f.NOSCRIPT:return{innerHTML:t};case f.STYLE:return{cssText:t};default:throw Error("&lt;"+e.type+" /&gt; elements are self-closing and can not contain children. Refer to our API for more information.")}},r.flattenArrayTypeChildren=function(e){var t,r=e.child,s=e.arrayTypeChildren;return l({},s,((t={})[r.type]=[].concat(s[r.type]||[],[l({},e.newChildProps,this.mapNestedChildrenToProps(r,e.nestedChildren))]),t))},r.mapObjectTypeChildren=function(e){var t,r,s=e.child,n=e.newProps,i=e.newChildProps,a=e.nestedChildren;switch(s.type){case f.TITLE:return l({},n,((t={})[s.type]=a,t.titleAttributes=l({},i),t));case f.BODY:return l({},n,{bodyAttributes:l({},i)});case f.HTML:return l({},n,{htmlAttributes:l({},i)});default:return l({},n,((r={})[s.type]=l({},i),r))}},r.mapArrayTypeChildrenToProps=function(e,t){var r=l({},t);return Object.keys(e).forEach(function(t){var s;r=l({},r,((s={})[t]=e[t],s))}),r},r.warnOnInvalidChildren=function(e,t){return p()(w.some(function(t){return e.type===t}),"function"==typeof e.type?"You may be attempting to nest &lt;Helmet&gt; components within each other, which is not allowed. Refer to our API for more information.":"Only elements types "+w.join(", ")+" are allowed. Helmet does not support rendering &lt;"+e.type+"&gt; elements. Refer to our API for more information."),p()(!t||"string"==typeof t||Array.isArray(t)&amp;&amp;!t.some(function(e){return"string"!=typeof e}),"Helmet expects a string as a child of &lt;"+e.type+"&gt;. Did you forget to wrap your children in braces? ( &lt;"+e.type+"&gt;{``}&lt;/"+e.type+"&gt; ) Refer to our API for more information."),!0},r.mapChildrenToProps=function(e,t){var r=this,n={};return s.Children.forEach(e,function(e){if(e&amp;&amp;e.props){var s=e.props,i=s.children,a=g(s,K),o=Object.keys(a).reduce(function(e,t){return e[S[t]||t]=a[t],e},{}),c=e.type;switch("symbol"==typeof c?c=c.toString():r.warnOnInvalidChildren(e,i),c){case f.FRAGMENT:t=r.mapChildrenToProps(i,t);break;case f.LINK:case f.META:case f.NOSCRIPT:case f.SCRIPT:case f.STYLE:n=r.flattenArrayTypeChildren({child:e,arrayTypeChildren:n,newChildProps:o,nestedChildren:i});break;default:t=r.mapObjectTypeChildren({child:e,newProps:t,newChildProps:o,nestedChildren:i})}}}),this.mapArrayTypeChildrenToProps(n,t)},r.render=function(){var e=this.props,t=e.children,r=g(e,J),n=l({},r),i=r.helmetData;return t&amp;&amp;(n=this.mapChildrenToProps(t,n)),!i||i instanceof B||(i=new B(i.context,i.instances)),i?s.createElement(Q,l({},n,{context:i.value,helmetData:void 0})):s.createElement(N.Consumer,null,function(e){return s.createElement(Q,l({},n,{context:e}))})},t}(s.Component);X.propTypes={base:i().object,bodyAttributes:i().object,children:i().oneOfType([i().arrayOf(i().node),i().node]),defaultTitle:i().string,defer:i().bool,encodeSpecialCharacters:i().bool,htmlAttributes:i().object,link:i().arrayOf(i().object),meta:i().arrayOf(i().object),noscript:i().arrayOf(i().object),onChangeClientState:i().func,script:i().arrayOf(i().object),style:i().arrayOf(i().object),title:i().string,titleAttributes:i().object,titleTemplate:i().string,prioritizeSeoTags:i().bool,helmetData:i().object},X.defaultProps={defer:!0,encodeSpecialCharacters:!0,prioritizeSeoTags:!1},X.displayName="Helmet"},420963:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;U});var s=function(){function e(e){var t=this;this._insertTag=function(e){var r;r=0===t.tags.length?t.insertionPoint?t.insertionPoint.nextSibling:t.prepend?t.container.firstChild:t.before:t.tags[t.tags.length-1].nextSibling,t.container.insertBefore(e,r),t.tags.push(e)},this.isSpeedy=void 0===e.speedy||e.speedy,this.tags=[],this.ctr=0,this.nonce=e.nonce,this.key=e.key,this.container=e.container,this.prepend=e.prepend,this.insertionPoint=e.insertionPoint,this.before=null}var t=e.prototype;return t.hydrate=function(e){e.forEach(this._insertTag)},t.insert=function(e){if(this.ctr%(this.isSpeedy?65e3:1)==0){var t;this._insertTag(((t=document.createElement("style")).setAttribute("data-emotion",this.key),void 0!==this.nonce&amp;&amp;t.setAttribute("nonce",this.nonce),t.appendChild(document.createTextNode("")),t.setAttribute("data-s",""),t))}var r=this.tags[this.tags.length-1];if(this.isSpeedy){var s=function(e){if(e.sheet)return e.sheet;for(var t=0;t&lt;document.styleSheets.length;t++)if(document.styleSheets[t].ownerNode===e)return document.styleSheets[t]}(r);try{s.insertRule(e,s.cssRules.length)}catch(e){}}else r.appendChild(document.createTextNode(e));this.ctr++},t.flush=function(){this.tags.forEach(function(e){var t;return null==(t=e.parentNode)?void 0:t.removeChild(e)}),this.tags=[],this.ctr=0},e}(),n=Math.abs,i=String.fromCharCode,a=Object.assign;function o(e,t,r){return e.replace(t,r)}function c(e,t){return e.indexOf(t)}function p(e,t){return 0|e.charCodeAt(t)}function d(e,t,r){return e.slice(t,r)}function u(e){return e.length}function l(e,t){return t.push(e),e}var m=1,h=1,g=0,f=0,y=0,v="";function b(e,t,r,s,n,i,a){return{value:e,root:t,parent:r,type:s,props:n,children:i,line:m,column:h,length:a,return:""}}function w(e,t){return a(b("",null,null,"",null,null,0),e,{length:-e.length},t)}function x(){return y=f&lt;g?p(v,f++):0,h++,10===y&amp;&amp;(h=1,m++),y}function S(){return p(v,f)}function _(e){switch(e){case 0:case 9:case 10:case 13:case 32:return 5;case 33:case 43:case 44:case 47:case 62:case 64:case 126:case 59:case 123:case 125:return 4;case 58:return 3;case 34:case 39:case 40:case 91:return 2;case 41:case 93:return 1}return 0}function A(e){return m=h=1,g=u(v=e),f=0,[]}function q(e){var t,r;return(t=f-1,r=function e(t){for(;x();)switch(y){case t:return f;case 34:case 39:34!==t&amp;&amp;39!==t&amp;&amp;e(y);break;case 40:41===t&amp;&amp;e(t);break;case 92:x()}return f}(91===e?e+2:40===e?e+1:e),d(v,t,r)).trim()}var k="-ms-",T="-moz-",z="-webkit-",j="comm",I="rule",P="decl",$="@keyframes";function R(e,t){for(var r="",s=e.length,n=0;n&lt;s;n++)r+=t(e[n],n,e,t)||"";return r}function E(e,t,r,s){switch(e.type){case"@layer":if(e.children.length)break;case"@import":case P:return e.return=e.return||e.value;case j:return"";case $:return e.return=e.value+"{"+R(e.children,s)+"}";case I:e.value=e.props.join(",")}return u(r=R(e.children,s))?e.return=e.value+"{"+r+"}":""}function O(e,t,r,s,i,a,c,p,u,l,m){for(var h=i-1,g=0===i?a:[""],f=g.length,y=0,v=0,w=0;y&lt;s;++y)for(var x=0,S=d(e,h+1,h=n(v=c[y])),_=e;x&lt;f;++x)(_=(v&gt;0?g[x]+" "+S:o(S,/&amp;\f/g,g[x])).trim())&amp;&amp;(u[w++]=_);return b(e,t,r,0===i?I:p,u,l,m)}function C(e,t,r,s){return b(e,t,r,P,d(e,0,s),d(e,s+1,-1),s)}var L=function(e,t,r){for(var s=0,n=0;s=n,n=S(),38===s&amp;&amp;12===n&amp;&amp;(t[r]=1),!_(n);)x();return d(v,e,f)},D=function(e,t){var r=-1,s=44;do switch(_(s)){case 0:38===s&amp;&amp;12===S()&amp;&amp;(t[r]=1),e[r]+=L(f-1,t,r);break;case 2:e[r]+=q(s);break;case 4:if(44===s){e[++r]=58===S()?"&amp;\f":"",t[r]=e[r].length;break}default:e[r]+=i(s)}while(s=x());return e},B=function(e,t){var r;return r=D(A(e),t),v="",r},N=new WeakMap,G=function(e){if("rule"===e.type&amp;&amp;e.parent&amp;&amp;!(e.length&lt;1)){for(var t=e.value,r=e.parent,s=e.column===r.column&amp;&amp;e.line===r.line;"rule"!==r.type;)if(!(r=r.parent))return;if((1!==e.props.length||58===t.charCodeAt(0)||N.get(r))&amp;&amp;!s){N.set(e,!0);for(var n=[],i=B(t,n),a=r.props,o=0,c=0;o&lt;i.length;o++)for(var p=0;p&lt;a.length;p++,c++)e.props[c]=n[o]?i[o].replace(/&amp;\f/g,a[p]):a[p]+" "+i[o]}}},W=function(e){if("decl"===e.type){var t=e.value;108===t.charCodeAt(0)&amp;&amp;98===t.charCodeAt(2)&amp;&amp;(e.return="",e.value="")}},M=[function(e,t,r,s){if(e.length&gt;-1&amp;&amp;!e.return)switch(e.type){case P:e.return=function e(t,r){switch(45^p(t,0)?(((r&lt;&lt;2^p(t,0))&lt;&lt;2^p(t,1))&lt;&lt;2^p(t,2))&lt;&lt;2^p(t,3):0){case 5103:return z+"print-"+t+t;case 5737:case 4201:case 3177:case 3433:case 1641:case 4457:case 2921:case 5572:case 6356:case 5844:case 3191:case 6645:case 3005:case 6391:case 5879:case 5623:case 6135:case 4599:case 4855:case 4215:case 6389:case 5109:case 5365:case 5621:case 3829:return z+t+t;case 5349:case 4246:case 4810:case 6968:case 2756:return z+t+T+t+k+t+t;case 6828:case 4268:return z+t+k+t+t;case 6165:return z+t+k+"flex-"+t+t;case 5187:return z+t+o(t,/(\w+).+(:[^]+)/,z+"box-$1$2"+k+"flex-$1$2")+t;case 5443:return z+t+k+"flex-item-"+o(t,/flex-|-self/,"")+t;case 4675:return z+t+k+"flex-line-pack"+o(t,/align-content|flex-|-self/,"")+t;case 5548:return z+t+k+o(t,"shrink","negative")+t;case 5292:return z+t+k+o(t,"basis","preferred-size")+t;case 6060:return z+"box-"+o(t,"-grow","")+z+t+k+o(t,"grow","positive")+t;case 4554:return z+o(t,/([^-])(transform)/g,"$1"+z+"$2")+t;case 6187:return o(o(o(t,/(zoom-|grab)/,z+"$1"),/(image-set)/,z+"$1"),t,"")+t;case 5495:case 3959:return o(t,/(image-set\([^]*)/,z+"$1$`$1");case 4968:return o(o(t,/(.+:)(flex-)?(.*)/,z+"box-pack:$3"+k+"flex-pack:$3"),/s.+-b[^;]+/,"justify")+z+t+t;case 4095:case 3583:case 4068:case 2532:return o(t,/(.+)-inline(.+)/,z+"$1$2")+t;case 8116:case 7059:case 5753:case 5535:case 5445:case 5701:case 4933:case 4677:case 5533:case 5789:case 5021:case 4765:if(u(t)-1-r&gt;6)switch(p(t,r+1)){case 109:if(45!==p(t,r+4))break;case 102:return o(t,/(.+:)(.+)-([^]+)/,"$1"+z+"$2-$3$1"+T+(108==p(t,r+3)?"$3":"$2-$3"))+t;case 115:return~c(t,"stretch")?e(o(t,"stretch","fill-available"),r)+t:t}break;case 4949:if(115!==p(t,r+1))break;case 6444:switch(p(t,u(t)-3-(~c(t,"!important")&amp;&amp;10))){case 107:return o(t,":",":"+z)+t;case 101:return o(t,/(.+:)([^;!]+)(;|!.+)?/,"$1"+z+(45===p(t,14)?"inline-":"")+"box$3$1"+z+"$2$3$1"+k+"$2box$3")+t}break;case 5936:switch(p(t,r+11)){case 114:return z+t+k+o(t,/[svh]\w+-[tblr]{2}/,"tb")+t;case 108:return z+t+k+o(t,/[svh]\w+-[tblr]{2}/,"tb-rl")+t;case 45:return z+t+k+o(t,/[svh]\w+-[tblr]{2}/,"lr")+t}return z+t+k+t+t}return t}(e.value,e.length);break;case $:return R([w(e,{value:o(e.value,"@","@"+z)})],s);case I:if(e.length){var n,i;return n=e.props,i=function(t){var r;switch(r=t,(r=/(::plac\w+|:read-\w+)/.exec(r))?r[0]:r){case":read-only":case":read-write":return R([w(e,{props:[o(t,/:(read-\w+)/,":"+T+"$1")]})],s);case"::placeholder":return R([w(e,{props:[o(t,/:(plac\w+)/,":"+z+"input-$1")]}),w(e,{props:[o(t,/:(plac\w+)/,":"+T+"$1")]}),w(e,{props:[o(t,/:(plac\w+)/,k+"input-$1")]})],s)}return""},n.map(i).join("")}}}],U=function(e){var t,r,n,a,g,w,k=e.key;if("css"===k){var T=document.querySelectorAll("style[data-emotion]:not([data-s])");Array.prototype.forEach.call(T,function(e){-1!==e.getAttribute("data-emotion").indexOf(" ")&amp;&amp;(document.head.appendChild(e),e.setAttribute("data-s",""))})}var z=e.stylisPlugins||M,I={},P=[];a=e.container||document.head,Array.prototype.forEach.call(document.querySelectorAll('style[data-emotion^="'+k+' "]'),function(e){for(var t=e.getAttribute("data-emotion").split(" "),r=1;r&lt;t.length;r++)I[t[r]]=!0;P.push(e)});var $=(r=(t=[G,W].concat(z,[E,(n=function(e){w.insert(e)},function(e){!e.root&amp;&amp;(e=e.return)&amp;&amp;n(e)})])).length,function(e,s,n,i){for(var a="",o=0;o&lt;r;o++)a+=t[o](e,s,n,i)||"";return a}),L=function(e){var t,r;return R((r=function e(t,r,s,n,a,g,w,A,k){for(var T,z=0,I=0,P=w,$=0,R=0,E=0,L=1,D=1,B=1,N=0,G="",W=a,M=g,U=n,F=G;D;)switch(E=N,N=x()){case 40:if(108!=E&amp;&amp;58==p(F,P-1)){-1!=c(F+=o(q(N),"&amp;","&amp;\f"),"&amp;\f")&amp;&amp;(B=-1);break}case 34:case 39:case 91:F+=q(N);break;case 9:case 10:case 13:case 32:F+=function(e){for(;y=S();)if(y&lt;33)x();else break;return _(e)&gt;2||_(y)&gt;3?"":" "}(E);break;case 92:F+=function(e,t){for(var r;--t&amp;&amp;x()&amp;&amp;!(y&lt;48)&amp;&amp;!(y&gt;102)&amp;&amp;(!(y&gt;57)||!(y&lt;65))&amp;&amp;(!(y&gt;70)||!(y&lt;97)););return r=f+(t&lt;6&amp;&amp;32==S()&amp;&amp;32==x()),d(v,e,r)}(f-1,7);continue;case 47:switch(S()){case 42:case 47:l((T=function(e,t){for(;x();)if(e+y===57)break;else if(e+y===84&amp;&amp;47===S())break;return"/*"+d(v,t,f-1)+"*"+i(47===e?e:x())}(x(),f),b(T,r,s,j,i(y),d(T,2,-2),0)),k);break;default:F+="/"}break;case 123*L:A[z++]=u(F)*B;case 125*L:case 59:case 0:switch(N){case 0:case 125:D=0;case 59+I:-1==B&amp;&amp;(F=o(F,/\f/g,"")),R&gt;0&amp;&amp;u(F)-P&amp;&amp;l(R&gt;32?C(F+";",n,s,P-1):C(o(F," ","")+";",n,s,P-2),k);break;case 59:F+=";";default:if(l(U=O(F,r,s,z,I,a,A,G,W=[],M=[],P),g),123===N){if(0===I)e(F,r,U,U,W,g,P,A,M);else switch(99===$&amp;&amp;110===p(F,3)?100:$){case 100:case 108:case 109:case 115:e(t,U,U,n&amp;&amp;l(O(t,U,U,0,0,a,A,G,a,W=[],P),M),a,M,P,A,n?W:M);break;default:e(F,U,U,U,[""],M,0,A,M)}}}z=I=R=0,L=B=1,G=F="",P=w;break;case 58:P=1+u(F),R=E;default:if(L&lt;1){if(123==N)--L;else if(125==N&amp;&amp;0==L++&amp;&amp;125==(y=f&gt;0?p(v,--f):0,h--,10===y&amp;&amp;(h=1,m--),y))continue}switch(F+=i(N),N*L){case 38:B=I&gt;0?1:(F+="\f",-1);break;case 44:A[z++]=(u(F)-1)*B,B=1;break;case 64:45===S()&amp;&amp;(F+=q(x())),$=S(),I=P=u(G=F+=function(e){for(;!_(S());)x();return d(v,e,f)}(f)),N++;break;case 45:45===E&amp;&amp;2==u(F)&amp;&amp;(L=0)}}return g}("",null,null,null,[""],t=A(t=e),0,[0],t),v="",r),$)};g=function(e,t,r,s){w=r,L(e?e+"{"+t.styles+"}":t.styles),s&amp;&amp;(D.inserted[t.name]=!0)};var D={key:k,sheet:new s({key:k,container:a,nonce:e.nonce,speedy:e.speedy,prepend:e.prepend,insertionPoint:e.insertionPoint}),nonce:e.nonce,inserted:I,registered:{},insert:g};return D.sheet.hydrate(P),D}},886894:function(e,t,r){"use strict";function s(e){var t=Object.create(null);return function(r){return void 0===t[r]&amp;&amp;(t[r]=e(r)),t[r]}}r.d(t,{Z:function(){return s}})},566712:function(e,t,r){"use strict";r.d(t,{E:function(){return g},T:function(){return d},c:function(){return m},h:function(){return u},w:function(){return p}});var s=r(202784),n=r(420963),i=r(882792),a=r(148290),o=r(882668),c=s.createContext("undefined"!=typeof HTMLElement?(0,n.Z)({key:"css"}):null);c.Provider;var p=function(e){return(0,s.forwardRef)(function(t,r){return e(t,(0,s.useContext)(c),r)})},d=s.createContext({}),u={}.hasOwnProperty,l="__EMOTION_TYPE_PLEASE_DO_NOT_USE__",m=function(e,t){var r={};for(var s in t)u.call(t,s)&amp;&amp;(r[s]=t[s]);return r[l]=e,r},h=function(e){var t=e.cache,r=e.serialized,s=e.isStringTag;return(0,i.hC)(t,r,s),(0,o.L)(function(){return(0,i.My)(t,r,s)}),null},g=p(function(e,t,r){var n=e.css;"string"==typeof n&amp;&amp;void 0!==t.registered[n]&amp;&amp;(n=t.registered[n]);var o=e[l],c=[n],p="";"string"==typeof e.className?p=(0,i.fp)(t.registered,c,e.className):null!=e.className&amp;&amp;(p=e.className+" ");var m=(0,a.O)(c,void 0,s.useContext(d));p+=t.key+"-"+m.name;var g={};for(var f in e)u.call(e,f)&amp;&amp;"css"!==f&amp;&amp;f!==l&amp;&amp;(g[f]=e[f]);return g.className=p,r&amp;&amp;(g.ref=r),s.createElement(s.Fragment,null,s.createElement(h,{cache:t,serialized:m,isStringTag:"string"==typeof o}),s.createElement(o,g))})},728165:function(e,t,r){"use strict";r.d(t,{iv:function(){return p}});var s,n,i=r(566712),a=r(202784);r(882668);var o=r(148290);r(420963),r(373463);var c=function(e,t){var r=arguments;if(null==t||!i.h.call(t,"css"))return a.createElement.apply(void 0,r);var s=r.length,n=Array(s);n[0]=i.E,n[1]=(0,i.c)(e,t);for(var o=2;o&lt;s;o++)n[o]=r[o];return a.createElement.apply(null,n)};function p(){for(var e=arguments.length,t=Array(e),r=0;r&lt;e;r++)t[r]=arguments[r];return(0,o.O)(t)}s=c||(c={}),n||(n=s.JSX||(s.JSX={}))},552903:function(e,t,r){"use strict";r.d(t,{BX:function(){return o},HY:function(){return i},tZ:function(){return a}});var s=r(552322),n=r(566712);r(202784),r(420963),r(373463),r(882668);var i=s.Fragment,a=function(e,t,r){return n.h.call(t,"css")?s.jsx(n.E,(0,n.c)(e,t),r):s.jsx(e,t,r)},o=function(e,t,r){return n.h.call(t,"css")?s.jsxs(n.E,(0,n.c)(e,t),r):s.jsxs(e,t,r)}},148290:function(e,t,r){"use strict";r.d(t,{O:()=&gt;h});var s,n={animationIterationCount:1,aspectRatio:1,borderImageOutset:1,borderImageSlice:1,borderImageWidth:1,boxFlex:1,boxFlexGroup:1,boxOrdinalGroup:1,columnCount:1,columns:1,flex:1,flexGrow:1,flexPositive:1,flexShrink:1,flexNegative:1,flexOrder:1,gridRow:1,gridRowEnd:1,gridRowSpan:1,gridRowStart:1,gridColumn:1,gridColumnEnd:1,gridColumnSpan:1,gridColumnStart:1,msGridRow:1,msGridRowSpan:1,msGridColumn:1,msGridColumnSpan:1,fontWeight:1,lineHeight:1,opacity:1,order:1,orphans:1,scale:1,tabSize:1,widows:1,zIndex:1,zoom:1,WebkitLineClamp:1,fillOpacity:1,floodOpacity:1,stopOpacity:1,strokeDasharray:1,strokeDashoffset:1,strokeMiterlimit:1,strokeOpacity:1,strokeWidth:1},i=r("886894"),a=/[A-Z]|^ms/g,o=/_EMO_([^_]+?)_([^]*?)_EMO_/g,c=function(e){return 45===e.charCodeAt(1)},p=function(e){return null!=e&amp;&amp;"boolean"!=typeof e},d=(0,i.Z)(function(e){return c(e)?e:e.replace(a,"-$&amp;").toLowerCase()}),u=function(e,t){switch(e){case"animation":case"animationName":if("string"==typeof t)return t.replace(o,function(e,t,r){return s={name:t,styles:r,next:s},t})}return 1===n[e]||c(e)||"number"!=typeof t||0===t?t:t+"px"};function l(e,t,r){if(null==r)return"";if(void 0!==r.__emotion_styles)return r;switch(typeof r){case"boolean":return"";case"object":if(1===r.anim)return s={name:r.name,styles:r.styles,next:s},r.name;if(void 0!==r.styles){var n=r.next;if(void 0!==n)for(;void 0!==n;)s={name:n.name,styles:n.styles,next:s},n=n.next;return r.styles+";"}return function(e,t,r){var s="";if(Array.isArray(r))for(var n=0;n&lt;r.length;n++)s+=l(e,t,r[n])+";";else for(var i in r){var a=r[i];if("object"!=typeof a)null!=t&amp;&amp;void 0!==t[a]?s+=i+"{"+t[a]+"}":p(a)&amp;&amp;(s+=d(i)+":"+u(i,a)+";");else if(Array.isArray(a)&amp;&amp;"string"==typeof a[0]&amp;&amp;(null==t||void 0===t[a[0]]))for(var o=0;o&lt;a.length;o++)p(a[o])&amp;&amp;(s+=d(i)+":"+u(i,a[o])+";");else{var c=l(e,t,a);switch(i){case"animation":case"animationName":s+=d(i)+":"+c+";";break;default:s+=i+"{"+c+"}"}}}return s}(e,t,r);case"function":if(void 0!==e){var i=s,a=r(e);return s=i,l(e,t,a)}}if(null==t)return r;var o=t[r];return void 0!==o?o:r}var m=/label:\s*([^\s;{]+)\s*(;|$)/g;function h(e,t,r){if(1===e.length&amp;&amp;"object"==typeof e[0]&amp;&amp;null!==e[0]&amp;&amp;void 0!==e[0].styles)return e[0];var n,i=!0,a="";s=void 0;var o=e[0];null==o||void 0===o.raw?(i=!1,a+=l(r,t,o)):a+=o[0];for(var c=1;c&lt;e.length;c++)a+=l(r,t,e[c]),i&amp;&amp;(a+=o[c]);m.lastIndex=0;for(var p="";null!==(n=m.exec(a));)p+="-"+n[1];return{name:function(e){for(var t,r=0,s=0,n=e.length;n&gt;=4;++s,n-=4)t=(65535&amp;(t=255&amp;e.charCodeAt(s)|(255&amp;e.charCodeAt(++s))&lt;&lt;8|(255&amp;e.charCodeAt(++s))&lt;&lt;16|(255&amp;e.charCodeAt(++s))&lt;&lt;24))*0x5bd1e995+((t&gt;&gt;&gt;16)*59797&lt;&lt;16),t^=t&gt;&gt;&gt;24,r=(65535&amp;t)*0x5bd1e995+((t&gt;&gt;&gt;16)*59797&lt;&lt;16)^(65535&amp;r)*0x5bd1e995+((r&gt;&gt;&gt;16)*59797&lt;&lt;16);switch(n){case 3:r^=(255&amp;e.charCodeAt(s+2))&lt;&lt;16;case 2:r^=(255&amp;e.charCodeAt(s+1))&lt;&lt;8;case 1:r^=255&amp;e.charCodeAt(s),r=(65535&amp;r)*0x5bd1e995+((r&gt;&gt;&gt;16)*59797&lt;&lt;16)}return r^=r&gt;&gt;&gt;13,(((r=(65535&amp;r)*0x5bd1e995+((r&gt;&gt;&gt;16)*59797&lt;&lt;16))^r&gt;&gt;&gt;15)&gt;&gt;&gt;0).toString(36)}(a)+p,styles:a,next:s}}},882668:function(e,t,r){"use strict";r.d(t,{L:function(){return a}});var s,n=r(202784),i=!!(s||(s=r.t(n,2))).useInsertionEffect&amp;&amp;(s||(s=r.t(n,2))).useInsertionEffect,a=i||function(e){return e()};i||n.useLayoutEffect},882792:function(e,t,r){"use strict";function s(e,t,r){var s="";return r.split(" ").forEach(function(r){void 0!==e[r]?t.push(e[r]+";"):r&amp;&amp;(s+=r+" ")}),s}r.d(t,{My:function(){return i},fp:function(){return s},hC:function(){return n}});var n=function(e,t,r){var s=e.key+"-"+t.name;!1===r&amp;&amp;void 0===e.registered[s]&amp;&amp;(e.registered[s]=t.styles)},i=function(e,t,r){n(e,t,r);var s=e.key+"-"+t.name;if(void 0===e.inserted[t.name]){var i=t;do e.insert(t===i?"."+s:"",i,e.sheet,!0),i=i.next;while(void 0!==i)}}},151656:function(e,t,r){"use strict";r.r(t)},660169:function(e,t,r){"use strict";r.r(t)},201221:function(e,t,r){"use strict";r.r(t)},716962:function(e,t,r){"use strict";r.d(t,{PP:()=&gt;z,lX:()=&gt;w,ob:()=&gt;m,Ep:()=&gt;l,q_:()=&gt;k});var s=r("313714");function n(e){return"/"===e.charAt(0)}function i(e,t){for(var r=t,s=r+1,n=e.length;s&lt;n;r+=1,s+=1)e[r]=e[s];e.pop()}let a=function(e,t){void 0===t&amp;&amp;(t="");var r,s=e&amp;&amp;e.split("/")||[],a=t&amp;&amp;t.split("/")||[],o=e&amp;&amp;n(e),c=t&amp;&amp;n(t),p=o||c;if(e&amp;&amp;n(e)?a=s:s.length&amp;&amp;(a.pop(),a=a.concat(s)),!a.length)return"/";if(a.length){var d=a[a.length-1];r="."===d||".."===d||""===d}else r=!1;for(var u=0,l=a.length;l&gt;=0;l--){var m=a[l];"."===m?i(a,l):".."===m?(i(a,l),u++):u&amp;&amp;(i(a,l),u--)}if(!p)for(;u--;u)a.unshift("..");!p||""===a[0]||a[0]&amp;&amp;n(a[0])||a.unshift("");var h=a.join("/");return r&amp;&amp;"/"!==h.substr(-1)&amp;&amp;(h+="/"),h};var o=r("444965");function c(e){return"/"===e.charAt(0)?e:"/"+e}function p(e){return"/"===e.charAt(0)?e.substr(1):e}function d(e,t){return 0===e.toLowerCase().indexOf(t.toLowerCase())&amp;&amp;-1!=="/?#".indexOf(e.charAt(t.length))?e.substr(t.length):e}function u(e){return"/"===e.charAt(e.length-1)?e.slice(0,-1):e}function l(e){var t=e.pathname,r=e.search,s=e.hash,n=t||"/";return r&amp;&amp;"?"!==r&amp;&amp;(n+="?"===r.charAt(0)?r:"?"+r),s&amp;&amp;"#"!==s&amp;&amp;(n+="#"===s.charAt(0)?s:"#"+s),n}function m(e,t,r,n){var i,o,c,p,d,u;"string"==typeof e?(c="",p="",-1!==(d=(o=e||"/").indexOf("#"))&amp;&amp;(p=o.substr(d),o=o.substr(0,d)),-1!==(u=o.indexOf("?"))&amp;&amp;(c=o.substr(u),o=o.substr(0,u)),(i={pathname:o,search:"?"===c?"":c,hash:"#"===p?"":p}).state=t):(void 0===(i=(0,s.Z)({},e)).pathname&amp;&amp;(i.pathname=""),i.search?"?"!==i.search.charAt(0)&amp;&amp;(i.search="?"+i.search):i.search="",i.hash?"#"!==i.hash.charAt(0)&amp;&amp;(i.hash="#"+i.hash):i.hash="",void 0!==t&amp;&amp;void 0===i.state&amp;&amp;(i.state=t));try{i.pathname=decodeURI(i.pathname)}catch(e){if(e instanceof URIError)throw URIError('Pathname "'+i.pathname+'" could not be decoded. This is likely caused by an invalid percent-encoding.');throw e}return r&amp;&amp;(i.key=r),n?i.pathname?"/"!==i.pathname.charAt(0)&amp;&amp;(i.pathname=a(i.pathname,n.pathname)):i.pathname=n.pathname:i.pathname||(i.pathname="/"),i}function h(){var e=null,t=[];return{setPrompt:function(t){return e=t,function(){e===t&amp;&amp;(e=null)}},confirmTransitionTo:function(t,r,s,n){if(null!=e){var i="function"==typeof e?e(t,r):e;"string"==typeof i?"function"==typeof s?s(i,n):n(!0):n(!1!==i)}else n(!0)},appendListener:function(e){var r=!0;function s(){r&amp;&amp;e.apply(void 0,arguments)}return t.push(s),function(){r=!1,t=t.filter(function(e){return e!==s})}},notifyListeners:function(){for(var e=arguments.length,r=Array(e),s=0;s&lt;e;s++)r[s]=arguments[s];t.forEach(function(e){return e.apply(void 0,r)})}}}var g=!!("undefined"!=typeof window&amp;&amp;window.document&amp;&amp;window.document.createElement);function f(e,t){t(window.confirm(e))}var y="popstate",v="hashchange";function b(){try{return window.history.state||{}}catch(e){return{}}}function w(e){void 0===e&amp;&amp;(e={}),g||(0,o.Z)(!1);var t,r=window.history,n=(-1===(t=window.navigator.userAgent).indexOf("Android 2.")&amp;&amp;-1===t.indexOf("Android 4.0")||-1===t.indexOf("Mobile Safari")||-1!==t.indexOf("Chrome")||-1!==t.indexOf("Windows Phone"))&amp;&amp;window.history&amp;&amp;"pushState"in window.history,i=-1!==window.navigator.userAgent.indexOf("Trident"),a=e,p=a.forceRefresh,w=void 0!==p&amp;&amp;p,x=a.getUserConfirmation,S=void 0===x?f:x,_=a.keyLength,A=void 0===_?6:_,q=e.basename?u(c(e.basename)):"";function k(e){var t=e||{},r=t.key,s=t.state,n=window.location,i=n.pathname+n.search+n.hash;return q&amp;&amp;(i=d(i,q)),m(i,s,r)}function T(){return Math.random().toString(36).substr(2,A)}var z=h();function j(e){(0,s.Z)(G,e),G.length=r.length,z.notifyListeners(G.location,G.action)}function I(e){!(void 0===e.state&amp;&amp;-1===navigator.userAgent.indexOf("CriOS"))&amp;&amp;R(k(e.state))}function P(){R(k(b()))}var $=!1;function R(e){$?($=!1,j()):z.confirmTransitionTo(e,"POP",S,function(t){var r,s,n,i,a;t?j({action:"POP",location:e}):(r=e,s=G.location,-1===(n=O.indexOf(s.key))&amp;&amp;(n=0),-1===(i=O.indexOf(r.key))&amp;&amp;(i=0),(a=n-i)&amp;&amp;($=!0,L(a)))})}var E=k(b()),O=[E.key];function C(e){return q+l(e)}function L(e){r.go(e)}var D=0;function B(e){1===(D+=e)&amp;&amp;1===e?(window.addEventListener(y,I),i&amp;&amp;window.addEventListener(v,P)):0===D&amp;&amp;(window.removeEventListener(y,I),i&amp;&amp;window.removeEventListener(v,P))}var N=!1,G={length:r.length,action:"POP",location:E,createHref:C,push:function(e,t){var s="PUSH",i=m(e,t,T(),G.location);z.confirmTransitionTo(i,s,S,function(e){if(e){var t=C(i),a=i.key,o=i.state;if(n){if(r.pushState({key:a,state:o},null,t),w)window.location.href=t;else{var c=O.indexOf(G.location.key),p=O.slice(0,c+1);p.push(i.key),O=p,j({action:s,location:i})}}else window.location.href=t}})},replace:function(e,t){var s="REPLACE",i=m(e,t,T(),G.location);z.confirmTransitionTo(i,s,S,function(e){if(e){var t=C(i),a=i.key,o=i.state;if(n){if(r.replaceState({key:a,state:o},null,t),w)window.location.replace(t);else{var c=O.indexOf(G.location.key);-1!==c&amp;&amp;(O[c]=i.key),j({action:s,location:i})}}else window.location.replace(t)}})},go:L,goBack:function(){L(-1)},goForward:function(){L(1)},block:function(e){void 0===e&amp;&amp;(e=!1);var t=z.setPrompt(e);return N||(B(1),N=!0),function(){return N&amp;&amp;(N=!1,B(-1)),t()}},listen:function(e){var t=z.appendListener(e);return B(1),function(){B(-1),t()}}};return G}var x="hashchange",S={hashbang:{encodePath:function(e){return"!"===e.charAt(0)?e:"!/"+p(e)},decodePath:function(e){return"!"===e.charAt(0)?e.substr(1):e}},noslash:{encodePath:p,decodePath:c},slash:{encodePath:c,decodePath:c}};function _(e){var t=e.indexOf("#");return -1===t?e:e.slice(0,t)}function A(){var e=window.location.href,t=e.indexOf("#");return -1===t?"":e.substring(t+1)}function q(e){window.location.replace(_(window.location.href)+"#"+e)}function k(e){void 0===e&amp;&amp;(e={}),g||(0,o.Z)(!1);var t=window.history;window.navigator.userAgent.indexOf("Firefox");var r=e,n=r.getUserConfirmation,i=void 0===n?f:n,a=r.hashType,p=e.basename?u(c(e.basename)):"",y=S[void 0===a?"slash":a],v=y.encodePath,b=y.decodePath;function w(){var e=b(A());return p&amp;&amp;(e=d(e,p)),m(e)}var k=h();function T(e){(0,s.Z)(B,e),B.length=t.length,k.notifyListeners(B.location,B.action)}var z=!1,j=null;function I(){var e=A(),t=v(e);if(e!==t)q(t);else{var r,s=w(),n=B.location;if(!z&amp;&amp;n.pathname===s.pathname&amp;&amp;n.search===s.search&amp;&amp;n.hash===s.hash||j===l(s))return;j=null,r=s,z?(z=!1,T()):k.confirmTransitionTo(r,"POP",i,function(e){var t,s,n,i,a;e?T({action:"POP",location:r}):(t=r,s=B.location,-1===(n=E.lastIndexOf(l(s)))&amp;&amp;(n=0),-1===(i=E.lastIndexOf(l(t)))&amp;&amp;(i=0),(a=n-i)&amp;&amp;(z=!0,O(a)))})}}var P=A(),$=v(P);P!==$&amp;&amp;q($);var R=w(),E=[l(R)];function O(e){t.go(e)}var C=0;function L(e){1===(C+=e)&amp;&amp;1===e?window.addEventListener(x,I):0===C&amp;&amp;window.removeEventListener(x,I)}var D=!1,B={length:t.length,action:"POP",location:R,createHref:function(e){var t=document.querySelector("base"),r="";return t&amp;&amp;t.getAttribute("href")&amp;&amp;(r=_(window.location.href)),r+"#"+v(p+l(e))},push:function(e,t){var r="PUSH",s=m(e,void 0,void 0,B.location);k.confirmTransitionTo(s,r,i,function(e){if(e){var t=l(s),n=v(p+t);if(A()!==n){j=t,window.location.hash=n;var i=E.lastIndexOf(l(B.location)),a=E.slice(0,i+1);a.push(t),E=a,T({action:r,location:s})}else T()}})},replace:function(e,t){var r="REPLACE",s=m(e,void 0,void 0,B.location);k.confirmTransitionTo(s,r,i,function(e){if(e){var t=l(s),n=v(p+t);A()!==n&amp;&amp;(j=t,q(n));var i=E.indexOf(l(B.location));-1!==i&amp;&amp;(E[i]=t),T({action:r,location:s})}})},go:O,goBack:function(){O(-1)},goForward:function(){O(1)},block:function(e){void 0===e&amp;&amp;(e=!1);var t=k.setPrompt(e);return D||(L(1),D=!0),function(){return D&amp;&amp;(D=!1,L(-1)),t()}},listen:function(e){var t=k.appendListener(e);return L(1),function(){L(-1),t()}}};return B}function T(e,t,r){return Math.min(Math.max(e,t),r)}function z(e){void 0===e&amp;&amp;(e={});var t=e,r=t.getUserConfirmation,n=t.initialEntries,i=void 0===n?["/"]:n,a=t.initialIndex,o=t.keyLength,c=void 0===o?6:o,p=h();function d(e){(0,s.Z)(v,e),v.length=v.entries.length,p.notifyListeners(v.location,v.action)}function u(){return Math.random().toString(36).substr(2,c)}var g=T(void 0===a?0:a,0,i.length-1),f=i.map(function(e){return"string"==typeof e?m(e,void 0,u()):m(e,void 0,e.key||u())});function y(e){var t=T(v.index+e,0,v.entries.length-1),s=v.entries[t];p.confirmTransitionTo(s,"POP",r,function(e){e?d({action:"POP",location:s,index:t}):d()})}var v={length:f.length,action:"POP",location:f[g],index:g,entries:f,createHref:l,push:function(e,t){var s="PUSH",n=m(e,t,u(),v.location);p.confirmTransitionTo(n,s,r,function(e){if(e){var t=v.index+1,r=v.entries.slice(0);r.length&gt;t?r.splice(t,r.length-t,n):r.push(n),d({action:s,location:n,index:t,entries:r})}})},replace:function(e,t){var s="REPLACE",n=m(e,t,u(),v.location);p.confirmTransitionTo(n,s,r,function(e){e&amp;&amp;(v.entries[v.index]=n,d({action:s,location:n}))})},go:y,goBack:function(){y(-1)},goForward:function(){y(1)},canGo:function(e){var t=v.index+e;return t&gt;=0&amp;&amp;t&lt;v.entries.length},block:function(e){return void 0===e&amp;&amp;(e=!1),p.setPrompt(e)},listen:function(e){return p.appendListener(e)}};return v}},373463:function(e,t,r){"use strict";var s=r(148570),n={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},o={};function c(e){return s.isMemo(e)?a:o[e.$$typeof]||n}o[s.ForwardRef]={$$typeof:!0,render:!0,defaultProps:!0,displayName:!0,propTypes:!0},o[s.Memo]=a;var p=Object.defineProperty,d=Object.getOwnPropertyNames,u=Object.getOwnPropertySymbols,l=Object.getOwnPropertyDescriptor,m=Object.getPrototypeOf,h=Object.prototype;e.exports=function e(t,r,s){if("string"!=typeof r){if(h){var n=m(r);n&amp;&amp;n!==h&amp;&amp;e(t,n,s)}var a=d(r);u&amp;&amp;(a=a.concat(u(r)));for(var o=c(t),g=c(r),f=0;f&lt;a.length;++f){var y=a[f];if(!i[y]&amp;&amp;!(s&amp;&amp;s[y])&amp;&amp;!(g&amp;&amp;g[y])&amp;&amp;!(o&amp;&amp;o[y])){var v=l(r,y);try{p(t,y,v)}catch(e){}}}}return t}},647677:function(e){"use strict";e.exports=function(e,t,r,s,n,i,a,o){if(!e){var c;if(void 0===t)c=Error("Minified exception occurred; use the non-minified dev environment for the full error message and additional helpful warnings.");else{var p=[r,s,n,i,a,o],d=0;(c=Error(t.replace(/%s/g,function(){return p[d++]}))).name="Invariant Violation"}throw c.framesToPop=1,c}}},692521:function(e){var t;t=function(){var e,t,r,s={};s.version="0.2.0";var n=s.settings={minimum:.08,easing:"ease",positionUsing:"",speed:200,trickle:!0,trickleRate:.02,trickleSpeed:800,showSpinner:!0,barSelector:'[role="bar"]',spinnerSelector:'[role="spinner"]',parent:"body",template:'&lt;div class="bar" role="bar"&gt;&lt;div class="peg"&gt;&lt;/div&gt;&lt;/div&gt;&lt;div class="spinner" role="spinner"&gt;&lt;div class="spinner-icon"&gt;&lt;/div&gt;&lt;/div&gt;'};function i(e,t,r){return e&lt;t?t:e&gt;r?r:e}s.configure=function(e){var t,r;for(t in e)void 0!==(r=e[t])&amp;&amp;e.hasOwnProperty(t)&amp;&amp;(n[t]=r);return this},s.status=null,s.set=function(e){var t=s.isStarted();e=i(e,n.minimum,1),s.status=1===e?null:e;var r=s.render(!t),c=r.querySelector(n.barSelector),p=n.speed,d=n.easing;return r.offsetWidth,a(function(t){var i,a,u,l;""===n.positionUsing&amp;&amp;(n.positionUsing=s.getPositioningCSS()),o(c,(i=e,a=p,u=d,(l="translate3d"===n.positionUsing?{transform:"translate3d("+(-1+i)*100+"%,0,0)"}:"translate"===n.positionUsing?{transform:"translate("+(-1+i)*100+"%,0)"}:{"margin-left":(-1+i)*100+"%"}).transition="all "+a+"ms "+u,l)),1===e?(o(r,{transition:"none",opacity:1}),r.offsetWidth,setTimeout(function(){o(r,{transition:"all "+p+"ms linear",opacity:0}),setTimeout(function(){s.remove(),t()},p)},p)):setTimeout(t,p)}),this},s.isStarted=function(){return"number"==typeof s.status},s.start=function(){s.status||s.set(0);var e=function(){setTimeout(function(){s.status&amp;&amp;(s.trickle(),e())},n.trickleSpeed)};return n.trickle&amp;&amp;e(),this},s.done=function(e){return e||s.status?s.inc(.3+.5*Math.random()).set(1):this},s.inc=function(e){var t=s.status;return t?("number"!=typeof e&amp;&amp;(e=(1-t)*i(Math.random()*t,.1,.95)),t=i(t+e,0,.994),s.set(t)):s.start()},s.trickle=function(){return s.inc(Math.random()*n.trickleRate)},e=0,t=0,s.promise=function(r){return r&amp;&amp;"resolved"!==r.state()&amp;&amp;(0===t&amp;&amp;s.start(),e++,t++,r.always(function(){0==--t?(e=0,s.done()):s.set((e-t)/e)})),this},s.render=function(e){if(s.isRendered())return document.getElementById("nprogress");p(document.documentElement,"nprogress-busy");var t=document.createElement("div");t.id="nprogress",t.innerHTML=n.template;var r,i=t.querySelector(n.barSelector),a=e?"-100":(-1+(s.status||0))*100,c=document.querySelector(n.parent);return o(i,{transition:"all 0 linear",transform:"translate3d("+a+"%,0,0)"}),!n.showSpinner&amp;&amp;(r=t.querySelector(n.spinnerSelector))&amp;&amp;l(r),c!=document.body&amp;&amp;p(c,"nprogress-custom-parent"),c.appendChild(t),t},s.remove=function(){d(document.documentElement,"nprogress-busy"),d(document.querySelector(n.parent),"nprogress-custom-parent");var e=document.getElementById("nprogress");e&amp;&amp;l(e)},s.isRendered=function(){return!!document.getElementById("nprogress")},s.getPositioningCSS=function(){var e=document.body.style,t="WebkitTransform"in e?"Webkit":"MozTransform"in e?"Moz":"msTransform"in e?"ms":"OTransform"in e?"O":"";return t+"Perspective"in e?"translate3d":t+"Transform"in e?"translate":"margin"};var a=(r=[],function(e){r.push(e),1==r.length&amp;&amp;function e(){var t=r.shift();t&amp;&amp;t(e)}()}),o=function(){var e=["Webkit","O","Moz","ms"],t={};function r(r,s,n){var i;s=t[i=(i=s).replace(/^-ms-/,"ms-").replace(/-([\da-z])/gi,function(e,t){return t.toUpperCase()})]||(t[i]=function(t){var r=document.body.style;if(t in r)return t;for(var s,n=e.length,i=t.charAt(0).toUpperCase()+t.slice(1);n--;)if((s=e[n]+i)in r)return s;return t}(i)),r.style[s]=n}return function(e,t){var s,n,i=arguments;if(2==i.length)for(s in t)void 0!==(n=t[s])&amp;&amp;t.hasOwnProperty(s)&amp;&amp;r(e,s,n);else r(e,i[1],i[2])}}();function c(e,t){return("string"==typeof e?e:u(e)).indexOf(" "+t+" ")&gt;=0}function p(e,t){var r=u(e),s=r+t;c(r,t)||(e.className=s.substring(1))}function d(e,t){var r,s=u(e);c(e,t)&amp;&amp;(r=s.replace(" "+t+" "," "),e.className=r.substring(1,r.length-1))}function u(e){return(" "+(e.className||"")+" ").replace(/\s+/gi," ")}function l(e){e&amp;&amp;e.parentNode&amp;&amp;e.parentNode.removeChild(e)}return s},"function"==typeof define&amp;&amp;define.amd?define(t):e.exports=t()},478423:function(){!function(e){function t(e,t){return e.replace(/&lt;&lt;(\d+)&gt;&gt;/g,function(e,r){return"(?:"+t[+r]+")"})}function r(e,r,s){return RegExp(t(e,r),s||"")}function s(e,t){for(var r=0;r&lt;t;r++)e=e.replace(/&lt;&lt;self&gt;&gt;/g,function(){return"(?:"+e+")"});return e.replace(/&lt;&lt;self&gt;&gt;/g,"[^\\s\\S]")}var n="bool byte char decimal double dynamic float int long object sbyte short string uint ulong ushort var void",i="class enum interface record struct",a="add alias and ascending async await by descending from(?=\\s*(?:\\w|$)) get global group into init(?=\\s*;) join let nameof not notnull on or orderby partial remove select set unmanaged value when where with(?=\\s*{)",o="abstract as base break case catch checked const continue default delegate do else event explicit extern finally fixed for foreach goto if implicit in internal is lock namespace new null operator out override params private protected public readonly ref return sealed sizeof stackalloc static switch this throw try typeof unchecked unsafe using virtual volatile while yield";function c(e){return"\\b(?:"+e.trim().replace(/ /g,"|")+")\\b"}var p=c(i),d=RegExp(c(n+" "+i+" "+a+" "+o)),u=c(i+" "+a+" "+o),l=c(n+" "+i+" "+o),m=s(/&lt;(?:[^&lt;&gt;;=+\-*/%&amp;|^]|&lt;&lt;self&gt;&gt;)*&gt;/.source,2),h=s(/\((?:[^()]|&lt;&lt;self&gt;&gt;)*\)/.source,2),g=/@?\b[A-Za-z_]\w*\b/.source,f=t(/&lt;&lt;0&gt;&gt;(?:\s*&lt;&lt;1&gt;&gt;)?/.source,[g,m]),y=t(/(?!&lt;&lt;0&gt;&gt;)&lt;&lt;1&gt;&gt;(?:\s*\.\s*&lt;&lt;1&gt;&gt;)*/.source,[u,f]),v=/\[\s*(?:,\s*)*\]/.source,b=t(/&lt;&lt;0&gt;&gt;(?:\s*(?:\?\s*)?&lt;&lt;1&gt;&gt;)*(?:\s*\?)?/.source,[y,v]),w=t(/[^,()&lt;&gt;[\];=+\-*/%&amp;|^]|&lt;&lt;0&gt;&gt;|&lt;&lt;1&gt;&gt;|&lt;&lt;2&gt;&gt;/.source,[m,h,v]),x=t(/\(&lt;&lt;0&gt;&gt;+(?:,&lt;&lt;0&gt;&gt;+)+\)/.source,[w]),S=t(/(?:&lt;&lt;0&gt;&gt;|&lt;&lt;1&gt;&gt;)(?:\s*(?:\?\s*)?&lt;&lt;2&gt;&gt;)*(?:\s*\?)?/.source,[x,y,v]),_={keyword:d,punctuation:/[&lt;&gt;()?,.:[\]]/},A=/'(?:[^\r\n'\\]|\\.|\\[Uux][\da-fA-F]{1,8})'/.source,q=/"(?:\\.|[^\\"\r\n])*"/.source,k=/@"(?:""|\\[\s\S]|[^\\"])*"(?!")/.source;e.languages.csharp=e.languages.extend("clike",{string:[{pattern:r(/(^|[^$\\])&lt;&lt;0&gt;&gt;/.source,[k]),lookbehind:!0,greedy:!0},{pattern:r(/(^|[^@$\\])&lt;&lt;0&gt;&gt;/.source,[q]),lookbehind:!0,greedy:!0}],"class-name":[{pattern:r(/(\busing\s+static\s+)&lt;&lt;0&gt;&gt;(?=\s*;)/.source,[y]),lookbehind:!0,inside:_},{pattern:r(/(\busing\s+&lt;&lt;0&gt;&gt;\s*=\s*)&lt;&lt;1&gt;&gt;(?=\s*;)/.source,[g,S]),lookbehind:!0,inside:_},{pattern:r(/(\busing\s+)&lt;&lt;0&gt;&gt;(?=\s*=)/.source,[g]),lookbehind:!0},{pattern:r(/(\b&lt;&lt;0&gt;&gt;\s+)&lt;&lt;1&gt;&gt;/.source,[p,f]),lookbehind:!0,inside:_},{pattern:r(/(\bcatch\s*\(\s*)&lt;&lt;0&gt;&gt;/.source,[y]),lookbehind:!0,inside:_},{pattern:r(/(\bwhere\s+)&lt;&lt;0&gt;&gt;/.source,[g]),lookbehind:!0},{pattern:r(/(\b(?:is(?:\s+not)?|as)\s+)&lt;&lt;0&gt;&gt;/.source,[b]),lookbehind:!0,inside:_},{pattern:r(/\b&lt;&lt;0&gt;&gt;(?=\s+(?!&lt;&lt;1&gt;&gt;|with\s*\{)&lt;&lt;2&gt;&gt;(?:\s*[=,;:{)\]]|\s+(?:in|when)\b))/.source,[S,l,g]),inside:_}],keyword:d,number:/(?:\b0(?:x[\da-f_]*[\da-f]|b[01_]*[01])|(?:\B\.\d+(?:_+\d+)*|\b\d+(?:_+\d+)*(?:\.\d+(?:_+\d+)*)?)(?:e[-+]?\d+(?:_+\d+)*)?)(?:[dflmu]|lu|ul)?\b/i,operator:/&gt;&gt;=?|&lt;&lt;=?|[-=]&gt;|([-+&amp;|])\1|~|\?\?=?|[-+*/%&amp;|^!=&lt;&gt;]=?/,punctuation:/\?\.?|::|[{}[\];(),.:]/}),e.languages.insertBefore("csharp","number",{range:{pattern:/\.\./,alias:"operator"}}),e.languages.insertBefore("csharp","punctuation",{"named-parameter":{pattern:r(/([(,]\s*)&lt;&lt;0&gt;&gt;(?=\s*:)/.source,[g]),lookbehind:!0,alias:"punctuation"}}),e.languages.insertBefore("csharp","class-name",{namespace:{pattern:r(/(\b(?:namespace|using)\s+)&lt;&lt;0&gt;&gt;(?:\s*\.\s*&lt;&lt;0&gt;&gt;)*(?=\s*[;{])/.source,[g]),lookbehind:!0,inside:{punctuation:/\./}},"type-expression":{pattern:r(/(\b(?:default|sizeof|typeof)\s*\(\s*(?!\s))(?:[^()\s]|\s(?!\s)|&lt;&lt;0&gt;&gt;)*(?=\s*\))/.source,[h]),lookbehind:!0,alias:"class-name",inside:_},"return-type":{pattern:r(/&lt;&lt;0&gt;&gt;(?=\s+(?:&lt;&lt;1&gt;&gt;\s*(?:=&gt;|[({]|\.\s*this\s*\[)|this\s*\[))/.source,[S,y]),inside:_,alias:"class-name"},"constructor-invocation":{pattern:r(/(\bnew\s+)&lt;&lt;0&gt;&gt;(?=\s*[[({])/.source,[S]),lookbehind:!0,inside:_,alias:"class-name"},"generic-method":{pattern:r(/&lt;&lt;0&gt;&gt;\s*&lt;&lt;1&gt;&gt;(?=\s*\()/.source,[g,m]),inside:{function:r(/^&lt;&lt;0&gt;&gt;/.source,[g]),generic:{pattern:RegExp(m),alias:"class-name",inside:_}}},"type-list":{pattern:r(/\b((?:&lt;&lt;0&gt;&gt;\s+&lt;&lt;1&gt;&gt;|record\s+&lt;&lt;1&gt;&gt;\s*&lt;&lt;5&gt;&gt;|where\s+&lt;&lt;2&gt;&gt;)\s*:\s*)(?:&lt;&lt;3&gt;&gt;|&lt;&lt;4&gt;&gt;|&lt;&lt;1&gt;&gt;\s*&lt;&lt;5&gt;&gt;|&lt;&lt;6&gt;&gt;)(?:\s*,\s*(?:&lt;&lt;3&gt;&gt;|&lt;&lt;4&gt;&gt;|&lt;&lt;6&gt;&gt;))*(?=\s*(?:where|[{;]|=&gt;|$))/.source,[p,f,g,S,d.source,h,/\bnew\s*\(\s*\)/.source]),lookbehind:!0,inside:{"record-arguments":{pattern:r(/(^(?!new\s*\()&lt;&lt;0&gt;&gt;\s*)&lt;&lt;1&gt;&gt;/.source,[f,h]),lookbehind:!0,greedy:!0,inside:e.languages.csharp},keyword:d,"class-name":{pattern:RegExp(S),greedy:!0,inside:_},punctuation:/[,()]/}},preprocessor:{pattern:/(^[\t ]*)#.*/m,lookbehind:!0,alias:"property",inside:{directive:{pattern:/(#)\b(?:define|elif|else|endif|endregion|error|if|line|nullable|pragma|region|undef|warning)\b/,lookbehind:!0,alias:"keyword"}}}});var T=q+"|"+A,z=t(/\/(?![*/])|\/\/[^\r\n]*[\r\n]|\/\*(?:[^*]|\*(?!\/))*\*\/|&lt;&lt;0&gt;&gt;/.source,[T]),j=s(t(/[^"'/()]|&lt;&lt;0&gt;&gt;|\(&lt;&lt;self&gt;&gt;*\)/.source,[z]),2),I=/\b(?:assembly|event|field|method|module|param|property|return|type)\b/.source,P=t(/&lt;&lt;0&gt;&gt;(?:\s*\(&lt;&lt;1&gt;&gt;*\))?/.source,[y,j]);e.languages.insertBefore("csharp","class-name",{attribute:{pattern:r(/((?:^|[^\s\w&gt;)?])\s*\[\s*)(?:&lt;&lt;0&gt;&gt;\s*:\s*)?&lt;&lt;1&gt;&gt;(?:\s*,\s*&lt;&lt;1&gt;&gt;)*(?=\s*\])/.source,[I,P]),lookbehind:!0,greedy:!0,inside:{target:{pattern:r(/^&lt;&lt;0&gt;&gt;(?=\s*:)/.source,[I]),alias:"keyword"},"attribute-arguments":{pattern:r(/\(&lt;&lt;0&gt;&gt;*\)/.source,[j]),inside:e.languages.csharp},"class-name":{pattern:RegExp(y),inside:{punctuation:/\./}},punctuation:/[:,]/}}});var $=/:[^}\r\n]+/.source,R=s(t(/[^"'/()]|&lt;&lt;0&gt;&gt;|\(&lt;&lt;self&gt;&gt;*\)/.source,[z]),2),E=t(/\{(?!\{)(?:(?![}:])&lt;&lt;0&gt;&gt;)*&lt;&lt;1&gt;&gt;?\}/.source,[R,$]),O=s(t(/[^"'/()]|\/(?!\*)|\/\*(?:[^*]|\*(?!\/))*\*\/|&lt;&lt;0&gt;&gt;|\(&lt;&lt;self&gt;&gt;*\)/.source,[T]),2),C=t(/\{(?!\{)(?:(?![}:])&lt;&lt;0&gt;&gt;)*&lt;&lt;1&gt;&gt;?\}/.source,[O,$]);function L(t,s){return{interpolation:{pattern:r(/((?:^|[^{])(?:\{\{)*)&lt;&lt;0&gt;&gt;/.source,[t]),lookbehind:!0,inside:{"format-string":{pattern:r(/(^\{(?:(?![}:])&lt;&lt;0&gt;&gt;)*)&lt;&lt;1&gt;&gt;(?=\}$)/.source,[s,$]),lookbehind:!0,inside:{punctuation:/^:/}},punctuation:/^\{|\}$/,expression:{pattern:/[\s\S]+/,alias:"language-csharp",inside:e.languages.csharp}}},string:/[\s\S]+/}}e.languages.insertBefore("csharp","string",{"interpolation-string":[{pattern:r(/(^|[^\\])(?:\$@|@\$)"(?:""|\\[\s\S]|\{\{|&lt;&lt;0&gt;&gt;|[^\\{"])*"/.source,[E]),lookbehind:!0,greedy:!0,inside:L(E,R)},{pattern:r(/(^|[^@\\])\$"(?:\\.|\{\{|&lt;&lt;0&gt;&gt;|[^\\"{])*"/.source,[C]),lookbehind:!0,greedy:!0,inside:L(C,O)}],char:{pattern:RegExp(A),greedy:!0}}),e.languages.dotnet=e.languages.cs=e.languages.csharp}(Prism)},123502:function(){!function(e){function t(e,t){return"___"+e.toUpperCase()+t+"___"}Object.defineProperties(e.languages["markup-templating"]={},{buildPlaceholders:{value:function(r,s,n,i){if(r.language===s){var a=r.tokenStack=[];r.code=r.code.replace(n,function(e){if("function"==typeof i&amp;&amp;!i(e))return e;for(var n,o=a.length;-1!==r.code.indexOf(n=t(s,o));)++o;return a[o]=e,n}),r.grammar=e.languages.markup}}},tokenizePlaceholders:{value:function(r,s){if(r.language===s&amp;&amp;r.tokenStack){r.grammar=e.languages[s];var n=0,i=Object.keys(r.tokenStack);!function a(o){for(var c=0;c&lt;o.length&amp;&amp;!(n&gt;=i.length);c++){var p=o[c];if("string"==typeof p||p.content&amp;&amp;"string"==typeof p.content){var d=i[n],u=r.tokenStack[d],l="string"==typeof p?p:p.content,m=t(s,d),h=l.indexOf(m);if(h&gt;-1){++n;var g=l.substring(0,h),f=new e.Token(s,e.tokenize(u,r.grammar),"language-"+s,u),y=l.substring(h+m.length),v=[];g&amp;&amp;v.push.apply(v,a([g])),v.push(f),y&amp;&amp;v.push.apply(v,a([y])),"string"==typeof p?o.splice.apply(o,[c,1].concat(v)):p.content=v}}else p.content&amp;&amp;a(p.content)}return o}(r.tokens)}}}})}(Prism)},784999:function(){var e,t,r,s,n,i,a,o;t=/\/\*[\s\S]*?\*\/|\/\/.*|#(?!\[).*/,r=[{pattern:/\b(?:false|true)\b/i,alias:"boolean"},{pattern:/(::\s*)\b[a-z_]\w*\b(?!\s*\()/i,greedy:!0,lookbehind:!0},{pattern:/(\b(?:case|const)\s+)\b[a-z_]\w*(?=\s*[;=])/i,greedy:!0,lookbehind:!0},/\b(?:null)\b/i,/\b[A-Z_][A-Z0-9_]*\b(?!\s*\()/],s=/\b0b[01]+(?:_[01]+)*\b|\b0o[0-7]+(?:_[0-7]+)*\b|\b0x[\da-f]+(?:_[\da-f]+)*\b|(?:\b\d+(?:_\d+)*\.?(?:\d+(?:_\d+)*)?|\B\.\d+)(?:e[+-]?\d+)?/i,n=/&lt;?=&gt;|\?\?=?|\.{3}|\??-&gt;|[!=]=?=?|::|\*\*=?|--|\+\+|&amp;&amp;|\|\||&lt;&lt;|&gt;&gt;|[?~]|[/^|%*&amp;&lt;&gt;.+-]=?/,i=/[{}\[\](),:;]/,(e=Prism).languages.php={delimiter:{pattern:/\?&gt;$|^&lt;\?(?:php(?=\s)|=)?/i,alias:"important"},comment:t,variable:/\$+(?:\w+\b|(?=\{))/,package:{pattern:/(namespace\s+|use\s+(?:function\s+)?)(?:\\?\b[a-z_]\w*)+\b(?!\\)/i,lookbehind:!0,inside:{punctuation:/\\/}},"class-name-definition":{pattern:/(\b(?:class|enum|interface|trait)\s+)\b[a-z_]\w*(?!\\)\b/i,lookbehind:!0,alias:"class-name"},"function-definition":{pattern:/(\bfunction\s+)[a-z_]\w*(?=\s*\()/i,lookbehind:!0,alias:"function"},keyword:[{pattern:/(\(\s*)\b(?:array|bool|boolean|float|int|integer|object|string)\b(?=\s*\))/i,alias:"type-casting",greedy:!0,lookbehind:!0},{pattern:/([(,?]\s*)\b(?:array(?!\s*\()|bool|callable|(?:false|null)(?=\s*\|)|float|int|iterable|mixed|object|self|static|string)\b(?=\s*\$)/i,alias:"type-hint",greedy:!0,lookbehind:!0},{pattern:/(\)\s*:\s*(?:\?\s*)?)\b(?:array(?!\s*\()|bool|callable|(?:false|null)(?=\s*\|)|float|int|iterable|mixed|never|object|self|static|string|void)\b/i,alias:"return-type",greedy:!0,lookbehind:!0},{pattern:/\b(?:array(?!\s*\()|bool|float|int|iterable|mixed|object|string|void)\b/i,alias:"type-declaration",greedy:!0},{pattern:/(\|\s*)(?:false|null)\b|\b(?:false|null)(?=\s*\|)/i,alias:"type-declaration",greedy:!0,lookbehind:!0},{pattern:/\b(?:parent|self|static)(?=\s*::)/i,alias:"static-context",greedy:!0},{pattern:/(\byield\s+)from\b/i,lookbehind:!0},/\bclass\b/i,{pattern:/((?:^|[^\s&gt;:]|(?:^|[^-])&gt;|(?:^|[^:]):)\s*)\b(?:abstract|and|array|as|break|callable|case|catch|clone|const|continue|declare|default|die|do|echo|else|elseif|empty|enddeclare|endfor|endforeach|endif|endswitch|endwhile|enum|eval|exit|extends|final|finally|fn|for|foreach|function|global|goto|if|implements|include|include_once|instanceof|insteadof|interface|isset|list|match|namespace|never|new|or|parent|print|private|protected|public|readonly|require|require_once|return|self|static|switch|throw|trait|try|unset|use|var|while|xor|yield|__halt_compiler)\b/i,lookbehind:!0}],"argument-name":{pattern:/([(,]\s*)\b[a-z_]\w*(?=\s*:(?!:))/i,lookbehind:!0},"class-name":[{pattern:/(\b(?:extends|implements|instanceof|new(?!\s+self|\s+static))\s+|\bcatch\s*\()\b[a-z_]\w*(?!\\)\b/i,greedy:!0,lookbehind:!0},{pattern:/(\|\s*)\b[a-z_]\w*(?!\\)\b/i,greedy:!0,lookbehind:!0},{pattern:/\b[a-z_]\w*(?!\\)\b(?=\s*\|)/i,greedy:!0},{pattern:/(\|\s*)(?:\\?\b[a-z_]\w*)+\b/i,alias:"class-name-fully-qualified",greedy:!0,lookbehind:!0,inside:{punctuation:/\\/}},{pattern:/(?:\\?\b[a-z_]\w*)+\b(?=\s*\|)/i,alias:"class-name-fully-qualified",greedy:!0,inside:{punctuation:/\\/}},{pattern:/(\b(?:extends|implements|instanceof|new(?!\s+self\b|\s+static\b))\s+|\bcatch\s*\()(?:\\?\b[a-z_]\w*)+\b(?!\\)/i,alias:"class-name-fully-qualified",greedy:!0,lookbehind:!0,inside:{punctuation:/\\/}},{pattern:/\b[a-z_]\w*(?=\s*\$)/i,alias:"type-declaration",greedy:!0},{pattern:/(?:\\?\b[a-z_]\w*)+(?=\s*\$)/i,alias:["class-name-fully-qualified","type-declaration"],greedy:!0,inside:{punctuation:/\\/}},{pattern:/\b[a-z_]\w*(?=\s*::)/i,alias:"static-context",greedy:!0},{pattern:/(?:\\?\b[a-z_]\w*)+(?=\s*::)/i,alias:["class-name-fully-qualified","static-context"],greedy:!0,inside:{punctuation:/\\/}},{pattern:/([(,?]\s*)[a-z_]\w*(?=\s*\$)/i,alias:"type-hint",greedy:!0,lookbehind:!0},{pattern:/([(,?]\s*)(?:\\?\b[a-z_]\w*)+(?=\s*\$)/i,alias:["class-name-fully-qualified","type-hint"],greedy:!0,lookbehind:!0,inside:{punctuation:/\\/}},{pattern:/(\)\s*:\s*(?:\?\s*)?)\b[a-z_]\w*(?!\\)\b/i,alias:"return-type",greedy:!0,lookbehind:!0},{pattern:/(\)\s*:\s*(?:\?\s*)?)(?:\\?\b[a-z_]\w*)+\b(?!\\)/i,alias:["class-name-fully-qualified","return-type"],greedy:!0,lookbehind:!0,inside:{punctuation:/\\/}}],constant:r,function:{pattern:/(^|[^\\\w])\\?[a-z_](?:[\w\\]*\w)?(?=\s*\()/i,lookbehind:!0,inside:{punctuation:/\\/}},property:{pattern:/(-&gt;\s*)\w+/,lookbehind:!0},number:s,operator:n,punctuation:i},o=[{pattern:/&lt;&lt;&lt;'([^']+)'[\r\n](?:.*[\r\n])*?\1;/,alias:"nowdoc-string",greedy:!0,inside:{delimiter:{pattern:/^&lt;&lt;&lt;'[^']+'|[a-z_]\w*;$/i,alias:"symbol",inside:{punctuation:/^&lt;&lt;&lt;'?|[';]$/}}}},{pattern:/&lt;&lt;&lt;(?:"([^"]+)"[\r\n](?:.*[\r\n])*?\1;|([a-z_]\w*)[\r\n](?:.*[\r\n])*?\2;)/i,alias:"heredoc-string",greedy:!0,inside:{delimiter:{pattern:/^&lt;&lt;&lt;(?:"[^"]+"|[a-z_]\w*)|[a-z_]\w*;$/i,alias:"symbol",inside:{punctuation:/^&lt;&lt;&lt;"?|[";]$/}},interpolation:a={pattern:/\{\$(?:\{(?:\{[^{}]+\}|[^{}]+)\}|[^{}])+\}|(^|[^\\{])\$+(?:\w+(?:\[[^\r\n\[\]]+\]|-&gt;\w+)?)/,lookbehind:!0,inside:e.languages.php}}},{pattern:/`(?:\\[\s\S]|[^\\`])*`/,alias:"backtick-quoted-string",greedy:!0},{pattern:/'(?:\\[\s\S]|[^\\'])*'/,alias:"single-quoted-string",greedy:!0},{pattern:/"(?:\\[\s\S]|[^\\"])*"/,alias:"double-quoted-string",greedy:!0,inside:{interpolation:a}}],e.languages.insertBefore("php","variable",{string:o,attribute:{pattern:/#\[(?:[^"'\/#]|\/(?![*/])|\/\/.*$|#(?!\[).*$|\/\*(?:[^*]|\*(?!\/))*\*\/|"(?:\\[\s\S]|[^\\"])*"|'(?:\\[\s\S]|[^\\'])*')+\](?=\s*[a-z$#])/im,greedy:!0,inside:{"attribute-content":{pattern:/^(#\[)[\s\S]+(?=\]$)/,lookbehind:!0,inside:{comment:t,string:o,"attribute-class-name":[{pattern:/([^:]|^)\b[a-z_]\w*(?!\\)\b/i,alias:"class-name",greedy:!0,lookbehind:!0},{pattern:/([^:]|^)(?:\\?\b[a-z_]\w*)+/i,alias:["class-name","class-name-fully-qualified"],greedy:!0,lookbehind:!0,inside:{punctuation:/\\/}}],constant:r,number:s,operator:n,punctuation:i}},delimiter:{pattern:/^#\[|\]$/,alias:"punctuation"}}}}),e.hooks.add("before-tokenize",function(t){/&lt;\?/.test(t.code)&amp;&amp;e.languages["markup-templating"].buildPlaceholders(t,"php",/&lt;\?(?:[^"'/#]|\/(?![*/])|("|')(?:\\[\s\S]|(?!\1)[^\\])*\1|(?:\/\/|#(?!\[))(?:[^?\n\r]|\?(?!&gt;))*(?=$|\?&gt;|[\r\n])|#\[|\/\*(?:[^*]|\*(?!\/))*(?:\*\/|$))*?(?:\?&gt;|$)/g)}),e.hooks.add("after-tokenize",function(t){e.languages["markup-templating"].tokenizePlaceholders(t,"php")})},382625:function(){var e,t,r,s;(e=Prism).languages.ruby=e.languages.extend("clike",{comment:{pattern:/#.*|^=begin\s[\s\S]*?^=end/m,greedy:!0},"class-name":{pattern:/(\b(?:class|module)\s+|\bcatch\s+\()[\w.\\]+|\b[A-Z_]\w*(?=\s*\.\s*new\b)/,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:BEGIN|END|alias|and|begin|break|case|class|def|define_method|defined|do|each|else|elsif|end|ensure|extend|for|if|in|include|module|new|next|nil|not|or|prepend|private|protected|public|raise|redo|require|rescue|retry|return|self|super|then|throw|undef|unless|until|when|while|yield)\b/,operator:/\.{2,3}|&amp;\.|===|&lt;?=&gt;|[!=]?~|(?:&amp;&amp;|\|\||&lt;&lt;|&gt;&gt;|\*\*|[+\-*/%&lt;&gt;!^&amp;|=])=?|[?:]/,punctuation:/[(){}[\].,;]/}),e.languages.insertBefore("ruby","operator",{"double-colon":{pattern:/::/,alias:"punctuation"}}),t={pattern:/((?:^|[^\\])(?:\\{2})*)#\{(?:[^{}]|\{[^{}]*\})*\}/,lookbehind:!0,inside:{content:{pattern:/^(#\{)[\s\S]+(?=\}$)/,lookbehind:!0,inside:e.languages.ruby},delimiter:{pattern:/^#\{|\}$/,alias:"punctuation"}}},delete e.languages.ruby.function,r="(?:"+[/([^a-zA-Z0-9\s{(\[&lt;=])(?:(?!\1)[^\\]|\\[\s\S])*\1/.source,/\((?:[^()\\]|\\[\s\S]|\((?:[^()\\]|\\[\s\S])*\))*\)/.source,/\{(?:[^{}\\]|\\[\s\S]|\{(?:[^{}\\]|\\[\s\S])*\})*\}/.source,/\[(?:[^\[\]\\]|\\[\s\S]|\[(?:[^\[\]\\]|\\[\s\S])*\])*\]/.source,/&lt;(?:[^&lt;&gt;\\]|\\[\s\S]|&lt;(?:[^&lt;&gt;\\]|\\[\s\S])*&gt;)*&gt;/.source].join("|")+")",s=/(?:"(?:\\.|[^"\\\r\n])*"|(?:\b[a-zA-Z_]\w*|[^\s\0-\x7F]+)[?!]?|\$.)/.source,e.languages.insertBefore("ruby","keyword",{"regex-literal":[{pattern:RegExp(/%r/.source+r+/[egimnosux]{0,6}/.source),greedy:!0,inside:{interpolation:t,regex:/[\s\S]+/}},{pattern:/(^|[^/])\/(?!\/)(?:\[[^\r\n\]]+\]|\\.|[^[/\\\r\n])+\/[egimnosux]{0,6}(?=\s*(?:$|[\r\n,.;})#]))/,lookbehind:!0,greedy:!0,inside:{interpolation:t,regex:/[\s\S]+/}}],variable:/[@$]+[a-zA-Z_]\w*(?:[?!]|\b)/,symbol:[{pattern:RegExp(/(^|[^:]):/.source+s),lookbehind:!0,greedy:!0},{pattern:RegExp(/([\r\n{(,][ \t]*)/.source+s+/(?=:(?!:))/.source),lookbehind:!0,greedy:!0}],"method-definition":{pattern:/(\bdef\s+)\w+(?:\s*\.\s*\w+)?/,lookbehind:!0,inside:{function:/\b\w+$/,keyword:/^self\b/,"class-name":/^\w+/,punctuation:/\./}}}),e.languages.insertBefore("ruby","string",{"string-literal":[{pattern:RegExp(/%[qQiIwWs]?/.source+r),greedy:!0,inside:{interpolation:t,string:/[\s\S]+/}},{pattern:/("|')(?:#\{[^}]+\}|#(?!\{)|\\(?:\r\n|[\s\S])|(?!\1)[^\\#\r\n])*\1/,greedy:!0,inside:{interpolation:t,string:/[\s\S]+/}},{pattern:/&lt;&lt;[-~]?([a-z_]\w*)[\r\n](?:.*[\r\n])*?[\t ]*\1/i,alias:"heredoc-string",greedy:!0,inside:{delimiter:{pattern:/^&lt;&lt;[-~]?[a-z_]\w*|\b[a-z_]\w*$/i,inside:{symbol:/\b\w+/,punctuation:/^&lt;&lt;[-~]?/}},interpolation:t,string:/[\s\S]+/}},{pattern:/&lt;&lt;[-~]?'([a-z_]\w*)'[\r\n](?:.*[\r\n])*?[\t ]*\1/i,alias:"heredoc-string",greedy:!0,inside:{delimiter:{pattern:/^&lt;&lt;[-~]?'[a-z_]\w*'|\b[a-z_]\w*$/i,inside:{symbol:/\b\w+/,punctuation:/^&lt;&lt;[-~]?'|'$/}},string:/[\s\S]+/}}],"command-literal":[{pattern:RegExp(/%x/.source+r),greedy:!0,inside:{interpolation:t,command:{pattern:/[\s\S]+/,alias:"string"}}},{pattern:/`(?:#\{[^}]+\}|#(?!\{)|\\(?:\r\n|[\s\S])|[^\\`#\r\n])*`/,greedy:!0,inside:{interpolation:t,command:{pattern:/[\s\S]+/,alias:"string"}}}]}),delete e.languages.ruby.string,e.languages.insertBefore("ruby","number",{builtin:/\b(?:Array|Bignum|Binding|Class|Continuation|Dir|Exception|FalseClass|File|Fixnum|Float|Hash|IO|Integer|MatchData|Method|Module|NilClass|Numeric|Object|Proc|Range|Regexp|Stat|String|Struct|Symbol|TMS|Thread|ThreadGroup|Time|TrueClass)\b/,constant:/\b[A-Z][A-Z0-9_]*(?:[?!]|\b)/}),e.languages.rb=e.languages.ruby},916512:function(e,t,r){var s={"./prism-csharp":"478423","./prism-php":"784999","./prism-ruby":"382625"};function n(e){return r(i(e))}function i(e){if(!r.o(s,e)){var t=Error("Cannot find module '"+e+"'");throw t.code="MODULE_NOT_FOUND",t}return s[e]}n.keys=function(){return Object.keys(s)},n.resolve=i,e.exports=n,n.id="916512"},768262:function(e,t,r){"use strict";var s=r(623586);function n(){}function i(){}i.resetWarningCache=n,e.exports=function(){function e(e,t,r,n,i,a){if(a!==s){var o=Error("Calling PropTypes validators directly is not supported by the `prop-types` package. Use PropTypes.checkPropTypes() to call them. Read more at http://fb.me/use-check-prop-types");throw o.name="Invariant Violation",o}}function t(){return e}e.isRequired=e;var r={array:e,bigint:e,bool:e,func:e,number:e,object:e,string:e,symbol:e,any:e,arrayOf:t,element:e,elementType:e,instanceOf:t,node:e,objectOf:t,oneOf:t,oneOfType:t,shape:t,exact:t,checkPropTypes:i,resetWarningCache:n};return r.PropTypes=r,r}},213980:function(e,t,r){e.exports=r(768262)()},623586:function(e){"use strict";e.exports="SECRET_DO_NOT_PASS_THIS_OR_YOU_WILL_BE_FIRED"},122802:function(e,t,r){"use strict";var s,n,i=r(714616),a=r(202784),o=r(928316);function c(e){var t="https://react.dev/errors/"+e;if(1&lt;arguments.length){t+="?args[]="+encodeURIComponent(arguments[1]);for(var r=2;r&lt;arguments.length;r++)t+="&amp;args[]="+encodeURIComponent(arguments[r])}return"Minified React error #"+e+"; visit "+t+" for the full message or use the non-minified dev environment for full errors and additional helpful warnings."}function p(e){return!(!e||1!==e.nodeType&amp;&amp;9!==e.nodeType&amp;&amp;11!==e.nodeType)}var d=Symbol.for("react.element"),u=Symbol.for("react.transitional.element"),l=Symbol.for("react.portal"),m=Symbol.for("react.fragment"),h=Symbol.for("react.strict_mode"),g=Symbol.for("react.profiler"),f=Symbol.for("react.provider"),y=Symbol.for("react.consumer"),v=Symbol.for("react.context"),b=Symbol.for("react.forward_ref"),w=Symbol.for("react.suspense"),x=Symbol.for("react.suspense_list"),S=Symbol.for("react.memo"),_=Symbol.for("react.lazy");Symbol.for("react.scope"),Symbol.for("react.debug_trace_mode");var A=Symbol.for("react.offscreen");Symbol.for("react.legacy_hidden"),Symbol.for("react.tracing_marker");var q=Symbol.for("react.memo_cache_sentinel"),k=Symbol.iterator;function T(e){return null===e||"object"!=typeof e?null:"function"==typeof(e=k&amp;&amp;e[k]||e["@@iterator"])?e:null}var z,j,I=Symbol.for("react.client.reference"),P=a.__CLIENT_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE,$=Object.assign;function R(e){if(void 0===z)try{throw Error()}catch(e){var t=e.stack.trim().match(/\n( *(at )?)/);z=t&amp;&amp;t[1]||"",j=-1&lt;e.stack.indexOf("\n    at")?" (&lt;anonymous&gt;)":-1&lt;e.stack.indexOf("@")?"@unknown:0:0":""}return"\n"+z+e+j}var E=!1;function O(e,t){if(!e||E)return"";E=!0;var r=Error.prepareStackTrace;Error.prepareStackTrace=void 0;try{var s={DetermineComponentFrameRoot:function(){try{if(t){var r=function(){throw Error()};if(Object.defineProperty(r.prototype,"props",{set:function(){throw Error()}}),"object"==typeof Reflect&amp;&amp;Reflect.construct){try{Reflect.construct(r,[])}catch(e){var s=e}Reflect.construct(e,[],r)}else{try{r.call()}catch(e){s=e}e.call(r.prototype)}}else{try{throw Error()}catch(e){s=e}(r=e())&amp;&amp;"function"==typeof r.catch&amp;&amp;r.catch(function(){})}}catch(e){if(e&amp;&amp;s&amp;&amp;"string"==typeof e.stack)return[e.stack,s.stack]}return[null,null]}};s.DetermineComponentFrameRoot.displayName="DetermineComponentFrameRoot";var n=Object.getOwnPropertyDescriptor(s.DetermineComponentFrameRoot,"name");n&amp;&amp;n.configurable&amp;&amp;Object.defineProperty(s.DetermineComponentFrameRoot,"name",{value:"DetermineComponentFrameRoot"});var i=s.DetermineComponentFrameRoot(),a=i[0],o=i[1];if(a&amp;&amp;o){var c=a.split("\n"),p=o.split("\n");for(n=s=0;s&lt;c.length&amp;&amp;!c[s].includes("DetermineComponentFrameRoot");)s++;for(;n&lt;p.length&amp;&amp;!p[n].includes("DetermineComponentFrameRoot");)n++;if(s===c.length||n===p.length)for(s=c.length-1,n=p.length-1;1&lt;=s&amp;&amp;0&lt;=n&amp;&amp;c[s]!==p[n];)n--;for(;1&lt;=s&amp;&amp;0&lt;=n;s--,n--)if(c[s]!==p[n]){if(1!==s||1!==n)do if(s--,n--,0&gt;n||c[s]!==p[n]){var d="\n"+c[s].replace(" at new "," at ");return e.displayName&amp;&amp;d.includes("&lt;anonymous&gt;")&amp;&amp;(d=d.replace("&lt;anonymous&gt;",e.displayName)),d}while(1&lt;=s&amp;&amp;0&lt;=n);break}}}finally{E=!1,Error.prepareStackTrace=r}return(r=e?e.displayName||e.name:"")?R(r):""}function C(e){try{var t="";do t+=function(e){switch(e.tag){case 26:case 27:case 5:return R(e.type);case 16:return R("Lazy");case 13:return R("Suspense");case 19:return R("SuspenseList");case 0:case 15:return e=O(e.type,!1);case 11:return e=O(e.type.render,!1);case 1:return e=O(e.type,!0);default:return""}}(e),e=e.return;while(e);return t}catch(e){return"\nError generating stack: "+e.message+"\n"+e.stack}}function L(e){var t=e,r=e;if(e.alternate)for(;t.return;)t=t.return;else{e=t;do 0!=(4098&amp;(t=e).flags)&amp;&amp;(r=t.return),e=t.return;while(e)}return 3===t.tag?r:null}function D(e){if(13===e.tag){var t=e.memoizedState;if(null===t&amp;&amp;null!==(e=e.alternate)&amp;&amp;(t=e.memoizedState),null!==t)return t.dehydrated}return null}function B(e){if(L(e)!==e)throw Error(c(188))}var N=Array.isArray,G=o.__DOM_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE,W={pending:!1,data:null,method:null,action:null},M=[],U=-1;function F(e){return{current:e}}function H(e){0&gt;U||(e.current=M[U],M[U]=null,U--)}function V(e,t){M[++U]=e.current,e.current=t}var Q=F(null),K=F(null),J=F(null),X=F(null);function Y(e,t){switch(V(J,t),V(K,e),V(Q,null),e=t.nodeType){case 9:case 11:t=(t=t.documentElement)&amp;&amp;(t=t.namespaceURI)?c9(t):0;break;default:if(t=(e=8===e?t.parentNode:t).tagName,e=e.namespaceURI)t=c7(e=c9(e),t);else switch(t){case"svg":t=1;break;case"math":t=2;break;default:t=0}}H(Q),V(Q,t)}function Z(){H(Q),H(K),H(J)}function ee(e){null!==e.memoizedState&amp;&amp;V(X,e);var t=Q.current,r=c7(t,e.type);t!==r&amp;&amp;(V(K,e),V(Q,r))}function et(e){K.current===e&amp;&amp;(H(Q),H(K)),X.current===e&amp;&amp;(H(X),pC._currentValue=W)}var er=Object.prototype.hasOwnProperty,es=i.unstable_scheduleCallback,en=i.unstable_cancelCallback,ei=i.unstable_shouldYield,ea=i.unstable_requestPaint,eo=i.unstable_now,ec=i.unstable_getCurrentPriorityLevel,ep=i.unstable_ImmediatePriority,ed=i.unstable_UserBlockingPriority,eu=i.unstable_NormalPriority,el=i.unstable_LowPriority,em=i.unstable_IdlePriority,eh=i.log,eg=i.unstable_setDisableYieldValue,ef=null,ey=null;function ev(e){if("function"==typeof eh&amp;&amp;eg(e),ey&amp;&amp;"function"==typeof ey.setStrictMode)try{ey.setStrictMode(ef,e)}catch(e){}}var eb=Math.clz32?Math.clz32:function(e){return 0==(e&gt;&gt;&gt;=0)?32:31-(ew(e)/ex|0)|0},ew=Math.log,ex=Math.LN2,eS=128,e_=4194304;function eA(e){var t=42&amp;e;if(0!==t)return t;switch(e&amp;-e){case 1:return 1;case 2:return 2;case 4:return 4;case 8:return 8;case 16:return 16;case 32:return 32;case 64:return 64;case 128:case 256:case 512:case 1024:case 2048:case 4096:case 8192:case 16384:case 32768:case 65536:case 131072:case 262144:case 524288:case 1048576:case 2097152:return 4194176&amp;e;case 4194304:case 8388608:case 0x1000000:case 0x2000000:return 0x3c00000&amp;e;case 0x4000000:return 0x4000000;case 0x8000000:return 0x8000000;case 0x10000000:return 0x10000000;case 0x20000000:return 0x20000000;case 0x40000000:return 0;default:return e}}function eq(e,t){var r=e.pendingLanes;if(0===r)return 0;var s=0,n=e.suspendedLanes,i=e.pingedLanes,a=e.warmLanes;e=0!==e.finishedLanes;var o=0x7ffffff&amp;r;return 0!==o?0!=(r=o&amp;~n)?s=eA(r):0!=(i&amp;=o)?s=eA(i):e||0!=(a=o&amp;~a)&amp;&amp;(s=eA(a)):0!=(o=r&amp;~n)?s=eA(o):0!==i?s=eA(i):e||0!=(a=r&amp;~a)&amp;&amp;(s=eA(a)),0===s?0:0!==t&amp;&amp;t!==s&amp;&amp;0==(t&amp;n)&amp;&amp;((n=s&amp;-s)&gt;=(a=t&amp;-t)||32===n&amp;&amp;0!=(4194176&amp;a))?t:s}function ek(e,t){return 0==(e.pendingLanes&amp;~(e.suspendedLanes&amp;~e.pingedLanes)&amp;t)}function eT(){var e=eS;return 0==(4194176&amp;(eS&lt;&lt;=1))&amp;&amp;(eS=128),e}function ez(){var e=e_;return 0==(0x3c00000&amp;(e_&lt;&lt;=1))&amp;&amp;(e_=4194304),e}function ej(e){for(var t=[],r=0;31&gt;r;r++)t.push(e);return t}function eI(e,t){e.pendingLanes|=t,0x10000000!==t&amp;&amp;(e.suspendedLanes=0,e.pingedLanes=0,e.warmLanes=0)}function eP(e,t,r){e.pendingLanes|=t,e.suspendedLanes&amp;=~t;var s=31-eb(t);e.entangledLanes|=t,e.entanglements[s]=0x40000000|e.entanglements[s]|4194218&amp;r}function e$(e,t){var r=e.entangledLanes|=t;for(e=e.entanglements;r;){var s=31-eb(r),n=1&lt;&lt;s;n&amp;t|e[s]&amp;t&amp;&amp;(e[s]|=t),r&amp;=~n}}function eR(e){return 2&lt;(e&amp;=-e)?8&lt;e?0!=(0x7ffffff&amp;e)?32:0x10000000:8:2}function eE(){var e=G.p;return 0!==e?e:void 0===(e=window.event)?32:pX(e.type)}var eO=Math.random().toString(36).slice(2),eC="__reactFiber$"+eO,eL="__reactProps$"+eO,eD="__reactContainer$"+eO,eB="__reactEvents$"+eO,eN="__reactListeners$"+eO,eG="__reactHandles$"+eO,eW="__reactResources$"+eO,eM="__reactMarker$"+eO;function eU(e){delete e[eC],delete e[eL],delete e[eB],delete e[eN],delete e[eG]}function eF(e){var t=e[eC];if(t)return t;for(var r=e.parentNode;r;){if(t=r[eD]||r[eC]){if(r=t.alternate,null!==t.child||null!==r&amp;&amp;null!==r.child)for(e=pc(e);null!==e;){if(r=e[eC])return r;e=pc(e)}return t}r=(e=r).parentNode}return null}function eH(e){if(e=e[eC]||e[eD]){var t=e.tag;if(5===t||6===t||13===t||26===t||27===t||3===t)return e}return null}function eV(e){var t=e.tag;if(5===t||26===t||27===t||6===t)return e.stateNode;throw Error(c(33))}function eQ(e){var t=e[eW];return t||(t=e[eW]={hoistableStyles:new Map,hoistableScripts:new Map}),t}function eK(e){e[eM]=!0}var eJ=new Set,eX={};function eY(e,t){eZ(e,t),eZ(e+"Capture",t)}function eZ(e,t){for(eX[e]=t,e=0;e&lt;t.length;e++)eJ.add(t[e])}var e1=!("undefined"==typeof window||void 0===window.document||void 0===window.document.createElement),e2=RegExp("^[:A-Z_a-z\\u00C0-\\u00D6\\u00D8-\\u00F6\\u00F8-\\u02FF\\u0370-\\u037D\\u037F-\\u1FFF\\u200C-\\u200D\\u2070-\\u218F\\u2C00-\\u2FEF\\u3001-\\uD7FF\\uF900-\\uFDCF\\uFDF0-\\uFFFD][:A-Z_a-z\\u00C0-\\u00D6\\u00D8-\\u00F6\\u00F8-\\u02FF\\u0370-\\u037D\\u037F-\\u1FFF\\u200C-\\u200D\\u2070-\\u218F\\u2C00-\\u2FEF\\u3001-\\uD7FF\\uF900-\\uFDCF\\uFDF0-\\uFFFD\\-.0-9\\u00B7\\u0300-\\u036F\\u203F-\\u2040]*$"),e0={},e4={};function e8(e,t,r){if(er.call(e4,t)||!er.call(e0,t)&amp;&amp;(e2.test(t)?e4[t]=!0:(e0[t]=!0,!1))){if(null===r)e.removeAttribute(t);else{switch(typeof r){case"undefined":case"function":case"symbol":e.removeAttribute(t);return;case"boolean":var s=t.toLowerCase().slice(0,5);if("data-"!==s&amp;&amp;"aria-"!==s){e.removeAttribute(t);return}}e.setAttribute(t,""+r)}}}function e6(e,t,r){if(null===r)e.removeAttribute(t);else{switch(typeof r){case"undefined":case"function":case"symbol":case"boolean":e.removeAttribute(t);return}e.setAttribute(t,""+r)}}function e9(e,t,r,s){if(null===s)e.removeAttribute(r);else{switch(typeof s){case"undefined":case"function":case"symbol":case"boolean":e.removeAttribute(r);return}e.setAttributeNS(t,r,""+s)}}function e7(e){switch(typeof e){case"bigint":case"boolean":case"number":case"string":case"undefined":case"object":return e;default:return""}}function e3(e){var t=e.type;return(e=e.nodeName)&amp;&amp;"input"===e.toLowerCase()&amp;&amp;("checkbox"===t||"radio"===t)}function e5(e){e._valueTracker||(e._valueTracker=function(e){var t=e3(e)?"checked":"value",r=Object.getOwnPropertyDescriptor(e.constructor.prototype,t),s=""+e[t];if(!e.hasOwnProperty(t)&amp;&amp;void 0!==r&amp;&amp;"function"==typeof r.get&amp;&amp;"function"==typeof r.set){var n=r.get,i=r.set;return Object.defineProperty(e,t,{configurable:!0,get:function(){return n.call(this)},set:function(e){s=""+e,i.call(this,e)}}),Object.defineProperty(e,t,{enumerable:r.enumerable}),{getValue:function(){return s},setValue:function(e){s=""+e},stopTracking:function(){e._valueTracker=null,delete e[t]}}}}(e))}function te(e){if(!e)return!1;var t=e._valueTracker;if(!t)return!0;var r=t.getValue(),s="";return e&amp;&amp;(s=e3(e)?e.checked?"true":"false":e.value),(e=s)!==r&amp;&amp;(t.setValue(e),!0)}function tt(e){if(void 0===(e=e||("undefined"!=typeof document?document:void 0)))return null;try{return e.activeElement||e.body}catch(t){return e.body}}var tr=/[\n"\\]/g;function ts(e){return e.replace(tr,function(e){return"\\"+e.charCodeAt(0).toString(16)+" "})}function tn(e,t,r,s,n,i,a,o){e.name="",null!=a&amp;&amp;"function"!=typeof a&amp;&amp;"symbol"!=typeof a&amp;&amp;"boolean"!=typeof a?e.type=a:e.removeAttribute("type"),null!=t?"number"===a?(0===t&amp;&amp;""===e.value||e.value!=t)&amp;&amp;(e.value=""+e7(t)):e.value!==""+e7(t)&amp;&amp;(e.value=""+e7(t)):"submit"!==a&amp;&amp;"reset"!==a||e.removeAttribute("value"),null!=t?ta(e,a,e7(t)):null!=r?ta(e,a,e7(r)):null!=s&amp;&amp;e.removeAttribute("value"),null==n&amp;&amp;null!=i&amp;&amp;(e.defaultChecked=!!i),null!=n&amp;&amp;(e.checked=n&amp;&amp;"function"!=typeof n&amp;&amp;"symbol"!=typeof n),null!=o&amp;&amp;"function"!=typeof o&amp;&amp;"symbol"!=typeof o&amp;&amp;"boolean"!=typeof o?e.name=""+e7(o):e.removeAttribute("name")}function ti(e,t,r,s,n,i,a,o){if(null!=i&amp;&amp;"function"!=typeof i&amp;&amp;"symbol"!=typeof i&amp;&amp;"boolean"!=typeof i&amp;&amp;(e.type=i),null!=t||null!=r){if(!("submit"!==i&amp;&amp;"reset"!==i||null!=t))return;r=null!=r?""+e7(r):"",t=null!=t?""+e7(t):r,o||t===e.value||(e.value=t),e.defaultValue=t}s="function"!=typeof(s=null!=s?s:n)&amp;&amp;"symbol"!=typeof s&amp;&amp;!!s,e.checked=o?e.checked:!!s,e.defaultChecked=!!s,null!=a&amp;&amp;"function"!=typeof a&amp;&amp;"symbol"!=typeof a&amp;&amp;"boolean"!=typeof a&amp;&amp;(e.name=a)}function ta(e,t,r){"number"===t&amp;&amp;tt(e.ownerDocument)===e||e.defaultValue===""+r||(e.defaultValue=""+r)}function to(e,t,r,s){if(e=e.options,t){t={};for(var n=0;n&lt;r.length;n++)t["$"+r[n]]=!0;for(r=0;r&lt;e.length;r++)n=t.hasOwnProperty("$"+e[r].value),e[r].selected!==n&amp;&amp;(e[r].selected=n),n&amp;&amp;s&amp;&amp;(e[r].defaultSelected=!0)}else{for(n=0,r=""+e7(r),t=null;n&lt;e.length;n++){if(e[n].value===r){e[n].selected=!0,s&amp;&amp;(e[n].defaultSelected=!0);return}null!==t||e[n].disabled||(t=e[n])}null!==t&amp;&amp;(t.selected=!0)}}function tc(e,t,r){if(null!=t&amp;&amp;((t=""+e7(t))!==e.value&amp;&amp;(e.value=t),null==r)){e.defaultValue!==t&amp;&amp;(e.defaultValue=t);return}e.defaultValue=null!=r?""+e7(r):""}function tp(e,t,r,s){if(null==t){if(null!=s){if(null!=r)throw Error(c(92));if(N(s)){if(1&lt;s.length)throw Error(c(93));s=s[0]}r=s}null==r&amp;&amp;(r=""),t=r}r=e7(t),e.defaultValue=r,(s=e.textContent)===r&amp;&amp;""!==s&amp;&amp;null!==s&amp;&amp;(e.value=s)}function td(e,t){if(t){var r=e.firstChild;if(r&amp;&amp;r===e.lastChild&amp;&amp;3===r.nodeType){r.nodeValue=t;return}}e.textContent=t}var tu=new Set("animationIterationCount aspectRatio borderImageOutset borderImageSlice borderImageWidth boxFlex boxFlexGroup boxOrdinalGroup columnCount columns flex flexGrow flexPositive flexShrink flexNegative flexOrder gridArea gridRow gridRowEnd gridRowSpan gridRowStart gridColumn gridColumnEnd gridColumnSpan gridColumnStart fontWeight lineClamp lineHeight opacity order orphans scale tabSize widows zIndex zoom fillOpacity floodOpacity stopOpacity strokeDasharray strokeDashoffset strokeMiterlimit strokeOpacity strokeWidth MozAnimationIterationCount MozBoxFlex MozBoxFlexGroup MozLineClamp msAnimationIterationCount msFlex msZoom msFlexGrow msFlexNegative msFlexOrder msFlexPositive msFlexShrink msGridColumn msGridColumnSpan msGridRow msGridRowSpan WebkitAnimationIterationCount WebkitBoxFlex WebKitBoxFlexGroup WebkitBoxOrdinalGroup WebkitColumnCount WebkitColumns WebkitFlex WebkitFlexGrow WebkitFlexPositive WebkitFlexShrink WebkitLineClamp".split(" "));function tl(e,t,r){var s=0===t.indexOf("--");null==r||"boolean"==typeof r||""===r?s?e.setProperty(t,""):"float"===t?e.cssFloat="":e[t]="":s?e.setProperty(t,r):"number"!=typeof r||0===r||tu.has(t)?"float"===t?e.cssFloat=r:e[t]=(""+r).trim():e[t]=r+"px"}function tm(e,t,r){if(null!=t&amp;&amp;"object"!=typeof t)throw Error(c(62));if(e=e.style,null!=r){for(var s in r)!r.hasOwnProperty(s)||null!=t&amp;&amp;t.hasOwnProperty(s)||(0===s.indexOf("--")?e.setProperty(s,""):"float"===s?e.cssFloat="":e[s]="");for(var n in t)s=t[n],t.hasOwnProperty(n)&amp;&amp;r[n]!==s&amp;&amp;tl(e,n,s)}else for(var i in t)t.hasOwnProperty(i)&amp;&amp;tl(e,i,t[i])}function th(e){if(-1===e.indexOf("-"))return!1;switch(e){case"annotation-xml":case"color-profile":case"font-face":case"font-face-src":case"font-face-uri":case"font-face-format":case"font-face-name":case"missing-glyph":return!1;default:return!0}}var tg=new Map([["acceptCharset","accept-charset"],["htmlFor","for"],["httpEquiv","http-equiv"],["crossOrigin","crossorigin"],["accentHeight","accent-height"],["alignmentBaseline","alignment-baseline"],["arabicForm","arabic-form"],["baselineShift","baseline-shift"],["capHeight","cap-height"],["clipPath","clip-path"],["clipRule","clip-rule"],["colorInterpolation","color-interpolation"],["colorInterpolationFilters","color-interpolation-filters"],["colorProfile","color-profile"],["colorRendering","color-rendering"],["dominantBaseline","dominant-baseline"],["enableBackground","enable-background"],["fillOpacity","fill-opacity"],["fillRule","fill-rule"],["floodColor","flood-color"],["floodOpacity","flood-opacity"],["fontFamily","font-family"],["fontSize","font-size"],["fontSizeAdjust","font-size-adjust"],["fontStretch","font-stretch"],["fontStyle","font-style"],["fontVariant","font-variant"],["fontWeight","font-weight"],["glyphName","glyph-name"],["glyphOrientationHorizontal","glyph-orientation-horizontal"],["glyphOrientationVertical","glyph-orientation-vertical"],["horizAdvX","horiz-adv-x"],["horizOriginX","horiz-origin-x"],["imageRendering","image-rendering"],["letterSpacing","letter-spacing"],["lightingColor","lighting-color"],["markerEnd","marker-end"],["markerMid","marker-mid"],["markerStart","marker-start"],["overlinePosition","overline-position"],["overlineThickness","overline-thickness"],["paintOrder","paint-order"],["panose-1","panose-1"],["pointerEvents","pointer-events"],["renderingIntent","rendering-intent"],["shapeRendering","shape-rendering"],["stopColor","stop-color"],["stopOpacity","stop-opacity"],["strikethroughPosition","strikethrough-position"],["strikethroughThickness","strikethrough-thickness"],["strokeDasharray","stroke-dasharray"],["strokeDashoffset","stroke-dashoffset"],["strokeLinecap","stroke-linecap"],["strokeLinejoin","stroke-linejoin"],["strokeMiterlimit","stroke-miterlimit"],["strokeOpacity","stroke-opacity"],["strokeWidth","stroke-width"],["textAnchor","text-anchor"],["textDecoration","text-decoration"],["textRendering","text-rendering"],["transformOrigin","transform-origin"],["underlinePosition","underline-position"],["underlineThickness","underline-thickness"],["unicodeBidi","unicode-bidi"],["unicodeRange","unicode-range"],["unitsPerEm","units-per-em"],["vAlphabetic","v-alphabetic"],["vHanging","v-hanging"],["vIdeographic","v-ideographic"],["vMathematical","v-mathematical"],["vectorEffect","vector-effect"],["vertAdvY","vert-adv-y"],["vertOriginX","vert-origin-x"],["vertOriginY","vert-origin-y"],["wordSpacing","word-spacing"],["writingMode","writing-mode"],["xmlnsXlink","xmlns:xlink"],["xHeight","x-height"]]),tf=/^[\u0000-\u001F ]*j[\r\n\t]*a[\r\n\t]*v[\r\n\t]*a[\r\n\t]*s[\r\n\t]*c[\r\n\t]*r[\r\n\t]*i[\r\n\t]*p[\r\n\t]*t[\r\n\t]*:/i;function ty(e){return tf.test(""+e)?"javascript:throw new Error('React has blocked a javascript: URL as a security precaution.')":e}var tv=null;function tb(e){return(e=e.target||e.srcElement||window).correspondingUseElement&amp;&amp;(e=e.correspondingUseElement),3===e.nodeType?e.parentNode:e}var tw=null,tx=null;function tS(e){var t=eH(e);if(t&amp;&amp;(e=t.stateNode)){var r=e[eL]||null;switch(e=t.stateNode,t.type){case"input":if(tn(e,r.value,r.defaultValue,r.defaultValue,r.checked,r.defaultChecked,r.type,r.name),t=r.name,"radio"===r.type&amp;&amp;null!=t){for(r=e;r.parentNode;)r=r.parentNode;for(r=r.querySelectorAll('input[name="'+ts(""+t)+'"][type="radio"]'),t=0;t&lt;r.length;t++){var s=r[t];if(s!==e&amp;&amp;s.form===e.form){var n=s[eL]||null;if(!n)throw Error(c(90));tn(s,n.value,n.defaultValue,n.defaultValue,n.checked,n.defaultChecked,n.type,n.name)}}for(t=0;t&lt;r.length;t++)(s=r[t]).form===e.form&amp;&amp;te(s)}break;case"textarea":tc(e,r.value,r.defaultValue);break;case"select":null!=(t=r.value)&amp;&amp;to(e,!!r.multiple,t,!1)}}}var t_=!1;function tA(e,t,r){if(t_)return e(t,r);t_=!0;try{return e(t)}finally{if(t_=!1,(null!==tw||null!==tx)&amp;&amp;(o9(),tw&amp;&amp;(t=tw,e=tx,tx=tw=null,tS(t),e)))for(t=0;t&lt;e.length;t++)tS(e[t])}}function tq(e,t){var r=e.stateNode;if(null===r)return null;var s=r[eL]||null;if(null===s)return null;switch(r=s[t],t){case"onClick":case"onClickCapture":case"onDoubleClick":case"onDoubleClickCapture":case"onMouseDown":case"onMouseDownCapture":case"onMouseMove":case"onMouseMoveCapture":case"onMouseUp":case"onMouseUpCapture":case"onMouseEnter":(s=!s.disabled)||(s=!("button"===(e=e.type)||"input"===e||"select"===e||"textarea"===e)),e=!s;break;default:e=!1}if(e)return null;if(r&amp;&amp;"function"!=typeof r)throw Error(c(231,t,typeof r));return r}var tk=!1;if(e1)try{var tT={};Object.defineProperty(tT,"passive",{get:function(){tk=!0}}),window.addEventListener("test",tT,tT),window.removeEventListener("test",tT,tT)}catch(e){tk=!1}var tz=null,tj=null,tI=null;function tP(){if(tI)return tI;var e,t,r=tj,s=r.length,n="value"in tz?tz.value:tz.textContent,i=n.length;for(e=0;e&lt;s&amp;&amp;r[e]===n[e];e++);var a=s-e;for(t=1;t&lt;=a&amp;&amp;r[s-t]===n[i-t];t++);return tI=n.slice(e,1&lt;t?1-t:void 0)}function t$(e){var t=e.keyCode;return"charCode"in e?0===(e=e.charCode)&amp;&amp;13===t&amp;&amp;(e=13):e=t,10===e&amp;&amp;(e=13),32&lt;=e||13===e?e:0}function tR(){return!0}function tE(){return!1}function tO(e){function t(t,r,s,n,i){for(var a in this._reactName=t,this._targetInst=s,this.type=r,this.nativeEvent=n,this.target=i,this.currentTarget=null,e)e.hasOwnProperty(a)&amp;&amp;(t=e[a],this[a]=t?t(n):n[a]);return this.isDefaultPrevented=(null!=n.defaultPrevented?n.defaultPrevented:!1===n.returnValue)?tR:tE,this.isPropagationStopped=tE,this}return $(t.prototype,{preventDefault:function(){this.defaultPrevented=!0;var e=this.nativeEvent;e&amp;&amp;(e.preventDefault?e.preventDefault():"unknown"!=typeof e.returnValue&amp;&amp;(e.returnValue=!1),this.isDefaultPrevented=tR)},stopPropagation:function(){var e=this.nativeEvent;e&amp;&amp;(e.stopPropagation?e.stopPropagation():"unknown"!=typeof e.cancelBubble&amp;&amp;(e.cancelBubble=!0),this.isPropagationStopped=tR)},persist:function(){},isPersistent:tR}),t}var tC,tL,tD,tB={eventPhase:0,bubbles:0,cancelable:0,timeStamp:function(e){return e.timeStamp||Date.now()},defaultPrevented:0,isTrusted:0},tN=tO(tB),tG=$({},tB,{view:0,detail:0}),tW=tO(tG),tM=$({},tG,{screenX:0,screenY:0,clientX:0,clientY:0,pageX:0,pageY:0,ctrlKey:0,shiftKey:0,altKey:0,metaKey:0,getModifierState:t1,button:0,buttons:0,relatedTarget:function(e){return void 0===e.relatedTarget?e.fromElement===e.srcElement?e.toElement:e.fromElement:e.relatedTarget},movementX:function(e){return"movementX"in e?e.movementX:(e!==tD&amp;&amp;(tD&amp;&amp;"mousemove"===e.type?(tC=e.screenX-tD.screenX,tL=e.screenY-tD.screenY):tL=tC=0,tD=e),tC)},movementY:function(e){return"movementY"in e?e.movementY:tL}}),tU=tO(tM),tF=tO($({},tM,{dataTransfer:0})),tH=tO($({},tG,{relatedTarget:0})),tV=tO($({},tB,{animationName:0,elapsedTime:0,pseudoElement:0})),tQ=tO($({},tB,{clipboardData:function(e){return"clipboardData"in e?e.clipboardData:window.clipboardData}})),tK=tO($({},tB,{data:0})),tJ={Esc:"Escape",Spacebar:" ",Left:"ArrowLeft",Up:"ArrowUp",Right:"ArrowRight",Down:"ArrowDown",Del:"Delete",Win:"OS",Menu:"ContextMenu",Apps:"ContextMenu",Scroll:"ScrollLock",MozPrintableKey:"Unidentified"},tX={8:"Backspace",9:"Tab",12:"Clear",13:"Enter",16:"Shift",17:"Control",18:"Alt",19:"Pause",20:"CapsLock",27:"Escape",32:" ",33:"PageUp",34:"PageDown",35:"End",36:"Home",37:"ArrowLeft",38:"ArrowUp",39:"ArrowRight",40:"ArrowDown",45:"Insert",46:"Delete",112:"F1",113:"F2",114:"F3",115:"F4",116:"F5",117:"F6",118:"F7",119:"F8",120:"F9",121:"F10",122:"F11",123:"F12",144:"NumLock",145:"ScrollLock",224:"Meta"},tY={Alt:"altKey",Control:"ctrlKey",Meta:"metaKey",Shift:"shiftKey"};function tZ(e){var t=this.nativeEvent;return t.getModifierState?t.getModifierState(e):!!(e=tY[e])&amp;&amp;!!t[e]}function t1(){return tZ}var t2=tO($({},tG,{key:function(e){if(e.key){var t=tJ[e.key]||e.key;if("Unidentified"!==t)return t}return"keypress"===e.type?13===(e=t$(e))?"Enter":String.fromCharCode(e):"keydown"===e.type||"keyup"===e.type?tX[e.keyCode]||"Unidentified":""},code:0,location:0,ctrlKey:0,shiftKey:0,altKey:0,metaKey:0,repeat:0,locale:0,getModifierState:t1,charCode:function(e){return"keypress"===e.type?t$(e):0},keyCode:function(e){return"keydown"===e.type||"keyup"===e.type?e.keyCode:0},which:function(e){return"keypress"===e.type?t$(e):"keydown"===e.type||"keyup"===e.type?e.keyCode:0}})),t0=tO($({},tM,{pointerId:0,width:0,height:0,pressure:0,tangentialPressure:0,tiltX:0,tiltY:0,twist:0,pointerType:0,isPrimary:0})),t4=tO($({},tG,{touches:0,targetTouches:0,changedTouches:0,altKey:0,metaKey:0,ctrlKey:0,shiftKey:0,getModifierState:t1})),t8=tO($({},tB,{propertyName:0,elapsedTime:0,pseudoElement:0})),t6=tO($({},tM,{deltaX:function(e){return"deltaX"in e?e.deltaX:"wheelDeltaX"in e?-e.wheelDeltaX:0},deltaY:function(e){return"deltaY"in e?e.deltaY:"wheelDeltaY"in e?-e.wheelDeltaY:"wheelDelta"in e?-e.wheelDelta:0},deltaZ:0,deltaMode:0})),t9=tO($({},tB,{newState:0,oldState:0})),t7=[9,13,27,32],t3=e1&amp;&amp;"CompositionEvent"in window,t5=null;e1&amp;&amp;"documentMode"in document&amp;&amp;(t5=document.documentMode);var re=e1&amp;&amp;"TextEvent"in window&amp;&amp;!t5,rt=e1&amp;&amp;(!t3||t5&amp;&amp;8&lt;t5&amp;&amp;11&gt;=t5),rr=!1;function rs(e,t){switch(e){case"keyup":return -1!==t7.indexOf(t.keyCode);case"keydown":return 229!==t.keyCode;case"keypress":case"mousedown":case"focusout":return!0;default:return!1}}function rn(e){return"object"==typeof(e=e.detail)&amp;&amp;"data"in e?e.data:null}var ri=!1,ra={color:!0,date:!0,datetime:!0,"datetime-local":!0,email:!0,month:!0,number:!0,password:!0,range:!0,search:!0,tel:!0,text:!0,time:!0,url:!0,week:!0};function ro(e){var t=e&amp;&amp;e.nodeName&amp;&amp;e.nodeName.toLowerCase();return"input"===t?!!ra[e.type]:"textarea"===t}function rc(e,t,r,s){tw?tx?tx.push(s):tx=[s]:tw=s,0&lt;(t=cH(t,"onChange")).length&amp;&amp;(r=new tN("onChange","change",null,r,s),e.push({event:r,listeners:t}))}var rp=null,rd=null;function ru(e){cD(e,0)}function rl(e){if(te(eV(e)))return e}function rm(e,t){if("change"===e)return t}var rh=!1;if(e1){if(e1){var rg="oninput"in document;if(!rg){var rf=document.createElement("div");rf.setAttribute("oninput","return;"),rg="function"==typeof rf.oninput}s=rg}else s=!1;rh=s&amp;&amp;(!document.documentMode||9&lt;document.documentMode)}function ry(){rp&amp;&amp;(rp.detachEvent("onpropertychange",rv),rd=rp=null)}function rv(e){if("value"===e.propertyName&amp;&amp;rl(rd)){var t=[];rc(t,rd,e,tb(e)),tA(ru,t)}}function rb(e,t,r){"focusin"===e?(ry(),rp=t,rd=r,rp.attachEvent("onpropertychange",rv)):"focusout"===e&amp;&amp;ry()}function rw(e){if("selectionchange"===e||"keyup"===e||"keydown"===e)return rl(rd)}function rx(e,t){if("click"===e)return rl(t)}function rS(e,t){if("input"===e||"change"===e)return rl(t)}var r_="function"==typeof Object.is?Object.is:function(e,t){return e===t&amp;&amp;(0!==e||1/e==1/t)||e!=e&amp;&amp;t!=t};function rA(e,t){if(r_(e,t))return!0;if("object"!=typeof e||null===e||"object"!=typeof t||null===t)return!1;var r=Object.keys(e),s=Object.keys(t);if(r.length!==s.length)return!1;for(s=0;s&lt;r.length;s++){var n=r[s];if(!er.call(t,n)||!r_(e[n],t[n]))return!1}return!0}function rq(e){for(;e&amp;&amp;e.firstChild;)e=e.firstChild;return e}function rk(e,t){var r,s=rq(e);for(e=0;s;){if(3===s.nodeType){if(r=e+s.textContent.length,e&lt;=t&amp;&amp;r&gt;=t)return{node:s,offset:t-e};e=r}e:{for(;s;){if(s.nextSibling){s=s.nextSibling;break e}s=s.parentNode}s=void 0}s=rq(s)}}function rT(e){e=null!=e&amp;&amp;null!=e.ownerDocument&amp;&amp;null!=e.ownerDocument.defaultView?e.ownerDocument.defaultView:window;for(var t=tt(e.document);t instanceof e.HTMLIFrameElement;){try{var r="string"==typeof t.contentWindow.location.href}catch(e){r=!1}if(r)e=t.contentWindow;else break;t=tt(e.document)}return t}function rz(e){var t=e&amp;&amp;e.nodeName&amp;&amp;e.nodeName.toLowerCase();return t&amp;&amp;("input"===t&amp;&amp;("text"===e.type||"search"===e.type||"tel"===e.type||"url"===e.type||"password"===e.type)||"textarea"===t||"true"===e.contentEditable)}var rj=e1&amp;&amp;"documentMode"in document&amp;&amp;11&gt;=document.documentMode,rI=null,rP=null,r$=null,rR=!1;function rE(e,t,r){var s=r.window===r?r.document:9===r.nodeType?r:r.ownerDocument;rR||null==rI||rI!==tt(s)||(s="selectionStart"in(s=rI)&amp;&amp;rz(s)?{start:s.selectionStart,end:s.selectionEnd}:{anchorNode:(s=(s.ownerDocument&amp;&amp;s.ownerDocument.defaultView||window).getSelection()).anchorNode,anchorOffset:s.anchorOffset,focusNode:s.focusNode,focusOffset:s.focusOffset},r$&amp;&amp;rA(r$,s)||(r$=s,0&lt;(s=cH(rP,"onSelect")).length&amp;&amp;(t=new tN("onSelect","select",null,t,r),e.push({event:t,listeners:s}),t.target=rI)))}function rO(e,t){var r={};return r[e.toLowerCase()]=t.toLowerCase(),r["Webkit"+e]="webkit"+t,r["Moz"+e]="moz"+t,r}var rC={animationend:rO("Animation","AnimationEnd"),animationiteration:rO("Animation","AnimationIteration"),animationstart:rO("Animation","AnimationStart"),transitionrun:rO("Transition","TransitionRun"),transitionstart:rO("Transition","TransitionStart"),transitioncancel:rO("Transition","TransitionCancel"),transitionend:rO("Transition","TransitionEnd")},rL={},rD={};function rB(e){if(rL[e])return rL[e];if(!rC[e])return e;var t,r=rC[e];for(t in r)if(r.hasOwnProperty(t)&amp;&amp;t in rD)return rL[e]=r[t];return e}e1&amp;&amp;(rD=document.createElement("div").style,"AnimationEvent"in window||(delete rC.animationend.animation,delete rC.animationiteration.animation,delete rC.animationstart.animation),"TransitionEvent"in window||delete rC.transitionend.transition);var rN=rB("animationend"),rG=rB("animationiteration"),rW=rB("animationstart"),rM=rB("transitionrun"),rU=rB("transitionstart"),rF=rB("transitioncancel"),rH=rB("transitionend"),rV=new Map,rQ="abort auxClick beforeToggle cancel canPlay canPlayThrough click close contextMenu copy cut drag dragEnd dragEnter dragExit dragLeave dragOver dragStart drop durationChange emptied encrypted ended error gotPointerCapture input invalid keyDown keyPress keyUp load loadedData loadedMetadata loadStart lostPointerCapture mouseDown mouseMove mouseOut mouseOver mouseUp paste pause play playing pointerCancel pointerDown pointerMove pointerOut pointerOver pointerUp progress rateChange reset resize seeked seeking stalled submit suspend timeUpdate touchCancel touchEnd touchStart volumeChange scroll scrollEnd toggle touchMove waiting wheel".split(" ");function rK(e,t){rV.set(e,t),eY(t,[e])}var rJ=[],rX=0,rY=0;function rZ(){for(var e=rX,t=rY=rX=0;t&lt;e;){var r=rJ[t];rJ[t++]=null;var s=rJ[t];rJ[t++]=null;var n=rJ[t];rJ[t++]=null;var i=rJ[t];if(rJ[t++]=null,null!==s&amp;&amp;null!==n){var a=s.pending;null===a?n.next=n:(n.next=a.next,a.next=n),s.pending=n}0!==i&amp;&amp;r4(r,n,i)}}function r1(e,t,r,s){rJ[rX++]=e,rJ[rX++]=t,rJ[rX++]=r,rJ[rX++]=s,rY|=s,e.lanes|=s,null!==(e=e.alternate)&amp;&amp;(e.lanes|=s)}function r2(e,t,r,s){return r1(e,t,r,s),r8(e)}function r0(e,t){return r1(e,null,null,t),r8(e)}function r4(e,t,r){e.lanes|=r;var s=e.alternate;null!==s&amp;&amp;(s.lanes|=r);for(var n=!1,i=e.return;null!==i;)i.childLanes|=r,null!==(s=i.alternate)&amp;&amp;(s.childLanes|=r),22===i.tag&amp;&amp;(null===(e=i.stateNode)||1&amp;e._visibility||(n=!0)),e=i,i=i.return;n&amp;&amp;null!==t&amp;&amp;3===e.tag&amp;&amp;(i=e.stateNode,n=31-eb(r),null===(e=(i=i.hiddenUpdates)[n])?i[n]=[t]:e.push(t),t.lane=0x20000000|r)}function r8(e){if(50&lt;oX)throw oX=0,oY=null,Error(c(185));for(var t=e.return;null!==t;)t=(e=t).return;return 3===e.tag?e.stateNode:null}var r6={},r9=new WeakMap;function r7(e,t){if("object"==typeof e&amp;&amp;null!==e){var r=r9.get(e);return void 0!==r?r:(t={value:e,source:t,stack:C(t)},r9.set(e,t),t)}return{value:e,source:t,stack:C(t)}}var r3=[],r5=0,se=null,st=0,sr=[],ss=0,sn=null,si=1,sa="";function so(e,t){r3[r5++]=st,r3[r5++]=se,se=e,st=t}function sc(e,t,r){sr[ss++]=si,sr[ss++]=sa,sr[ss++]=sn,sn=e;var s=si;e=sa;var n=32-eb(s)-1;s&amp;=~(1&lt;&lt;n),r+=1;var i=32-eb(t)+n;if(30&lt;i){var a=n-n%5;i=(s&amp;(1&lt;&lt;a)-1).toString(32),s&gt;&gt;=a,n-=a,si=1&lt;&lt;32-eb(t)+n|r&lt;&lt;n|s,sa=i+e}else si=1&lt;&lt;i|r&lt;&lt;n|s,sa=e}function sp(e){null!==e.return&amp;&amp;(so(e,1),sc(e,1,0))}function sd(e){for(;e===se;)se=r3[--r5],r3[r5]=null,st=r3[--r5],r3[r5]=null;for(;e===sn;)sn=sr[--ss],sr[ss]=null,sa=sr[--ss],sr[ss]=null,si=sr[--ss],sr[ss]=null}var su=null,sl=null,sm=!1,sh=null,sg=!1,sf=Error(c(519));function sy(e){throw sS(r7(Error(c(418,"")),e)),sf}function sv(e){var t=e.stateNode,r=e.type,s=e.memoizedProps;switch(t[eC]=e,t[eL]=s,r){case"dialog":cB("cancel",t),cB("close",t);break;case"iframe":case"object":case"embed":cB("load",t);break;case"video":case"audio":for(r=0;r&lt;cC.length;r++)cB(cC[r],t);break;case"source":cB("error",t);break;case"img":case"image":case"link":cB("error",t),cB("load",t);break;case"details":cB("toggle",t);break;case"input":cB("invalid",t),ti(t,s.value,s.defaultValue,s.checked,s.defaultChecked,s.type,s.name,!0),e5(t);break;case"select":cB("invalid",t);break;case"textarea":cB("invalid",t),tp(t,s.value,s.defaultValue,s.children),e5(t)}"string"!=typeof(r=s.children)&amp;&amp;"number"!=typeof r&amp;&amp;"bigint"!=typeof r||t.textContent===""+r||!0===s.suppressHydrationWarning||cY(t.textContent,r)?(null!=s.popover&amp;&amp;(cB("beforetoggle",t),cB("toggle",t)),null!=s.onScroll&amp;&amp;cB("scroll",t),null!=s.onScrollEnd&amp;&amp;cB("scrollend",t),null!=s.onClick&amp;&amp;(t.onclick=cZ),t=!0):t=!1,t||sy(e)}function sb(e){for(su=e.return;su;)switch(su.tag){case 3:case 27:sg=!0;return;case 5:case 13:sg=!1;return;default:su=su.return}}function sw(e){if(e!==su)return!1;if(!sm)return sb(e),sm=!0,!1;var t,r=!1;if((t=3!==e.tag&amp;&amp;27!==e.tag)&amp;&amp;((t=5===e.tag)&amp;&amp;(t=!("form"!==(t=e.type)&amp;&amp;"button"!==t)||c3(e.type,e.memoizedProps)),t=!t),t&amp;&amp;(r=!0),r&amp;&amp;sl&amp;&amp;sy(e),sb(e),13===e.tag){if(!(e=null!==(e=e.memoizedState)?e.dehydrated:null))throw Error(c(317));e:{for(r=0,e=e.nextSibling;e;){if(8===e.nodeType){if("/$"===(t=e.data)){if(0===r){sl=po(e.nextSibling);break e}r--}else"$"!==t&amp;&amp;"$!"!==t&amp;&amp;"$?"!==t||r++}e=e.nextSibling}sl=null}}else sl=su?po(e.stateNode.nextSibling):null;return!0}function sx(){sl=su=null,sm=!1}function sS(e){null===sh?sh=[e]:sh.push(e)}var s_=Error(c(460)),sA=Error(c(474)),sq={then:function(){}};function sk(e){return"fulfilled"===(e=e.status)||"rejected"===e}function sT(){}function sz(e,t,r){switch(void 0===(r=e[r])?e.push(t):r!==t&amp;&amp;(t.then(sT,sT),t=r),t.status){case"fulfilled":return t.value;case"rejected":if((e=t.reason)===s_)throw Error(c(483));throw e;default:if("string"==typeof t.status)t.then(sT,sT);else{if(null!==(e=oA)&amp;&amp;100&lt;e.shellSuspendCounter)throw Error(c(482));(e=t).status="pending",e.then(function(e){if("pending"===t.status){var r=t;r.status="fulfilled",r.value=e}},function(e){if("pending"===t.status){var r=t;r.status="rejected",r.reason=e}})}switch(t.status){case"fulfilled":return t.value;case"rejected":if((e=t.reason)===s_)throw Error(c(483));throw e}throw sj=t,s_}}var sj=null;function sI(){if(null===sj)throw Error(c(459));var e=sj;return sj=null,e}var sP=null,s$=0;function sR(e){var t=s$;return s$+=1,null===sP&amp;&amp;(sP=[]),sz(sP,e,t)}function sE(e,t){t=t.props.ref,e.ref=void 0!==t?t:null}function sO(e,t){if(t.$$typeof===d)throw Error(c(525));throw Error(c(31,"[object Object]"===(e=Object.prototype.toString.call(t))?"object with keys {"+Object.keys(t).join(", ")+"}":e))}function sC(e){return(0,e._init)(e._payload)}function sL(e){function t(t,r){if(e){var s=t.deletions;null===s?(t.deletions=[r],t.flags|=16):s.push(r)}}function r(r,s){if(!e)return null;for(;null!==s;)t(r,s),s=s.sibling;return null}function s(e){for(var t=new Map;null!==e;)null!==e.key?t.set(e.key,e):t.set(e.index,e),e=e.sibling;return t}function n(e,t){return(e=oc(e,t)).index=0,e.sibling=null,e}function i(t,r,s){return(t.index=s,e)?null!==(s=t.alternate)?(s=s.index)&lt;r?(t.flags|=0x2000002,r):s:(t.flags|=0x2000002,r):(t.flags|=1048576,r)}function a(t){return e&amp;&amp;null===t.alternate&amp;&amp;(t.flags|=0x2000002),t}function o(e,t,r,s){return null===t||6!==t.tag?(t=om(r,e.mode,s)).return=e:(t=n(t,r)).return=e,t}function p(e,t,r,s){var i=r.type;return i===m?h(e,t,r.props.children,s,r.key):(null!==t&amp;&amp;(t.elementType===i||"object"==typeof i&amp;&amp;null!==i&amp;&amp;i.$$typeof===_&amp;&amp;sC(i)===t.type)?sE(t=n(t,r.props),r):sE(t=od(r.type,r.key,r.props,null,e.mode,s),r),t.return=e,t)}function d(e,t,r,s){return null===t||4!==t.tag||t.stateNode.containerInfo!==r.containerInfo||t.stateNode.implementation!==r.implementation?(t=oh(r,e.mode,s)).return=e:(t=n(t,r.children||[])).return=e,t}function h(e,t,r,s,i){return null===t||7!==t.tag?(t=ou(r,e.mode,s,i)).return=e:(t=n(t,r)).return=e,t}function g(e,t,r){if("string"==typeof t&amp;&amp;""!==t||"number"==typeof t||"bigint"==typeof t)return(t=om(""+t,e.mode,r)).return=e,t;if("object"==typeof t&amp;&amp;null!==t){switch(t.$$typeof){case u:return sE(r=od(t.type,t.key,t.props,null,e.mode,r),t),r.return=e,r;case l:return(t=oh(t,e.mode,r)).return=e,t;case _:return g(e,t=(0,t._init)(t._payload),r)}if(N(t)||T(t))return(t=ou(t,e.mode,r,null)).return=e,t;if("function"==typeof t.then)return g(e,sR(t),r);if(t.$$typeof===v)return g(e,ah(e,t),r);sO(e,t)}return null}function f(e,t,r,s){var n=null!==t?t.key:null;if("string"==typeof r&amp;&amp;""!==r||"number"==typeof r||"bigint"==typeof r)return null!==n?null:o(e,t,""+r,s);if("object"==typeof r&amp;&amp;null!==r){switch(r.$$typeof){case u:return r.key===n?p(e,t,r,s):null;case l:return r.key===n?d(e,t,r,s):null;case _:return f(e,t,r=(n=r._init)(r._payload),s)}if(N(r)||T(r))return null!==n?null:h(e,t,r,s,null);if("function"==typeof r.then)return f(e,t,sR(r),s);if(r.$$typeof===v)return f(e,t,ah(e,r),s);sO(e,r)}return null}function y(e,t,r,s,n){if("string"==typeof s&amp;&amp;""!==s||"number"==typeof s||"bigint"==typeof s)return o(t,e=e.get(r)||null,""+s,n);if("object"==typeof s&amp;&amp;null!==s){switch(s.$$typeof){case u:return p(t,e=e.get(null===s.key?r:s.key)||null,s,n);case l:return d(t,e=e.get(null===s.key?r:s.key)||null,s,n);case _:return y(e,t,r,s=(0,s._init)(s._payload),n)}if(N(s)||T(s))return h(t,e=e.get(r)||null,s,n,null);if("function"==typeof s.then)return y(e,t,r,sR(s),n);if(s.$$typeof===v)return y(e,t,r,ah(t,s),n);sO(t,s)}return null}return function(o,p,d,h){try{s$=0;var b=function o(p,d,h,b){if("object"==typeof h&amp;&amp;null!==h&amp;&amp;h.type===m&amp;&amp;null===h.key&amp;&amp;(h=h.props.children),"object"==typeof h&amp;&amp;null!==h){switch(h.$$typeof){case u:e:{for(var w=h.key;null!==d;){if(d.key===w){if((w=h.type)===m){if(7===d.tag){r(p,d.sibling),(b=n(d,h.props.children)).return=p,p=b;break e}}else if(d.elementType===w||"object"==typeof w&amp;&amp;null!==w&amp;&amp;w.$$typeof===_&amp;&amp;sC(w)===d.type){r(p,d.sibling),sE(b=n(d,h.props),h),b.return=p,p=b;break e}r(p,d);break}t(p,d),d=d.sibling}h.type===m?(b=ou(h.props.children,p.mode,b,h.key)).return=p:(sE(b=od(h.type,h.key,h.props,null,p.mode,b),h),b.return=p),p=b}return a(p);case l:e:{for(w=h.key;null!==d;){if(d.key===w){if(4===d.tag&amp;&amp;d.stateNode.containerInfo===h.containerInfo&amp;&amp;d.stateNode.implementation===h.implementation){r(p,d.sibling),(b=n(d,h.children||[])).return=p,p=b;break e}r(p,d);break}t(p,d),d=d.sibling}(b=oh(h,p.mode,b)).return=p,p=b}return a(p);case _:return o(p,d,h=(w=h._init)(h._payload),b)}if(N(h))return function(n,a,o,c){for(var p=null,d=null,u=a,l=a=0,m=null;null!==u&amp;&amp;l&lt;o.length;l++){u.index&gt;l?(m=u,u=null):m=u.sibling;var h=f(n,u,o[l],c);if(null===h){null===u&amp;&amp;(u=m);break}e&amp;&amp;u&amp;&amp;null===h.alternate&amp;&amp;t(n,u),a=i(h,a,l),null===d?p=h:d.sibling=h,d=h,u=m}if(l===o.length)return r(n,u),sm&amp;&amp;so(n,l),p;if(null===u){for(;l&lt;o.length;l++)null!==(u=g(n,o[l],c))&amp;&amp;(a=i(u,a,l),null===d?p=u:d.sibling=u,d=u);return sm&amp;&amp;so(n,l),p}for(u=s(u);l&lt;o.length;l++)null!==(m=y(u,n,l,o[l],c))&amp;&amp;(e&amp;&amp;null!==m.alternate&amp;&amp;u.delete(null===m.key?l:m.key),a=i(m,a,l),null===d?p=m:d.sibling=m,d=m);return e&amp;&amp;u.forEach(function(e){return t(n,e)}),sm&amp;&amp;so(n,l),p}(p,d,h,b);if(T(h)){if("function"!=typeof(w=T(h)))throw Error(c(150));return function(n,a,o,p){if(null==o)throw Error(c(151));for(var d=null,u=null,l=a,m=a=0,h=null,v=o.next();null!==l&amp;&amp;!v.done;m++,v=o.next()){l.index&gt;m?(h=l,l=null):h=l.sibling;var b=f(n,l,v.value,p);if(null===b){null===l&amp;&amp;(l=h);break}e&amp;&amp;l&amp;&amp;null===b.alternate&amp;&amp;t(n,l),a=i(b,a,m),null===u?d=b:u.sibling=b,u=b,l=h}if(v.done)return r(n,l),sm&amp;&amp;so(n,m),d;if(null===l){for(;!v.done;m++,v=o.next())null!==(v=g(n,v.value,p))&amp;&amp;(a=i(v,a,m),null===u?d=v:u.sibling=v,u=v);return sm&amp;&amp;so(n,m),d}for(l=s(l);!v.done;m++,v=o.next())null!==(v=y(l,n,m,v.value,p))&amp;&amp;(e&amp;&amp;null!==v.alternate&amp;&amp;l.delete(null===v.key?m:v.key),a=i(v,a,m),null===u?d=v:u.sibling=v,u=v);return e&amp;&amp;l.forEach(function(e){return t(n,e)}),sm&amp;&amp;so(n,m),d}(p,d,h=w.call(h),b)}if("function"==typeof h.then)return o(p,d,sR(h),b);if(h.$$typeof===v)return o(p,d,ah(p,h),b);sO(p,h)}return"string"==typeof h&amp;&amp;""!==h||"number"==typeof h||"bigint"==typeof h?(h=""+h,null!==d&amp;&amp;6===d.tag?(r(p,d.sibling),(b=n(d,h)).return=p):(r(p,d),(b=om(h,p.mode,b)).return=p),a(p=b)):r(p,d)}(o,p,d,h);return sP=null,b}catch(e){if(e===s_)throw e;var w=oa(29,e,null,o.mode);return w.lanes=h,w.return=o,w}finally{}}}var sD=sL(!0),sB=sL(!1),sN=F(null),sG=F(0);function sW(e,t){V(sG,e=o$),V(sN,t),o$=e|t.baseLanes}function sM(){V(sG,o$),V(sN,sN.current)}function sU(){o$=sG.current,H(sN),H(sG)}var sF=F(null),sH=null;function sV(e){var t=e.alternate;V(sX,1&amp;sX.current),V(sF,e),null===sH&amp;&amp;(null===t||null!==sN.current?sH=e:null!==t.memoizedState&amp;&amp;(sH=e))}function sQ(e){if(22===e.tag){if(V(sX,sX.current),V(sF,e),null===sH){var t=e.alternate;null!==t&amp;&amp;null!==t.memoizedState&amp;&amp;(sH=e)}}else sK(e)}function sK(){V(sX,sX.current),V(sF,sF.current)}function sJ(e){H(sF),sH===e&amp;&amp;(sH=null),H(sX)}var sX=F(0);function sY(e){for(var t=e;null!==t;){if(13===t.tag){var r=t.memoizedState;if(null!==r&amp;&amp;(null===(r=r.dehydrated)||"$?"===r.data||"$!"===r.data))return t}else if(19===t.tag&amp;&amp;void 0!==t.memoizedProps.revealOrder){if(0!=(128&amp;t.flags))return t}else if(null!==t.child){t.child.return=t,t=t.child;continue}if(t===e)break;for(;null===t.sibling;){if(null===t.return||t.return===e)return null;t=t.return}t.sibling.return=t.return,t=t.sibling}return null}var sZ="undefined"!=typeof AbortController?AbortController:function(){var e=[],t=this.signal={aborted:!1,addEventListener:function(t,r){e.push(r)}};this.abort=function(){t.aborted=!0,e.forEach(function(e){return e()})}},s1=i.unstable_scheduleCallback,s2=i.unstable_NormalPriority,s0={$$typeof:v,Consumer:null,Provider:null,_currentValue:null,_currentValue2:null,_threadCount:0};function s4(){return{controller:new sZ,data:new Map,refCount:0}}function s8(e){e.refCount--,0===e.refCount&amp;&amp;s1(s2,function(){e.controller.abort()})}var s6=null,s9=0,s7=0,s3=null;function s5(){if(0==--s9&amp;&amp;null!==s6){null!==s3&amp;&amp;(s3.status="fulfilled");var e=s6;s6=null,s7=0,s3=null;for(var t=0;t&lt;e.length;t++)(0,e[t])()}}var ne=P.S;P.S=function(e,t){"object"==typeof t&amp;&amp;null!==t&amp;&amp;"function"==typeof t.then&amp;&amp;function(e,t){if(null===s6){var r=s6=[];s9=0,s7=cP(),s3={status:"pending",value:void 0,then:function(e){r.push(e)}}}s9++,t.then(s5,s5)}(0,t),null!==ne&amp;&amp;ne(e,t)};var nt=F(null);function nr(){var e=nt.current;return null!==e?e:oA.pooledCache}function ns(e,t){null===t?V(nt,nt.current):V(nt,t.pool)}function nn(){var e=nr();return null===e?null:{parent:s0._currentValue,pool:e}}var ni=0,na=null,no=null,nc=null,np=!1,nd=!1,nu=!1,nl=0,nm=0,nh=null,ng=0;function nf(){throw Error(c(321))}function ny(e,t){if(null===t)return!1;for(var r=0;r&lt;t.length&amp;&amp;r&lt;e.length;r++)if(!r_(e[r],t[r]))return!1;return!0}function nv(e,t,r,s,n,i){return ni=i,na=t,t.memoizedState=null,t.updateQueue=null,t.lanes=0,P.H=null===e||null===e.memoizedState?iA:iq,nu=!1,i=r(s,n),nu=!1,nd&amp;&amp;(i=nw(t,r,s,n)),nb(e),i}function nb(e){P.H=i_;var t=null!==no&amp;&amp;null!==no.next;if(ni=0,nc=no=na=null,np=!1,nm=0,nh=null,t)throw Error(c(300));null===e||iW||null!==(e=e.dependencies)&amp;&amp;au(e)&amp;&amp;(iW=!0)}function nw(e,t,r,s){na=e;var n=0;do{if(nd&amp;&amp;(nh=null),nm=0,nd=!1,25&lt;=n)throw Error(c(301));if(n+=1,nc=no=null,null!=e.updateQueue){var i=e.updateQueue;i.lastEffect=null,i.events=null,i.stores=null,null!=i.memoCache&amp;&amp;(i.memoCache.index=0)}P.H=ik,i=t(r,s)}while(nd);return i}function nx(){var e=P.H,t=e.useState()[0];return t="function"==typeof t.then?nT(t):t,e=e.useState()[0],(null!==no?no.memoizedState:null)!==e&amp;&amp;(na.flags|=1024),t}function nS(){var e=0!==nl;return nl=0,e}function n_(e,t,r){t.updateQueue=e.updateQueue,t.flags&amp;=-2053,e.lanes&amp;=~r}function nA(e){if(np){for(e=e.memoizedState;null!==e;){var t=e.queue;null!==t&amp;&amp;(t.pending=null),e=e.next}np=!1}ni=0,nc=no=na=null,nd=!1,nm=nl=0,nh=null}function nq(){var e={memoizedState:null,baseState:null,baseQueue:null,queue:null,next:null};return null===nc?na.memoizedState=nc=e:nc=nc.next=e,nc}function nk(){if(null===no){var e=na.alternate;e=null!==e?e.memoizedState:null}else e=no.next;var t=null===nc?na.memoizedState:nc.next;if(null!==t)nc=t,no=e;else{if(null===e){if(null===na.alternate)throw Error(c(467));throw Error(c(310))}e={memoizedState:(no=e).memoizedState,baseState:no.baseState,baseQueue:no.baseQueue,queue:no.queue,next:null},null===nc?na.memoizedState=nc=e:nc=nc.next=e}return nc}function nT(e){var t=nm;return nm+=1,null===nh&amp;&amp;(nh=[]),e=sz(nh,e,t),t=na,null===(null===nc?t.memoizedState:nc.next)&amp;&amp;(t=t.alternate,P.H=null===t||null===t.memoizedState?iA:iq),e}function nz(e){if(null!==e&amp;&amp;"object"==typeof e){if("function"==typeof e.then)return nT(e);if(e.$$typeof===v)return am(e)}throw Error(c(438,String(e)))}function nj(e){var t=null,r=na.updateQueue;if(null!==r&amp;&amp;(t=r.memoCache),null==t){var s=na.alternate;null!==s&amp;&amp;null!==(s=s.updateQueue)&amp;&amp;null!=(s=s.memoCache)&amp;&amp;(t={data:s.data.map(function(e){return e.slice()}),index:0})}if(null==t&amp;&amp;(t={data:[],index:0}),null===r&amp;&amp;(r=n(),na.updateQueue=r),r.memoCache=t,void 0===(r=t.data[t.index]))for(r=t.data[t.index]=Array(e),s=0;s&lt;e;s++)r[s]=q;return t.index++,r}function nI(e,t){return"function"==typeof t?t(e):t}function nP(e){return n$(nk(),no,e)}function n$(e,t,r){var s=e.queue;if(null===s)throw Error(c(311));s.lastRenderedReducer=r;var n=e.baseQueue,i=s.pending;if(null!==i){if(null!==n){var a=n.next;n.next=i.next,i.next=a}t.baseQueue=n=i,s.pending=null}if(i=e.baseState,null===n)e.memoizedState=i;else{t=n.next;var o=a=null,p=null,d=t,u=!1;do{var l=-0x20000001&amp;d.lane;if(l!==d.lane?(ok&amp;l)===l:(ni&amp;l)===l){var m=d.revertLane;if(0===m)null!==p&amp;&amp;(p=p.next={lane:0,revertLane:0,action:d.action,hasEagerState:d.hasEagerState,eagerState:d.eagerState,next:null}),l===s7&amp;&amp;(u=!0);else if((ni&amp;m)===m){d=d.next,m===s7&amp;&amp;(u=!0);continue}else l={lane:0,revertLane:d.revertLane,action:d.action,hasEagerState:d.hasEagerState,eagerState:d.eagerState,next:null},null===p?(o=p=l,a=i):p=p.next=l,na.lanes|=m,oE|=m;l=d.action,nu&amp;&amp;r(i,l),i=d.hasEagerState?d.eagerState:r(i,l)}else m={lane:l,revertLane:d.revertLane,action:d.action,hasEagerState:d.hasEagerState,eagerState:d.eagerState,next:null},null===p?(o=p=m,a=i):p=p.next=m,na.lanes|=l,oE|=l;d=d.next}while(null!==d&amp;&amp;d!==t);if(null===p?a=i:p.next=o,!r_(i,e.memoizedState)&amp;&amp;(iW=!0,u&amp;&amp;null!==(r=s3)))throw r;e.memoizedState=i,e.baseState=a,e.baseQueue=p,s.lastRenderedState=i}return null===n&amp;&amp;(s.lanes=0),[e.memoizedState,s.dispatch]}function nR(e){var t=nk(),r=t.queue;if(null===r)throw Error(c(311));r.lastRenderedReducer=e;var s=r.dispatch,n=r.pending,i=t.memoizedState;if(null!==n){r.pending=null;var a=n=n.next;do i=e(i,a.action),a=a.next;while(a!==n);r_(i,t.memoizedState)||(iW=!0),t.memoizedState=i,null===t.baseQueue&amp;&amp;(t.baseState=i),r.lastRenderedState=i}return[i,s]}function nE(e,t,r){var s=na,n=nk(),i=sm;if(i){if(void 0===r)throw Error(c(407));r=r()}else r=t();var a=!r_((no||n).memoizedState,r);if(a&amp;&amp;(n.memoizedState=r,iW=!0),n=n.queue,n6(nL.bind(null,s,n,e),[e]),n.getSnapshot!==t||a||null!==nc&amp;&amp;1&amp;nc.memoizedState.tag){if(s.flags|=2048,n1(9,nC.bind(null,s,n,r,t),{destroy:void 0},null),null===oA)throw Error(c(349));i||0!=(60&amp;ni)||nO(s,t,r)}return r}function nO(e,t,r){e.flags|=16384,e={getSnapshot:t,value:r},null===(t=na.updateQueue)?(t=n(),na.updateQueue=t,t.stores=[e]):null===(r=t.stores)?t.stores=[e]:r.push(e)}function nC(e,t,r,s){t.value=r,t.getSnapshot=s,nD(t)&amp;&amp;nB(e)}function nL(e,t,r){return r(function(){nD(t)&amp;&amp;nB(e)})}function nD(e){var t=e.getSnapshot;e=e.value;try{var r=t();return!r_(e,r)}catch(e){return!0}}function nB(e){var t=r0(e,2);null!==t&amp;&amp;o2(t,e,2)}function nN(e){var t=nq();if("function"==typeof e){var r=e;if(e=r(),nu){ev(!0);try{r()}finally{ev(!1)}}}return t.memoizedState=t.baseState=e,t.queue={pending:null,lanes:0,dispatch:null,lastRenderedReducer:nI,lastRenderedState:e},t}function nG(e,t,r,s){return e.baseState=r,n$(e,no,"function"==typeof s?s:nI)}function nW(e,t,r,s,n){if(iw(e))throw Error(c(485));if(null!==(e=t.action)){var i={payload:n,action:e,next:null,isTransition:!0,status:"pending",value:null,reason:null,listeners:[],then:function(e){i.listeners.push(e)}};null!==P.T?r(!0):i.isTransition=!1,s(i),null===(r=t.pending)?(i.next=t.pending=i,nM(t,i)):(i.next=r.next,t.pending=r.next=i)}}function nM(e,t){var r=t.action,s=t.payload,n=e.state;if(t.isTransition){var i=P.T,a={};P.T=a;try{var o=r(n,s),c=P.S;null!==c&amp;&amp;c(a,o),nU(e,t,o)}catch(r){nH(e,t,r)}finally{P.T=i}}else try{i=r(n,s),nU(e,t,i)}catch(r){nH(e,t,r)}}function nU(e,t,r){null!==r&amp;&amp;"object"==typeof r&amp;&amp;"function"==typeof r.then?r.then(function(r){nF(e,t,r)},function(r){return nH(e,t,r)}):nF(e,t,r)}function nF(e,t,r){t.status="fulfilled",t.value=r,nV(t),e.state=r,null!==(t=e.pending)&amp;&amp;((r=t.next)===t?e.pending=null:(r=r.next,t.next=r,nM(e,r)))}function nH(e,t,r){var s=e.pending;if(e.pending=null,null!==s){s=s.next;do t.status="rejected",t.reason=r,nV(t),t=t.next;while(t!==s)}e.action=null}function nV(e){e=e.listeners;for(var t=0;t&lt;e.length;t++)(0,e[t])()}function nQ(e,t){return t}function nK(e,t){if(sm){var r=oA.formState;if(null!==r){e:{var s=na;if(sm){if(sl){t:{for(var n=sl,i=sg;8!==n.nodeType;)if(!i||null===(n=po(n.nextSibling))){n=null;break t}n="F!"===(i=n.data)||"F"===i?n:null}if(n){sl=po(n.nextSibling),s="F!"===n.data;break e}}sy(s)}s=!1}s&amp;&amp;(t=r[0])}}return(r=nq()).memoizedState=r.baseState=t,s={pending:null,lanes:0,dispatch:null,lastRenderedReducer:nQ,lastRenderedState:t},r.queue=s,r=iy.bind(null,na,s),s.dispatch=r,s=nN(!1),i=ib.bind(null,na,!1,s.queue),s=nq(),n={state:t,dispatch:null,action:e,pending:null},s.queue=n,r=nW.bind(null,na,n,i,r),n.dispatch=r,s.memoizedState=e,[t,r,!1]}function nJ(e){return nX(nk(),no,e)}function nX(e,t,r){t=n$(e,t,nQ)[0],e=nP(nI)[0],t="object"==typeof t&amp;&amp;null!==t&amp;&amp;"function"==typeof t.then?nT(t):t;var s=nk(),n=s.queue,i=n.dispatch;return r!==s.memoizedState&amp;&amp;(na.flags|=2048,n1(9,nY.bind(null,n,r),{destroy:void 0},null)),[t,i,e]}function nY(e,t){e.action=t}function nZ(e){var t=nk(),r=no;if(null!==r)return nX(t,r,e);nk(),t=t.memoizedState;var s=(r=nk()).queue.dispatch;return r.memoizedState=e,[t,s,!1]}function n1(e,t,r,s){return e={tag:e,create:t,inst:r,deps:s,next:null},null===(t=na.updateQueue)&amp;&amp;(t=n(),na.updateQueue=t),null===(r=t.lastEffect)?t.lastEffect=e.next=e:(s=r.next,r.next=e,e.next=s,t.lastEffect=e),e}function n2(){return nk().memoizedState}function n0(e,t,r,s){var n=nq();na.flags|=e,n.memoizedState=n1(1|t,r,{destroy:void 0},void 0===s?null:s)}function n4(e,t,r,s){var n=nk();s=void 0===s?null:s;var i=n.memoizedState.inst;null!==no&amp;&amp;null!==s&amp;&amp;ny(s,no.memoizedState.deps)?n.memoizedState=n1(t,r,i,s):(na.flags|=e,n.memoizedState=n1(1|t,r,i,s))}function n8(e,t){n0(8390656,8,e,t)}function n6(e,t){n4(2048,8,e,t)}function n9(e,t){return n4(4,2,e,t)}function n7(e,t){return n4(4,4,e,t)}function n3(e,t){if("function"==typeof t){var r=t(e=e());return function(){"function"==typeof r?r():t(null)}}if(null!=t)return e=e(),t.current=e,function(){t.current=null}}function n5(e,t,r){r=null!=r?r.concat([e]):null,n4(4,4,n3.bind(null,t,e),r)}function ie(){}function it(e,t){var r=nk();t=void 0===t?null:t;var s=r.memoizedState;return null!==t&amp;&amp;ny(t,s[1])?s[0]:(r.memoizedState=[e,t],e)}function ir(e,t){var r=nk();t=void 0===t?null:t;var s=r.memoizedState;if(null!==t&amp;&amp;ny(t,s[1]))return s[0];if(s=e(),nu){ev(!0);try{e()}finally{ev(!1)}}return r.memoizedState=[s,t],s}function is(e,t,r){return void 0===r||0!=(0x40000000&amp;ni)?e.memoizedState=t:(e.memoizedState=r,e=o1(),na.lanes|=e,oE|=e,r)}function ii(e,t,r,s){return r_(r,t)?r:null!==sN.current?(r_(e=is(e,r,s),t)||(iW=!0),e):0==(42&amp;ni)?(iW=!0,e.memoizedState=r):(e=o1(),na.lanes|=e,oE|=e,t)}function ia(e,t,r,s,n){var i=G.p;G.p=0!==i&amp;&amp;8&gt;i?i:8;var a=P.T,o={};P.T=o,ib(e,!1,t,r);try{var c=n(),p=P.S;if(null!==p&amp;&amp;p(o,c),null!==c&amp;&amp;"object"==typeof c&amp;&amp;"function"==typeof c.then){var d,u,l=(d=[],u={status:"pending",value:null,reason:null,then:function(e){d.push(e)}},c.then(function(){u.status="fulfilled",u.value=s;for(var e=0;e&lt;d.length;e++)(0,d[e])(s)},function(e){for(u.status="rejected",u.reason=e,e=0;e&lt;d.length;e++)(0,d[e])(void 0)}),u);iv(e,t,l,oZ(e))}else iv(e,t,s,oZ(e))}catch(r){iv(e,t,{then:function(){},status:"rejected",reason:r},oZ())}finally{G.p=i,P.T=a}}function io(){}function ic(e,t,r,s){if(5!==e.tag)throw Error(c(476));var n=ip(e).queue;ia(e,n,t,W,null===r?io:function(){return id(e),r(s)})}function ip(e){var t=e.memoizedState;if(null!==t)return t;var r={};return(t={memoizedState:W,baseState:W,baseQueue:null,queue:{pending:null,lanes:0,dispatch:null,lastRenderedReducer:nI,lastRenderedState:W},next:null}).next={memoizedState:r,baseState:r,baseQueue:null,queue:{pending:null,lanes:0,dispatch:null,lastRenderedReducer:nI,lastRenderedState:r},next:null},e.memoizedState=t,null!==(e=e.alternate)&amp;&amp;(e.memoizedState=t),t}function id(e){var t=ip(e).next.queue;iv(e,t,{},oZ())}function iu(){return am(pC)}function il(){return nk().memoizedState}function im(){return nk().memoizedState}function ih(e){for(var t=e.return;null!==t;){switch(t.tag){case 24:case 3:var r=oZ(),s=aw(t,e=ab(r),r);null!==s&amp;&amp;(o2(s,t,r),ax(s,t,r)),t={cache:s4()},e.payload=t;return}t=t.return}}function ig(e,t,r){var s=oZ();r={lane:s,revertLane:0,action:r,hasEagerState:!1,eagerState:null,next:null},iw(e)?ix(t,r):null!==(r=r2(e,t,r,s))&amp;&amp;(o2(r,e,s),iS(r,t,s))}function iy(e,t,r){iv(e,t,r,oZ())}function iv(e,t,r,s){var n={lane:s,revertLane:0,action:r,hasEagerState:!1,eagerState:null,next:null};if(iw(e))ix(t,n);else{var i=e.alternate;if(0===e.lanes&amp;&amp;(null===i||0===i.lanes)&amp;&amp;null!==(i=t.lastRenderedReducer))try{var a=t.lastRenderedState,o=i(a,r);if(n.hasEagerState=!0,n.eagerState=o,r_(o,a))return r1(e,t,n,0),null===oA&amp;&amp;rZ(),!1}catch(e){}finally{}if(null!==(r=r2(e,t,n,s)))return o2(r,e,s),iS(r,t,s),!0}return!1}function ib(e,t,r,s){if(s={lane:2,revertLane:cP(),action:s,hasEagerState:!1,eagerState:null,next:null},iw(e)){if(t)throw Error(c(479))}else null!==(t=r2(e,r,s,2))&amp;&amp;o2(t,e,2)}function iw(e){var t=e.alternate;return e===na||null!==t&amp;&amp;t===na}function ix(e,t){nd=np=!0;var r=e.pending;null===r?t.next=t:(t.next=r.next,r.next=t),e.pending=t}function iS(e,t,r){if(0!=(4194176&amp;r)){var s=t.lanes;s&amp;=e.pendingLanes,r|=s,t.lanes=r,e$(e,r)}}n=function(){return{lastEffect:null,events:null,stores:null,memoCache:null}};var i_={readContext:am,use:nz,useCallback:nf,useContext:nf,useEffect:nf,useImperativeHandle:nf,useLayoutEffect:nf,useInsertionEffect:nf,useMemo:nf,useReducer:nf,useRef:nf,useState:nf,useDebugValue:nf,useDeferredValue:nf,useTransition:nf,useSyncExternalStore:nf,useId:nf};i_.useCacheRefresh=nf,i_.useMemoCache=nf,i_.useHostTransitionStatus=nf,i_.useFormState=nf,i_.useActionState=nf,i_.useOptimistic=nf;var iA={readContext:am,use:nz,useCallback:function(e,t){return nq().memoizedState=[e,void 0===t?null:t],e},useContext:am,useEffect:n8,useImperativeHandle:function(e,t,r){r=null!=r?r.concat([e]):null,n0(4194308,4,n3.bind(null,t,e),r)},useLayoutEffect:function(e,t){return n0(4194308,4,e,t)},useInsertionEffect:function(e,t){n0(4,2,e,t)},useMemo:function(e,t){var r=nq();t=void 0===t?null:t;var s=e();if(nu){ev(!0);try{e()}finally{ev(!1)}}return r.memoizedState=[s,t],s},useReducer:function(e,t,r){var s=nq();if(void 0!==r){var n=r(t);if(nu){ev(!0);try{r(t)}finally{ev(!1)}}}else n=t;return s.memoizedState=s.baseState=n,e={pending:null,lanes:0,dispatch:null,lastRenderedReducer:e,lastRenderedState:n},s.queue=e,e=e.dispatch=ig.bind(null,na,e),[s.memoizedState,e]},useRef:function(e){return e={current:e},nq().memoizedState=e},useState:function(e){var t=(e=nN(e)).queue,r=iy.bind(null,na,t);return t.dispatch=r,[e.memoizedState,r]},useDebugValue:ie,useDeferredValue:function(e,t){return is(nq(),e,t)},useTransition:function(){var e=nN(!1);return e=ia.bind(null,na,e.queue,!0,!1),nq().memoizedState=e,[!1,e]},useSyncExternalStore:function(e,t,r){var s=na,n=nq();if(sm){if(void 0===r)throw Error(c(407));r=r()}else{if(r=t(),null===oA)throw Error(c(349));0!=(60&amp;ok)||nO(s,t,r)}n.memoizedState=r;var i={value:r,getSnapshot:t};return n.queue=i,n8(nL.bind(null,s,i,e),[e]),s.flags|=2048,n1(9,nC.bind(null,s,i,r,t),{destroy:void 0},null),r},useId:function(){var e=nq(),t=oA.identifierPrefix;if(sm){var r=sa,s=si;t=":"+t+"R"+(r=(s&amp;~(1&lt;&lt;32-eb(s)-1)).toString(32)+r),0&lt;(r=nl++)&amp;&amp;(t+="H"+r.toString(32)),t+=":"}else t=":"+t+"r"+(r=ng++).toString(32)+":";return e.memoizedState=t},useCacheRefresh:function(){return nq().memoizedState=ih.bind(null,na)}};iA.useMemoCache=nj,iA.useHostTransitionStatus=iu,iA.useFormState=nK,iA.useActionState=nK,iA.useOptimistic=function(e){var t=nq();t.memoizedState=t.baseState=e;var r={pending:null,lanes:0,dispatch:null,lastRenderedReducer:null,lastRenderedState:null};return t.queue=r,t=ib.bind(null,na,!0,r),r.dispatch=t,[e,t]};var iq={readContext:am,use:nz,useCallback:it,useContext:am,useEffect:n6,useImperativeHandle:n5,useInsertionEffect:n9,useLayoutEffect:n7,useMemo:ir,useReducer:nP,useRef:n2,useState:function(){return nP(nI)},useDebugValue:ie,useDeferredValue:function(e,t){return ii(nk(),no.memoizedState,e,t)},useTransition:function(){var e=nP(nI)[0],t=nk().memoizedState;return["boolean"==typeof e?e:nT(e),t]},useSyncExternalStore:nE,useId:il};iq.useCacheRefresh=im,iq.useMemoCache=nj,iq.useHostTransitionStatus=iu,iq.useFormState=nJ,iq.useActionState=nJ,iq.useOptimistic=function(e,t){return nG(nk(),no,e,t)};var ik={readContext:am,use:nz,useCallback:it,useContext:am,useEffect:n6,useImperativeHandle:n5,useInsertionEffect:n9,useLayoutEffect:n7,useMemo:ir,useReducer:nR,useRef:n2,useState:function(){return nR(nI)},useDebugValue:ie,useDeferredValue:function(e,t){var r=nk();return null===no?is(r,e,t):ii(r,no.memoizedState,e,t)},useTransition:function(){var e=nR(nI)[0],t=nk().memoizedState;return["boolean"==typeof e?e:nT(e),t]},useSyncExternalStore:nE,useId:il};function iT(e,t,r,s){r=null==(r=r(s,t=e.memoizedState))?t:$({},t,r),e.memoizedState=r,0===e.lanes&amp;&amp;(e.updateQueue.baseState=r)}ik.useCacheRefresh=im,ik.useMemoCache=nj,ik.useHostTransitionStatus=iu,ik.useFormState=nZ,ik.useActionState=nZ,ik.useOptimistic=function(e,t){var r=nk();return null!==no?nG(r,no,e,t):(r.baseState=e,[e,r.queue.dispatch])};var iz={isMounted:function(e){return!!(e=e._reactInternals)&amp;&amp;L(e)===e},enqueueSetState:function(e,t,r){e=e._reactInternals;var s=oZ(),n=ab(s);n.payload=t,null!=r&amp;&amp;(n.callback=r),null!==(t=aw(e,n,s))&amp;&amp;(o2(t,e,s),ax(t,e,s))},enqueueReplaceState:function(e,t,r){e=e._reactInternals;var s=oZ(),n=ab(s);n.tag=1,n.payload=t,null!=r&amp;&amp;(n.callback=r),null!==(t=aw(e,n,s))&amp;&amp;(o2(t,e,s),ax(t,e,s))},enqueueForceUpdate:function(e,t){e=e._reactInternals;var r=oZ(),s=ab(r);s.tag=2,null!=t&amp;&amp;(s.callback=t),null!==(t=aw(e,s,r))&amp;&amp;(o2(t,e,r),ax(t,e,r))}};function ij(e,t,r,s,n,i,a){return"function"==typeof(e=e.stateNode).shouldComponentUpdate?e.shouldComponentUpdate(s,i,a):!t.prototype||!t.prototype.isPureReactComponent||!rA(r,s)||!rA(n,i)}function iI(e,t,r,s){e=t.state,"function"==typeof t.componentWillReceiveProps&amp;&amp;t.componentWillReceiveProps(r,s),"function"==typeof t.UNSAFE_componentWillReceiveProps&amp;&amp;t.UNSAFE_componentWillReceiveProps(r,s),t.state!==e&amp;&amp;iz.enqueueReplaceState(t,t.state,null)}function iP(e,t){var r=t;if("ref"in t)for(var s in r={},t)"ref"!==s&amp;&amp;(r[s]=t[s]);if(e=e.defaultProps)for(var n in r===t&amp;&amp;(r=$({},r)),e)void 0===r[n]&amp;&amp;(r[n]=e[n]);return r}var i$="function"==typeof reportError?reportError:function(e){if("object"==typeof window&amp;&amp;"function"==typeof window.ErrorEvent){var t=new window.ErrorEvent("error",{bubbles:!0,cancelable:!0,message:"object"==typeof e&amp;&amp;null!==e&amp;&amp;"string"==typeof e.message?String(e.message):String(e),error:e});if(!window.dispatchEvent(t))return}else if("object"==typeof process&amp;&amp;"function"==typeof process.emit){process.emit("uncaughtException",e);return}console.error(e)};function iR(e){i$(e)}function iE(e){console.error(e)}function iO(e){i$(e)}function iC(e,t){try{(0,e.onUncaughtError)(t.value,{componentStack:t.stack})}catch(e){setTimeout(function(){throw e})}}function iL(e,t,r){try{(0,e.onCaughtError)(r.value,{componentStack:r.stack,errorBoundary:1===t.tag?t.stateNode:null})}catch(e){setTimeout(function(){throw e})}}function iD(e,t,r){return(r=ab(r)).tag=3,r.payload={element:null},r.callback=function(){iC(e,t)},r}function iB(e){return(e=ab(e)).tag=3,e}function iN(e,t,r,s){var n=r.type.getDerivedStateFromError;if("function"==typeof n){var i=s.value;e.payload=function(){return n(i)},e.callback=function(){iL(t,r,s)}}var a=r.stateNode;null!==a&amp;&amp;"function"==typeof a.componentDidCatch&amp;&amp;(e.callback=function(){iL(t,r,s),"function"!=typeof n&amp;&amp;(null===oF?oF=new Set([this]):oF.add(this));var e=s.stack;this.componentDidCatch(s.value,{componentStack:null!==e?e:""})})}var iG=Error(c(461)),iW=!1;function iM(e,t,r,s){t.child=null===e?sB(t,null,r,s):sD(t,e.child,r,s)}function iU(e,t,r,s,n){r=r.render;var i=t.ref;if("ref"in s){var a={};for(var o in s)"ref"!==o&amp;&amp;(a[o]=s[o])}else a=s;return(al(t),s=nv(e,t,r,a,i,n),o=nS(),null===e||iW)?(sm&amp;&amp;o&amp;&amp;sp(t),t.flags|=1,iM(e,t,s,n),t.child):(n_(e,t,n),ae(e,t,n))}function iF(e,t,r,s,n){if(null===e){var i=r.type;return"function"!=typeof i||oo(i)||void 0!==i.defaultProps||null!==r.compare?((e=od(r.type,null,s,t,t.mode,n)).ref=t.ref,e.return=t,t.child=e):(t.tag=15,t.type=i,iH(e,t,i,s,n))}if(i=e.child,!at(e,n)){var a=i.memoizedProps;if((r=null!==(r=r.compare)?r:rA)(a,s)&amp;&amp;e.ref===t.ref)return ae(e,t,n)}return t.flags|=1,(e=oc(i,s)).ref=t.ref,e.return=t,t.child=e}function iH(e,t,r,s,n){if(null!==e){var i=e.memoizedProps;if(rA(i,s)&amp;&amp;e.ref===t.ref){if(iW=!1,t.pendingProps=s=i,!at(e,n))return t.lanes=e.lanes,ae(e,t,n);0!=(131072&amp;e.flags)&amp;&amp;(iW=!0)}}return iJ(e,t,r,s,n)}function iV(e,t,r){var s=t.pendingProps,n=s.children,i=0!=(2&amp;t.stateNode._pendingVisibility),a=null!==e?e.memoizedState:null;if(iK(e,t),"hidden"===s.mode||i){if(0!=(128&amp;t.flags)){if(s=null!==a?a.baseLanes|r:r,null!==e){for(i=0,n=t.child=e.child;null!==n;)i=i|n.lanes|n.childLanes,n=n.sibling;t.childLanes=i&amp;~s}else t.childLanes=0,t.child=null;return iQ(e,t,s,r)}if(0==(0x20000000&amp;r))return t.lanes=t.childLanes=0x20000000,iQ(e,t,null!==a?a.baseLanes|r:r,r);t.memoizedState={baseLanes:0,cachePool:null},null!==e&amp;&amp;ns(t,null!==a?a.cachePool:null),null!==a?sW(t,a):sM(),sQ(t)}else null!==a?(ns(t,a.cachePool),sW(t,a),sK(t),t.memoizedState=null):(null!==e&amp;&amp;ns(t,null),sM(),sK(t));return iM(e,t,n,r),t.child}function iQ(e,t,r,s){var n=nr();return n=null===n?null:{parent:s0._currentValue,pool:n},t.memoizedState={baseLanes:r,cachePool:n},null!==e&amp;&amp;ns(t,null),sM(),sQ(t),null!==e&amp;&amp;ad(e,t,s,!0),null}function iK(e,t){var r=t.ref;if(null===r)null!==e&amp;&amp;null!==e.ref&amp;&amp;(t.flags|=2097664);else{if("function"!=typeof r&amp;&amp;"object"!=typeof r)throw Error(c(284));(null===e||e.ref!==r)&amp;&amp;(t.flags|=2097664)}}function iJ(e,t,r,s,n){return(al(t),r=nv(e,t,r,s,void 0,n),s=nS(),null===e||iW)?(sm&amp;&amp;s&amp;&amp;sp(t),t.flags|=1,iM(e,t,r,n),t.child):(n_(e,t,n),ae(e,t,n))}function iX(e,t,r,s,n,i){return(al(t),t.updateQueue=null,r=nw(t,s,r,n),nb(e),s=nS(),null===e||iW)?(sm&amp;&amp;s&amp;&amp;sp(t),t.flags|=1,iM(e,t,r,i),t.child):(n_(e,t,i),ae(e,t,i))}function iY(e,t,r,s,n){if(al(t),null===t.stateNode){var i=r6,a=r.contextType;"object"==typeof a&amp;&amp;null!==a&amp;&amp;(i=am(a)),i=new r(s,i),t.memoizedState=null!==i.state&amp;&amp;void 0!==i.state?i.state:null,i.updater=iz,t.stateNode=i,i._reactInternals=t,(i=t.stateNode).props=s,i.state=t.memoizedState,i.refs={},ay(t),a=r.contextType,i.context="object"==typeof a&amp;&amp;null!==a?am(a):r6,i.state=t.memoizedState,"function"==typeof(a=r.getDerivedStateFromProps)&amp;&amp;(iT(t,r,a,s),i.state=t.memoizedState),"function"==typeof r.getDerivedStateFromProps||"function"==typeof i.getSnapshotBeforeUpdate||"function"!=typeof i.UNSAFE_componentWillMount&amp;&amp;"function"!=typeof i.componentWillMount||(a=i.state,"function"==typeof i.componentWillMount&amp;&amp;i.componentWillMount(),"function"==typeof i.UNSAFE_componentWillMount&amp;&amp;i.UNSAFE_componentWillMount(),a!==i.state&amp;&amp;iz.enqueueReplaceState(i,i.state,null),aq(t,s,i,n),aA(),i.state=t.memoizedState),"function"==typeof i.componentDidMount&amp;&amp;(t.flags|=4194308),s=!0}else if(null===e){i=t.stateNode;var o=t.memoizedProps,c=iP(r,o);i.props=c;var p=i.context,d=r.contextType;a=r6,"object"==typeof d&amp;&amp;null!==d&amp;&amp;(a=am(d));var u=r.getDerivedStateFromProps;d="function"==typeof u||"function"==typeof i.getSnapshotBeforeUpdate,o=t.pendingProps!==o,d||"function"!=typeof i.UNSAFE_componentWillReceiveProps&amp;&amp;"function"!=typeof i.componentWillReceiveProps||(o||p!==a)&amp;&amp;iI(t,i,s,a),af=!1;var l=t.memoizedState;i.state=l,aq(t,s,i,n),aA(),p=t.memoizedState,o||l!==p||af?("function"==typeof u&amp;&amp;(iT(t,r,u,s),p=t.memoizedState),(c=af||ij(t,r,c,s,l,p,a))?(d||"function"!=typeof i.UNSAFE_componentWillMount&amp;&amp;"function"!=typeof i.componentWillMount||("function"==typeof i.componentWillMount&amp;&amp;i.componentWillMount(),"function"==typeof i.UNSAFE_componentWillMount&amp;&amp;i.UNSAFE_componentWillMount()),"function"==typeof i.componentDidMount&amp;&amp;(t.flags|=4194308)):("function"==typeof i.componentDidMount&amp;&amp;(t.flags|=4194308),t.memoizedProps=s,t.memoizedState=p),i.props=s,i.state=p,i.context=a,s=c):("function"==typeof i.componentDidMount&amp;&amp;(t.flags|=4194308),s=!1)}else{i=t.stateNode,av(e,t),d=iP(r,a=t.memoizedProps),i.props=d,u=t.pendingProps,l=i.context,p=r.contextType,c=r6,"object"==typeof p&amp;&amp;null!==p&amp;&amp;(c=am(p)),(p="function"==typeof(o=r.getDerivedStateFromProps)||"function"==typeof i.getSnapshotBeforeUpdate)||"function"!=typeof i.UNSAFE_componentWillReceiveProps&amp;&amp;"function"!=typeof i.componentWillReceiveProps||(a!==u||l!==c)&amp;&amp;iI(t,i,s,c),af=!1,l=t.memoizedState,i.state=l,aq(t,s,i,n),aA();var m=t.memoizedState;a!==u||l!==m||af||null!==e&amp;&amp;null!==e.dependencies&amp;&amp;au(e.dependencies)?("function"==typeof o&amp;&amp;(iT(t,r,o,s),m=t.memoizedState),(d=af||ij(t,r,d,s,l,m,c)||null!==e&amp;&amp;null!==e.dependencies&amp;&amp;au(e.dependencies))?(p||"function"!=typeof i.UNSAFE_componentWillUpdate&amp;&amp;"function"!=typeof i.componentWillUpdate||("function"==typeof i.componentWillUpdate&amp;&amp;i.componentWillUpdate(s,m,c),"function"==typeof i.UNSAFE_componentWillUpdate&amp;&amp;i.UNSAFE_componentWillUpdate(s,m,c)),"function"==typeof i.componentDidUpdate&amp;&amp;(t.flags|=4),"function"==typeof i.getSnapshotBeforeUpdate&amp;&amp;(t.flags|=1024)):("function"!=typeof i.componentDidUpdate||a===e.memoizedProps&amp;&amp;l===e.memoizedState||(t.flags|=4),"function"!=typeof i.getSnapshotBeforeUpdate||a===e.memoizedProps&amp;&amp;l===e.memoizedState||(t.flags|=1024),t.memoizedProps=s,t.memoizedState=m),i.props=s,i.state=m,i.context=c,s=d):("function"!=typeof i.componentDidUpdate||a===e.memoizedProps&amp;&amp;l===e.memoizedState||(t.flags|=4),"function"!=typeof i.getSnapshotBeforeUpdate||a===e.memoizedProps&amp;&amp;l===e.memoizedState||(t.flags|=1024),s=!1)}return i=s,iK(e,t),s=0!=(128&amp;t.flags),i||s?(i=t.stateNode,r=s&amp;&amp;"function"!=typeof r.getDerivedStateFromError?null:i.render(),t.flags|=1,null!==e&amp;&amp;s?(t.child=sD(t,e.child,null,n),t.child=sD(t,null,r,n)):iM(e,t,r,n),t.memoizedState=i.state,e=t.child):e=ae(e,t,n),e}function iZ(e,t,r,s){return sx(),t.flags|=256,iM(e,t,r,s),t.child}var i1={dehydrated:null,treeContext:null,retryLane:0};function i2(e){return{baseLanes:e,cachePool:nn()}}function i0(e,t,r){return e=null!==e?e.childLanes&amp;~r:0,t&amp;&amp;(e|=oL),e}function i4(e,t,r){var s,n=t.pendingProps,i=!1,a=0!=(128&amp;t.flags);if((s=a)||(s=(null===e||null!==e.memoizedState)&amp;&amp;0!=(2&amp;sX.current)),s&amp;&amp;(i=!0,t.flags&amp;=-129),s=0!=(32&amp;t.flags),t.flags&amp;=-33,null===e){if(sm){if(i?sV(t):sK(t),sm){var o,p=sl;if(o=p){r:{for(o=p,p=sg;8!==o.nodeType;)if(!p||null===(o=po(o.nextSibling))){p=null;break r}p=o}null!==p?(t.memoizedState={dehydrated:p,treeContext:null!==sn?{id:si,overflow:sa}:null,retryLane:0x20000000},(o=oa(18,null,null,0)).stateNode=p,o.return=t,t.child=o,su=t,sl=null,o=!0):o=!1}o||sy(t)}if(null!==(p=t.memoizedState)&amp;&amp;null!==(p=p.dehydrated))return"$!"===p.data?t.lanes=16:t.lanes=0x20000000,null;sJ(t)}return(p=n.children,n=n.fallback,i)?(sK(t),p=i6({mode:"hidden",children:p},i=t.mode),n=ou(n,i,r,null),p.return=t,n.return=t,p.sibling=n,t.child=p,(i=t.child).memoizedState=i2(r),i.childLanes=i0(e,s,r),t.memoizedState=i1,n):(sV(t),i8(t,p))}if(null!==(o=e.memoizedState)&amp;&amp;null!==(p=o.dehydrated)){if(a)256&amp;t.flags?(sV(t),t.flags&amp;=-257,t=i9(e,t,r)):null!==t.memoizedState?(sK(t),t.child=e.child,t.flags|=128,t=null):(sK(t),i=n.fallback,p=t.mode,n=i6({mode:"visible",children:n.children},p),i=ou(i,p,r,null),i.flags|=2,n.return=t,i.return=t,n.sibling=i,t.child=n,sD(t,e.child,null,r),(n=t.child).memoizedState=i2(r),n.childLanes=i0(e,s,r),t.memoizedState=i1,t=i);else if(sV(t),"$!"===p.data){if(s=p.nextSibling&amp;&amp;p.nextSibling.dataset)var d=s.dgst;s=d,(n=Error(c(419))).stack="",n.digest=s,sS({value:n,source:null,stack:null}),t=i9(e,t,r)}else if(iW||ad(e,t,r,!1),s=0!=(r&amp;e.childLanes),iW||s){if(null!==(s=oA)){if(0!=(42&amp;(n=r&amp;-r)))n=1;else switch(n){case 2:n=1;break;case 8:n=4;break;case 32:n=16;break;case 128:case 256:case 512:case 1024:case 2048:case 4096:case 8192:case 16384:case 32768:case 65536:case 131072:case 262144:case 524288:case 1048576:case 2097152:case 4194304:case 8388608:case 0x1000000:case 0x2000000:n=64;break;case 0x10000000:n=0x8000000;break;default:n=0}if(0!==(n=0!=(n&amp;(s.suspendedLanes|r))?0:n)&amp;&amp;n!==o.retryLane)throw o.retryLane=n,r0(e,n),o2(s,e,n),iG}"$?"===p.data||cr(),t=i9(e,t,r)}else"$?"===p.data?(t.flags|=128,t.child=e.child,t=cy.bind(null,e),p._reactRetry=t,t=null):(e=o.treeContext,sl=po(p.nextSibling),su=t,sm=!0,sh=null,sg=!1,null!==e&amp;&amp;(sr[ss++]=si,sr[ss++]=sa,sr[ss++]=sn,si=e.id,sa=e.overflow,sn=t),t=i8(t,n.children),t.flags|=4096);return t}return i?(sK(t),i=n.fallback,p=t.mode,d=(o=e.child).sibling,(n=oc(o,{mode:"hidden",children:n.children})).subtreeFlags=0x1e00000&amp;o.subtreeFlags,null!==d?i=oc(d,i):(i=ou(i,p,r,null),i.flags|=2),i.return=t,n.return=t,n.sibling=i,t.child=n,n=i,i=t.child,null===(p=e.child.memoizedState)?p=i2(r):(null!==(o=p.cachePool)?(d=s0._currentValue,o=o.parent!==d?{parent:d,pool:d}:o):o=nn(),p={baseLanes:p.baseLanes|r,cachePool:o}),i.memoizedState=p,i.childLanes=i0(e,s,r),t.memoizedState=i1,n):(sV(t),e=(r=e.child).sibling,(r=oc(r,{mode:"visible",children:n.children})).return=t,r.sibling=null,null!==e&amp;&amp;(null===(s=t.deletions)?(t.deletions=[e],t.flags|=16):s.push(e)),t.child=r,t.memoizedState=null,r)}function i8(e,t){return(t=i6({mode:"visible",children:t},e.mode)).return=e,e.child=t}function i6(e,t){return ol(e,t,0,null)}function i9(e,t,r){return sD(t,e.child,null,r),e=i8(t,t.pendingProps.children),e.flags|=2,t.memoizedState=null,e}function i7(e,t,r){e.lanes|=t;var s=e.alternate;null!==s&amp;&amp;(s.lanes|=t),ac(e.return,t,r)}function i3(e,t,r,s,n){var i=e.memoizedState;null===i?e.memoizedState={isBackwards:t,rendering:null,renderingStartTime:0,last:s,tail:r,tailMode:n}:(i.isBackwards=t,i.rendering=null,i.renderingStartTime=0,i.last=s,i.tail=r,i.tailMode=n)}function i5(e,t,r){var s=t.pendingProps,n=s.revealOrder,i=s.tail;if(iM(e,t,s.children,r),0!=(2&amp;(s=sX.current)))s=1&amp;s|2,t.flags|=128;else{if(null!==e&amp;&amp;0!=(128&amp;e.flags))e:for(e=t.child;null!==e;){if(13===e.tag)null!==e.memoizedState&amp;&amp;i7(e,r,t);else if(19===e.tag)i7(e,r,t);else if(null!==e.child){e.child.return=e,e=e.child;continue}if(e===t)break;for(;null===e.sibling;){if(null===e.return||e.return===t)break e;e=e.return}e.sibling.return=e.return,e=e.sibling}s&amp;=1}switch(V(sX,s),n){case"forwards":for(n=null,r=t.child;null!==r;)null!==(e=r.alternate)&amp;&amp;null===sY(e)&amp;&amp;(n=r),r=r.sibling;null===(r=n)?(n=t.child,t.child=null):(n=r.sibling,r.sibling=null),i3(t,!1,n,r,i);break;case"backwards":for(r=null,n=t.child,t.child=null;null!==n;){if(null!==(e=n.alternate)&amp;&amp;null===sY(e)){t.child=n;break}e=n.sibling,n.sibling=r,r=n,n=e}i3(t,!0,r,null,i);break;case"together":i3(t,!1,null,null,void 0);break;default:t.memoizedState=null}return t.child}function ae(e,t,r){if(null!==e&amp;&amp;(t.dependencies=e.dependencies),oE|=t.lanes,0==(r&amp;t.childLanes)){if(null===e)return null;if(ad(e,t,r,!1),0==(r&amp;t.childLanes))return null}if(null!==e&amp;&amp;t.child!==e.child)throw Error(c(153));if(null!==t.child){for(r=oc(e=t.child,e.pendingProps),t.child=r,r.return=t;null!==e.sibling;)e=e.sibling,(r=r.sibling=oc(e,e.pendingProps)).return=t;r.sibling=null}return t.child}function at(e,t){return 0!=(e.lanes&amp;t)||!!(null!==(e=e.dependencies)&amp;&amp;au(e))}function ar(e,t,r){if(null!==e){if(e.memoizedProps!==t.pendingProps)iW=!0;else{if(!at(e,r)&amp;&amp;0==(128&amp;t.flags))return iW=!1,function(e,t,r){switch(t.tag){case 3:Y(t,t.stateNode.containerInfo),aa(t,s0,e.memoizedState.cache),sx();break;case 27:case 5:ee(t);break;case 4:Y(t,t.stateNode.containerInfo);break;case 10:aa(t,t.type,t.memoizedProps.value);break;case 13:var s=t.memoizedState;if(null!==s){if(null!==s.dehydrated)return sV(t),t.flags|=128,null;if(0!=(r&amp;t.child.childLanes))return i4(e,t,r);return sV(t),null!==(e=ae(e,t,r))?e.sibling:null}sV(t);break;case 19:var n=0!=(128&amp;e.flags);if((s=0!=(r&amp;t.childLanes))||(ad(e,t,r,!1),s=0!=(r&amp;t.childLanes)),n){if(s)return i5(e,t,r);t.flags|=128}if(null!==(n=t.memoizedState)&amp;&amp;(n.rendering=null,n.tail=null,n.lastEffect=null),V(sX,sX.current),!s)return null;break;case 22:case 23:return t.lanes=0,iV(e,t,r);case 24:aa(t,s0,e.memoizedState.cache)}return ae(e,t,r)}(e,t,r);iW=0!=(131072&amp;e.flags)}}else iW=!1,sm&amp;&amp;0!=(1048576&amp;t.flags)&amp;&amp;sc(t,st,t.index);switch(t.lanes=0,t.tag){case 16:e:{e=t.pendingProps;var s=t.elementType,n=s._init;if(s=n(s._payload),t.type=s,"function"==typeof s)oo(s)?(e=iP(s,e),t.tag=1,t=iY(null,t,s,e,r)):(t.tag=0,t=iJ(null,t,s,e,r));else{if(null!=s){if((n=s.$$typeof)===b){t.tag=11,t=iU(null,t,s,e,r);break e}if(n===S){t.tag=14,t=iF(null,t,s,e,r);break e}}throw Error(c(306,t=function e(t){if(null==t)return null;if("function"==typeof t)return t.$$typeof===I?null:t.displayName||t.name||null;if("string"==typeof t)return t;switch(t){case m:return"Fragment";case l:return"Portal";case g:return"Profiler";case h:return"StrictMode";case w:return"Suspense";case x:return"SuspenseList"}if("object"==typeof t)switch(t.$$typeof){case v:return(t.displayName||"Context")+".Provider";case y:return(t._context.displayName||"Context")+".Consumer";case b:var r=t.render;return(t=t.displayName)||(t=""!==(t=r.displayName||r.name||"")?"ForwardRef("+t+")":"ForwardRef"),t;case S:return null!==(r=t.displayName||null)?r:e(t.type)||"Memo";case _:r=t._payload,t=t._init;try{return e(t(r))}catch(e){}}return null}(s)||s,""))}}return t;case 0:return iJ(e,t,t.type,t.pendingProps,r);case 1:return n=iP(s=t.type,t.pendingProps),iY(e,t,s,n,r);case 3:e:{if(Y(t,t.stateNode.containerInfo),null===e)throw Error(c(387));var i=t.pendingProps;s=(n=t.memoizedState).element,av(e,t),aq(t,i,null,r);var a=t.memoizedState;if(aa(t,s0,i=a.cache),i!==n.cache&amp;&amp;ap(t,[s0],r,!0),aA(),i=a.element,n.isDehydrated){if(n={element:i,isDehydrated:!1,cache:a.cache},t.updateQueue.baseState=n,t.memoizedState=n,256&amp;t.flags){t=iZ(e,t,i,r);break e}if(i!==s){sS(s=r7(Error(c(424)),t)),t=iZ(e,t,i,r);break e}else for(sl=po(t.stateNode.containerInfo.firstChild),su=t,sm=!0,sh=null,sg=!0,r=sB(t,null,i,r),t.child=r;r;)r.flags=-3&amp;r.flags|4096,r=r.sibling}else{if(sx(),i===s){t=ae(e,t,r);break e}iM(e,t,i,r)}t=t.child}return t;case 26:return iK(e,t),null===e?(r=pf(t.type,null,t.pendingProps,null))?t.memoizedState=r:sm||(r=t.type,e=t.pendingProps,(s=c6(J.current).createElement(r))[eC]=t,s[eL]=e,c0(s,r,e),eK(s),t.stateNode=s):t.memoizedState=pf(t.type,e.memoizedProps,t.pendingProps,e.memoizedState),null;case 27:return ee(t),null===e&amp;&amp;sm&amp;&amp;(s=t.stateNode=pp(t.type,t.pendingProps,J.current),su=t,sg=!0,sl=po(s.firstChild)),s=t.pendingProps.children,null!==e||sm?iM(e,t,s,r):t.child=sD(t,null,s,r),iK(e,t),t.child;case 5:return null===e&amp;&amp;sm&amp;&amp;((n=s=sl)&amp;&amp;(null!==(s=function(e,t,r,s){for(;1===e.nodeType;){if(e.nodeName.toLowerCase()!==t.toLowerCase()){if(!s&amp;&amp;("INPUT"!==e.nodeName||"hidden"!==e.type))break}else if(s){if(!e[eM])switch(t){case"meta":if(!e.hasAttribute("itemprop"))break;return e;case"link":if("stylesheet"===(n=e.getAttribute("rel"))&amp;&amp;e.hasAttribute("data-precedence")||n!==r.rel||e.getAttribute("href")!==(null==r.href?null:r.href)||e.getAttribute("crossorigin")!==(null==r.crossOrigin?null:r.crossOrigin)||e.getAttribute("title")!==(null==r.title?null:r.title))break;return e;case"style":if(e.hasAttribute("data-precedence"))break;return e;case"script":if(((n=e.getAttribute("src"))!==(null==r.src?null:r.src)||e.getAttribute("type")!==(null==r.type?null:r.type)||e.getAttribute("crossorigin")!==(null==r.crossOrigin?null:r.crossOrigin))&amp;&amp;n&amp;&amp;e.hasAttribute("async")&amp;&amp;!e.hasAttribute("itemprop"))break;return e;default:return e}}else{if("input"!==t||"hidden"!==e.type)return e;var n=null==r.name?null:""+r.name;if("hidden"===r.type&amp;&amp;e.getAttribute("name")===n)return e}if(null===(e=po(e.nextSibling)))break}return null}(s,t.type,t.pendingProps,sg))?(t.stateNode=s,su=t,sl=po(s.firstChild),sg=!1,n=!0):n=!1),n||sy(t)),ee(t),n=t.type,i=t.pendingProps,a=null!==e?e.memoizedProps:null,s=i.children,c3(n,i)?s=null:null!==a&amp;&amp;c3(n,a)&amp;&amp;(t.flags|=32),null!==t.memoizedState&amp;&amp;(n=nv(e,t,nx,null,null,r),pC._currentValue=n),iK(e,t),iM(e,t,s,r),t.child;case 6:return null===e&amp;&amp;sm&amp;&amp;((e=r=sl)&amp;&amp;(null!==(r=function(e,t,r){if(""===t)return null;for(;3!==e.nodeType;)if((1!==e.nodeType||"INPUT"!==e.nodeName||"hidden"!==e.type)&amp;&amp;!r||null===(e=po(e.nextSibling)))return null;return e}(r,t.pendingProps,sg))?(t.stateNode=r,su=t,sl=null,e=!0):e=!1),e||sy(t)),null;case 13:return i4(e,t,r);case 4:return Y(t,t.stateNode.containerInfo),s=t.pendingProps,null===e?t.child=sD(t,null,s,r):iM(e,t,s,r),t.child;case 11:return iU(e,t,t.type,t.pendingProps,r);case 7:return iM(e,t,t.pendingProps,r),t.child;case 8:case 12:return iM(e,t,t.pendingProps.children,r),t.child;case 10:return s=t.pendingProps,aa(t,t.type,s.value),iM(e,t,s.children,r),t.child;case 9:return n=t.type._context,s=t.pendingProps.children,al(t),s=s(n=am(n)),t.flags|=1,iM(e,t,s,r),t.child;case 14:return iF(e,t,t.type,t.pendingProps,r);case 15:return iH(e,t,t.type,t.pendingProps,r);case 19:return i5(e,t,r);case 22:return iV(e,t,r);case 24:return al(t),s=am(s0),null===e?(null===(n=nr())&amp;&amp;(n=oA,i=s4(),n.pooledCache=i,i.refCount++,null!==i&amp;&amp;(n.pooledCacheLanes|=r),n=i),t.memoizedState={parent:s,cache:n},ay(t),aa(t,s0,n)):(0!=(e.lanes&amp;r)&amp;&amp;(av(e,t),aq(t,null,null,r),aA()),n=e.memoizedState,i=t.memoizedState,n.parent!==s?(n={parent:s,cache:s},t.memoizedState=n,0===t.lanes&amp;&amp;(t.memoizedState=t.updateQueue.baseState=n),aa(t,s0,s)):(aa(t,s0,s=i.cache),s!==n.cache&amp;&amp;ap(t,[s0],r,!0))),iM(e,t,t.pendingProps.children,r),t.child;case 29:throw t.pendingProps}throw Error(c(156,t.tag))}var as=F(null),an=null,ai=null;function aa(e,t,r){V(as,t._currentValue),t._currentValue=r}function ao(e){e._currentValue=as.current,H(as)}function ac(e,t,r){for(;null!==e;){var s=e.alternate;if((e.childLanes&amp;t)!==t?(e.childLanes|=t,null!==s&amp;&amp;(s.childLanes|=t)):null!==s&amp;&amp;(s.childLanes&amp;t)!==t&amp;&amp;(s.childLanes|=t),e===r)break;e=e.return}}function ap(e,t,r,s){var n=e.child;for(null!==n&amp;&amp;(n.return=e);null!==n;){var i=n.dependencies;if(null!==i){var a=n.child;i=i.firstContext;e:for(;null!==i;){var o=i;i=n;for(var p=0;p&lt;t.length;p++)if(o.context===t[p]){i.lanes|=r,null!==(o=i.alternate)&amp;&amp;(o.lanes|=r),ac(i.return,r,e),s||(a=null);break e}i=o.next}}else if(18===n.tag){if(null===(a=n.return))throw Error(c(341));a.lanes|=r,null!==(i=a.alternate)&amp;&amp;(i.lanes|=r),ac(a,r,e),a=null}else a=n.child;if(null!==a)a.return=n;else for(a=n;null!==a;){if(a===e){a=null;break}if(null!==(n=a.sibling)){n.return=a.return,a=n;break}a=a.return}n=a}}function ad(e,t,r,s){e=null;for(var n=t,i=!1;null!==n;){if(!i){if(0!=(524288&amp;n.flags))i=!0;else if(0!=(262144&amp;n.flags))break}if(10===n.tag){var a=n.alternate;if(null===a)throw Error(c(387));if(null!==(a=a.memoizedProps)){var o=n.type;r_(n.pendingProps.value,a.value)||(null!==e?e.push(o):e=[o])}}else if(n===X.current){if(null===(a=n.alternate))throw Error(c(387));a.memoizedState.memoizedState!==n.memoizedState.memoizedState&amp;&amp;(null!==e?e.push(pC):e=[pC])}n=n.return}null!==e&amp;&amp;ap(t,e,r,s),t.flags|=262144}function au(e){for(e=e.firstContext;null!==e;){if(!r_(e.context._currentValue,e.memoizedValue))return!0;e=e.next}return!1}function al(e){an=e,ai=null,null!==(e=e.dependencies)&amp;&amp;(e.firstContext=null)}function am(e){return ag(an,e)}function ah(e,t){return null===an&amp;&amp;al(e),ag(e,t)}function ag(e,t){var r=t._currentValue;if(t={context:t,memoizedValue:r,next:null},null===ai){if(null===e)throw Error(c(308));ai=t,e.dependencies={lanes:0,firstContext:t},e.flags|=524288}else ai=ai.next=t;return r}var af=!1;function ay(e){e.updateQueue={baseState:e.memoizedState,firstBaseUpdate:null,lastBaseUpdate:null,shared:{pending:null,lanes:0,hiddenCallbacks:null},callbacks:null}}function av(e,t){e=e.updateQueue,t.updateQueue===e&amp;&amp;(t.updateQueue={baseState:e.baseState,firstBaseUpdate:e.firstBaseUpdate,lastBaseUpdate:e.lastBaseUpdate,shared:e.shared,callbacks:null})}function ab(e){return{lane:e,tag:0,payload:null,callback:null,next:null}}function aw(e,t,r){var s=e.updateQueue;if(null===s)return null;if(s=s.shared,0!=(2&amp;o_)){var n=s.pending;return null===n?t.next=t:(t.next=n.next,n.next=t),s.pending=t,t=r8(e),r4(e,null,r),t}return r1(e,s,t,r),r8(e)}function ax(e,t,r){if(null!==(t=t.updateQueue)&amp;&amp;(t=t.shared,0!=(4194176&amp;r))){var s=t.lanes;s&amp;=e.pendingLanes,r|=s,t.lanes=r,e$(e,r)}}function aS(e,t){var r=e.updateQueue,s=e.alternate;if(null!==s&amp;&amp;r===(s=s.updateQueue)){var n=null,i=null;if(null!==(r=r.firstBaseUpdate)){do{var a={lane:r.lane,tag:r.tag,payload:r.payload,callback:null,next:null};null===i?n=i=a:i=i.next=a,r=r.next}while(null!==r);null===i?n=i=t:i=i.next=t}else n=i=t;r={baseState:s.baseState,firstBaseUpdate:n,lastBaseUpdate:i,shared:s.shared,callbacks:s.callbacks},e.updateQueue=r;return}null===(e=r.lastBaseUpdate)?r.firstBaseUpdate=t:e.next=t,r.lastBaseUpdate=t}var a_=!1;function aA(){if(a_){var e=s3;if(null!==e)throw e}}function aq(e,t,r,s){a_=!1;var n=e.updateQueue;af=!1;var i=n.firstBaseUpdate,a=n.lastBaseUpdate,o=n.shared.pending;if(null!==o){n.shared.pending=null;var c=o,p=c.next;c.next=null,null===a?i=p:a.next=p,a=c;var d=e.alternate;null!==d&amp;&amp;(o=(d=d.updateQueue).lastBaseUpdate)!==a&amp;&amp;(null===o?d.firstBaseUpdate=p:o.next=p,d.lastBaseUpdate=c)}if(null!==i){var u=n.baseState;for(a=0,d=p=c=null,o=i;;){var l=-0x20000001&amp;o.lane,m=l!==o.lane;if(m?(ok&amp;l)===l:(s&amp;l)===l){0!==l&amp;&amp;l===s7&amp;&amp;(a_=!0),null!==d&amp;&amp;(d=d.next={lane:0,tag:o.tag,payload:o.payload,callback:null,next:null});e:{var h=e,g=o;switch(l=t,g.tag){case 1:if("function"==typeof(h=g.payload)){u=h.call(r,u,l);break e}u=h;break e;case 3:h.flags=-65537&amp;h.flags|128;case 0:if(null==(l="function"==typeof(h=g.payload)?h.call(r,u,l):h))break e;u=$({},u,l);break e;case 2:af=!0}}null!==(l=o.callback)&amp;&amp;(e.flags|=64,m&amp;&amp;(e.flags|=8192),null===(m=n.callbacks)?n.callbacks=[l]:m.push(l))}else m={lane:l,tag:o.tag,payload:o.payload,callback:o.callback,next:null},null===d?(p=d=m,c=u):d=d.next=m,a|=l;if(null===(o=o.next)){if(null===(o=n.shared.pending))break;o=(m=o).next,m.next=null,n.lastBaseUpdate=m,n.shared.pending=null}}null===d&amp;&amp;(c=u),n.baseState=c,n.firstBaseUpdate=p,n.lastBaseUpdate=d,null===i&amp;&amp;(n.shared.lanes=0),oE|=a,e.lanes=a,e.memoizedState=u}}function ak(e,t){if("function"!=typeof e)throw Error(c(191,e));e.call(t)}function aT(e,t){var r=e.callbacks;if(null!==r)for(e.callbacks=null,e=0;e&lt;r.length;e++)ak(r[e],t)}function az(e,t){try{var r=t.updateQueue,s=null!==r?r.lastEffect:null;if(null!==s){var n=s.next;r=n;do{if((r.tag&amp;e)===e){s=void 0;var i=r.create,a=r.inst;s=i(),a.destroy=s}r=r.next}while(r!==n)}}catch(e){cm(t,t.return,e)}}function aj(e,t,r){try{var s=t.updateQueue,n=null!==s?s.lastEffect:null;if(null!==n){var i=n.next;s=i;do{if((s.tag&amp;e)===e){var a=s.inst,o=a.destroy;if(void 0!==o){a.destroy=void 0,n=t;try{o()}catch(e){cm(n,r,e)}}}s=s.next}while(s!==i)}}catch(e){cm(t,t.return,e)}}function aI(e){var t=e.updateQueue;if(null!==t){var r=e.stateNode;try{aT(t,r)}catch(t){cm(e,e.return,t)}}}function aP(e,t,r){r.props=iP(e.type,e.memoizedProps),r.state=e.memoizedState;try{r.componentWillUnmount()}catch(r){cm(e,t,r)}}function a$(e,t){try{var r=e.ref;if(null!==r){var s=e.stateNode;switch(e.tag){case 26:case 27:case 5:var n=s;break;default:n=s}"function"==typeof r?e.refCleanup=r(n):r.current=n}}catch(r){cm(e,t,r)}}function aR(e,t){var r=e.ref,s=e.refCleanup;if(null!==r){if("function"==typeof s)try{s()}catch(r){cm(e,t,r)}finally{e.refCleanup=null,null!=(e=e.alternate)&amp;&amp;(e.refCleanup=null)}else if("function"==typeof r)try{r(null)}catch(r){cm(e,t,r)}else r.current=null}}function aE(e){var t=e.type,r=e.memoizedProps,s=e.stateNode;try{switch(t){case"button":case"input":case"select":case"textarea":r.autoFocus&amp;&amp;s.focus();break;case"img":r.src?s.src=r.src:r.srcSet&amp;&amp;(s.srcset=r.srcSet)}}catch(t){cm(e,e.return,t)}}function aO(e,t,r){try{var s=e.stateNode;(function(e,t,r,s){switch(t){case"div":case"span":case"svg":case"path":case"a":case"g":case"p":case"li":break;case"input":var n=null,i=null,a=null,o=null,p=null,d=null,u=null;for(h in r){var l=r[h];if(r.hasOwnProperty(h)&amp;&amp;null!=l)switch(h){case"checked":case"value":break;case"defaultValue":p=l;default:s.hasOwnProperty(h)||c1(e,t,h,null,s,l)}}for(var m in s){var h=s[m];if(l=r[m],s.hasOwnProperty(m)&amp;&amp;(null!=h||null!=l))switch(m){case"type":i=h;break;case"name":n=h;break;case"checked":d=h;break;case"defaultChecked":u=h;break;case"value":a=h;break;case"defaultValue":o=h;break;case"children":case"dangerouslySetInnerHTML":if(null!=h)throw Error(c(137,t));break;default:h!==l&amp;&amp;c1(e,t,m,h,s,l)}}tn(e,a,o,p,d,u,i,n);return;case"select":for(i in h=a=o=m=null,r)if(p=r[i],r.hasOwnProperty(i)&amp;&amp;null!=p)switch(i){case"value":break;case"multiple":h=p;default:s.hasOwnProperty(i)||c1(e,t,i,null,s,p)}for(n in s)if(i=s[n],p=r[n],s.hasOwnProperty(n)&amp;&amp;(null!=i||null!=p))switch(n){case"value":m=i;break;case"defaultValue":o=i;break;case"multiple":a=i;default:i!==p&amp;&amp;c1(e,t,n,i,s,p)}t=o,r=a,s=h,null!=m?to(e,!!r,m,!1):!!s!=!!r&amp;&amp;(null!=t?to(e,!!r,t,!0):to(e,!!r,r?[]:"",!1));return;case"textarea":for(o in h=m=null,r)if(n=r[o],r.hasOwnProperty(o)&amp;&amp;null!=n&amp;&amp;!s.hasOwnProperty(o))switch(o){case"value":case"children":break;default:c1(e,t,o,null,s,n)}for(a in s)if(n=s[a],i=r[a],s.hasOwnProperty(a)&amp;&amp;(null!=n||null!=i))switch(a){case"value":m=n;break;case"defaultValue":h=n;break;case"children":break;case"dangerouslySetInnerHTML":if(null!=n)throw Error(c(91));break;default:n!==i&amp;&amp;c1(e,t,a,n,s,i)}tc(e,m,h);return;case"option":for(var g in r)m=r[g],r.hasOwnProperty(g)&amp;&amp;null!=m&amp;&amp;!s.hasOwnProperty(g)&amp;&amp;("selected"===g?e.selected=!1:c1(e,t,g,null,s,m));for(p in s)m=s[p],h=r[p],s.hasOwnProperty(p)&amp;&amp;m!==h&amp;&amp;(null!=m||null!=h)&amp;&amp;("selected"===p?e.selected=m&amp;&amp;"function"!=typeof m&amp;&amp;"symbol"!=typeof m:c1(e,t,p,m,s,h));return;case"img":case"link":case"area":case"base":case"br":case"col":case"embed":case"hr":case"keygen":case"meta":case"param":case"source":case"track":case"wbr":case"menuitem":for(var f in r)m=r[f],r.hasOwnProperty(f)&amp;&amp;null!=m&amp;&amp;!s.hasOwnProperty(f)&amp;&amp;c1(e,t,f,null,s,m);for(d in s)if(m=s[d],h=r[d],s.hasOwnProperty(d)&amp;&amp;m!==h&amp;&amp;(null!=m||null!=h))switch(d){case"children":case"dangerouslySetInnerHTML":if(null!=m)throw Error(c(137,t));break;default:c1(e,t,d,m,s,h)}return;default:if(th(t)){for(var y in r)m=r[y],r.hasOwnProperty(y)&amp;&amp;void 0!==m&amp;&amp;!s.hasOwnProperty(y)&amp;&amp;c2(e,t,y,void 0,s,m);for(u in s)m=s[u],h=r[u],s.hasOwnProperty(u)&amp;&amp;m!==h&amp;&amp;(void 0!==m||void 0!==h)&amp;&amp;c2(e,t,u,m,s,h);return}}for(var v in r)m=r[v],r.hasOwnProperty(v)&amp;&amp;null!=m&amp;&amp;!s.hasOwnProperty(v)&amp;&amp;c1(e,t,v,null,s,m);for(l in s)m=s[l],h=r[l],s.hasOwnProperty(l)&amp;&amp;m!==h&amp;&amp;(null!=m||null!=h)&amp;&amp;c1(e,t,l,m,s,h)})(s,e.type,r,t),s[eL]=t}catch(t){cm(e,e.return,t)}}function aC(e){return 5===e.tag||3===e.tag||26===e.tag||27===e.tag||4===e.tag}function aL(e){e:for(;;){for(;null===e.sibling;){if(null===e.return||aC(e.return))return null;e=e.return}for(e.sibling.return=e.return,e=e.sibling;5!==e.tag&amp;&amp;6!==e.tag&amp;&amp;27!==e.tag&amp;&amp;18!==e.tag;){if(2&amp;e.flags||null===e.child||4===e.tag)continue e;e.child.return=e,e=e.child}if(!(2&amp;e.flags))return e.stateNode}}function aD(e,t,r){var s=e.tag;if(5===s||6===s)e=e.stateNode,t?r.insertBefore(e,t):r.appendChild(e);else if(4!==s&amp;&amp;27!==s&amp;&amp;null!==(e=e.child))for(aD(e,t,r),e=e.sibling;null!==e;)aD(e,t,r),e=e.sibling}var aB=!1,aN=!1,aG=!1,aW="function"==typeof WeakSet?WeakSet:Set,aM=null,aU=!1;function aF(e,t,r){var s=r.flags;switch(r.tag){case 0:case 11:case 15:a0(e,r),4&amp;s&amp;&amp;az(5,r);break;case 1:if(a0(e,r),4&amp;s){if(e=r.stateNode,null===t)try{e.componentDidMount()}catch(e){cm(r,r.return,e)}else{var n=iP(r.type,t.memoizedProps);t=t.memoizedState;try{e.componentDidUpdate(n,t,e.__reactInternalSnapshotBeforeUpdate)}catch(e){cm(r,r.return,e)}}}64&amp;s&amp;&amp;aI(r),512&amp;s&amp;&amp;a$(r,r.return);break;case 3:if(a0(e,r),64&amp;s&amp;&amp;null!==(s=r.updateQueue)){if(e=null,null!==r.child)switch(r.child.tag){case 27:case 5:case 1:e=r.child.stateNode}try{aT(s,e)}catch(e){cm(r,r.return,e)}}break;case 26:a0(e,r),512&amp;s&amp;&amp;a$(r,r.return);break;case 27:case 5:a0(e,r),null===t&amp;&amp;4&amp;s&amp;&amp;aE(r),512&amp;s&amp;&amp;a$(r,r.return);break;case 12:default:a0(e,r);break;case 13:a0(e,r),4&amp;s&amp;&amp;aJ(e,r);break;case 22:if(!(n=null!==r.memoizedState||aB)){t=null!==t&amp;&amp;null!==t.memoizedState||aN;var i=aB,a=aN;aB=n,(aN=t)&amp;&amp;!a?function e(t,r,s){for(s=s&amp;&amp;0!=(8772&amp;r.subtreeFlags),r=r.child;null!==r;){var n=r.alternate,i=t,a=r,o=a.flags;switch(a.tag){case 0:case 11:case 15:e(i,a,s),az(4,a);break;case 1:if(e(i,a,s),"function"==typeof(i=(n=a).stateNode).componentDidMount)try{i.componentDidMount()}catch(e){cm(n,n.return,e)}if(null!==(i=(n=a).updateQueue)){var c=n.stateNode;try{var p=i.shared.hiddenCallbacks;if(null!==p)for(i.shared.hiddenCallbacks=null,i=0;i&lt;p.length;i++)ak(p[i],c)}catch(e){cm(n,n.return,e)}}s&amp;&amp;64&amp;o&amp;&amp;aI(a),a$(a,a.return);break;case 26:case 27:case 5:e(i,a,s),s&amp;&amp;null===n&amp;&amp;4&amp;o&amp;&amp;aE(a),a$(a,a.return);break;case 12:default:e(i,a,s);break;case 13:e(i,a,s),s&amp;&amp;4&amp;o&amp;&amp;aJ(i,a);break;case 22:null===a.memoizedState&amp;&amp;e(i,a,s),a$(a,a.return)}r=r.sibling}}(e,r,0!=(8772&amp;r.subtreeFlags)):a0(e,r),aB=i,aN=a}512&amp;s&amp;&amp;("manual"===r.memoizedProps.mode?a$(r,r.return):aR(r,r.return))}}var aH=null,aV=!1;function aQ(e,t,r){for(r=r.child;null!==r;)aK(e,t,r),r=r.sibling}function aK(e,t,r){if(ey&amp;&amp;"function"==typeof ey.onCommitFiberUnmount)try{ey.onCommitFiberUnmount(ef,r)}catch(e){}switch(r.tag){case 26:aN||aR(r,t),aQ(e,t,r),r.memoizedState?r.memoizedState.count--:r.stateNode&amp;&amp;(r=r.stateNode).parentNode.removeChild(r);break;case 27:aN||aR(r,t);var s=aH,n=aV;for(aH=r.stateNode,aQ(e,t,r),t=(r=r.stateNode).attributes;t.length;)r.removeAttributeNode(t[0]);eU(r),aH=s,aV=n;break;case 5:aN||aR(r,t);case 6:n=aH;var i=aV;if(aH=null,aQ(e,t,r),aH=n,aV=i,null!==aH){if(aV)try{e=aH,s=r.stateNode,8===e.nodeType?e.parentNode.removeChild(s):e.removeChild(s)}catch(e){cm(r,t,e)}else try{aH.removeChild(r.stateNode)}catch(e){cm(r,t,e)}}break;case 18:null!==aH&amp;&amp;(aV?(t=aH,r=r.stateNode,8===t.nodeType?pi(t.parentNode,r):1===t.nodeType&amp;&amp;pi(t,r),di(t)):pi(aH,r.stateNode));break;case 4:s=aH,n=aV,aH=r.stateNode.containerInfo,aV=!0,aQ(e,t,r),aH=s,aV=n;break;case 0:case 11:case 14:case 15:aN||aj(2,r,t),aN||aj(4,r,t),aQ(e,t,r);break;case 1:aN||(aR(r,t),"function"==typeof(s=r.stateNode).componentWillUnmount&amp;&amp;aP(r,t,s)),aQ(e,t,r);break;case 21:default:aQ(e,t,r);break;case 22:aN||aR(r,t),aN=(s=aN)||null!==r.memoizedState,aQ(e,t,r),aN=s}}function aJ(e,t){if(null===t.memoizedState&amp;&amp;null!==(e=t.alternate)&amp;&amp;null!==(e=e.memoizedState)&amp;&amp;null!==(e=e.dehydrated))try{di(e)}catch(e){cm(t,t.return,e)}}function aX(e,t){var r=function(e){switch(e.tag){case 13:case 19:var t=e.stateNode;return null===t&amp;&amp;(t=e.stateNode=new aW),t;case 22:return null===(t=(e=e.stateNode)._retryCache)&amp;&amp;(t=e._retryCache=new aW),t;default:throw Error(c(435,e.tag))}}(e);t.forEach(function(t){var s=cv.bind(null,e,t);r.has(t)||(r.add(t),t.then(s,s))})}function aY(e,t){var r=t.deletions;if(null!==r)for(var s=0;s&lt;r.length;s++){var n=r[s],i=e,a=t,o=a;e:for(;null!==o;){switch(o.tag){case 27:case 5:aH=o.stateNode,aV=!1;break e;case 3:case 4:aH=o.stateNode.containerInfo,aV=!0;break e}o=o.return}if(null===aH)throw Error(c(160));aK(i,a,n),aH=null,aV=!1,null!==(i=n.alternate)&amp;&amp;(i.return=null),n.return=null}if(13878&amp;t.subtreeFlags)for(t=t.child;null!==t;)a1(t,e),t=t.sibling}var aZ=null;function a1(e,t){var r=e.alternate,s=e.flags;switch(e.tag){case 0:case 11:case 14:case 15:aY(t,e),a2(e),4&amp;s&amp;&amp;(aj(3,e,e.return),az(3,e),aj(5,e,e.return));break;case 1:aY(t,e),a2(e),512&amp;s&amp;&amp;(aN||null===r||aR(r,r.return)),64&amp;s&amp;&amp;aB&amp;&amp;null!==(e=e.updateQueue)&amp;&amp;null!==(s=e.callbacks)&amp;&amp;(r=e.shared.hiddenCallbacks,e.shared.hiddenCallbacks=null===r?s:r.concat(s));break;case 26:var n=aZ;if(aY(t,e),a2(e),512&amp;s&amp;&amp;(aN||null===r||aR(r,r.return)),4&amp;s){var i=null!==r?r.memoizedState:null;if(s=e.memoizedState,null===r){if(null===s){if(null===e.stateNode){e:{s=e.type,r=e.memoizedProps,n=n.ownerDocument||n;t:switch(s){case"title":(!(i=n.getElementsByTagName("title")[0])||i[eM]||i[eC]||"http://www.w3.org/2000/svg"===i.namespaceURI||i.hasAttribute("itemprop"))&amp;&amp;(i=n.createElement(s),n.head.insertBefore(i,n.querySelector("head &gt; title"))),c0(i,s,r),i[eC]=e,eK(i),s=i;break e;case"link":var a=pT("link","href",n).get(s+(r.href||""));if(a){for(var o=0;o&lt;a.length;o++)if((i=a[o]).getAttribute("href")===(null==r.href?null:r.href)&amp;&amp;i.getAttribute("rel")===(null==r.rel?null:r.rel)&amp;&amp;i.getAttribute("title")===(null==r.title?null:r.title)&amp;&amp;i.getAttribute("crossorigin")===(null==r.crossOrigin?null:r.crossOrigin)){a.splice(o,1);break t}}c0(i=n.createElement(s),s,r),n.head.appendChild(i);break;case"meta":if(a=pT("meta","content",n).get(s+(r.content||""))){for(o=0;o&lt;a.length;o++)if((i=a[o]).getAttribute("content")===(null==r.content?null:""+r.content)&amp;&amp;i.getAttribute("name")===(null==r.name?null:r.name)&amp;&amp;i.getAttribute("property")===(null==r.property?null:r.property)&amp;&amp;i.getAttribute("http-equiv")===(null==r.httpEquiv?null:r.httpEquiv)&amp;&amp;i.getAttribute("charset")===(null==r.charSet?null:r.charSet)){a.splice(o,1);break t}}c0(i=n.createElement(s),s,r),n.head.appendChild(i);break;default:throw Error(c(468,s))}i[eC]=e,eK(i),s=i}e.stateNode=s}else pz(n,e.type,e.stateNode)}else e.stateNode=pS(n,s,e.memoizedProps)}else i!==s?(null===i?null!==r.stateNode&amp;&amp;(r=r.stateNode).parentNode.removeChild(r):i.count--,null===s?pz(n,e.type,e.stateNode):pS(n,s,e.memoizedProps)):null===s&amp;&amp;null!==e.stateNode&amp;&amp;aO(e,e.memoizedProps,r.memoizedProps)}break;case 27:if(4&amp;s&amp;&amp;null===e.alternate){n=e.stateNode,i=e.memoizedProps;try{for(var p=n.firstChild;p;){var d=p.nextSibling,u=p.nodeName;p[eM]||"HEAD"===u||"BODY"===u||"SCRIPT"===u||"STYLE"===u||"LINK"===u&amp;&amp;"stylesheet"===p.rel.toLowerCase()||n.removeChild(p),p=d}for(var l=e.type,m=n.attributes;m.length;)n.removeAttributeNode(m[0]);c0(n,l,i),n[eC]=e,n[eL]=i}catch(t){cm(e,e.return,t)}}case 5:if(aY(t,e),a2(e),512&amp;s&amp;&amp;(aN||null===r||aR(r,r.return)),32&amp;e.flags){n=e.stateNode;try{td(n,"")}catch(t){cm(e,e.return,t)}}4&amp;s&amp;&amp;null!=e.stateNode&amp;&amp;(n=e.memoizedProps,aO(e,n,null!==r?r.memoizedProps:n)),1024&amp;s&amp;&amp;(aG=!0);break;case 6:if(aY(t,e),a2(e),4&amp;s){if(null===e.stateNode)throw Error(c(162));s=e.memoizedProps,r=e.stateNode;try{r.nodeValue=s}catch(t){cm(e,e.return,t)}}break;case 3:if(pk=null,n=aZ,aZ=pl(t.containerInfo),aY(t,e),aZ=n,a2(e),4&amp;s&amp;&amp;null!==r&amp;&amp;r.memoizedState.isDehydrated)try{di(t.containerInfo)}catch(t){cm(e,e.return,t)}aG&amp;&amp;(aG=!1,function e(t){if(1024&amp;t.subtreeFlags)for(t=t.child;null!==t;){var r=t;e(r),5===r.tag&amp;&amp;1024&amp;r.flags&amp;&amp;r.stateNode.reset(),t=t.sibling}}(e));break;case 4:s=aZ,aZ=pl(e.stateNode.containerInfo),aY(t,e),a2(e),aZ=s;break;case 12:default:aY(t,e),a2(e);break;case 13:aY(t,e),a2(e),8192&amp;e.child.flags&amp;&amp;null!==e.memoizedState!=(null!==r&amp;&amp;null!==r.memoizedState)&amp;&amp;(oW=eo()),4&amp;s&amp;&amp;null!==(s=e.updateQueue)&amp;&amp;(e.updateQueue=null,aX(e,s));break;case 22:if(512&amp;s&amp;&amp;(aN||null===r||aR(r,r.return)),p=null!==e.memoizedState,d=null!==r&amp;&amp;null!==r.memoizedState,u=aB,l=aN,aB=u||p,aN=l||d,aY(t,e),aN=l,aB=u,a2(e),(t=e.stateNode)._current=e,t._visibility&amp;=-3,t._visibility|=2&amp;t._pendingVisibility,8192&amp;s&amp;&amp;(t._visibility=p?-2&amp;t._visibility:1|t._visibility,p&amp;&amp;(t=aB||aN,null===r||d||t||function e(t){for(t=t.child;null!==t;){var r=t;switch(r.tag){case 0:case 11:case 14:case 15:aj(4,r,r.return),e(r);break;case 1:aR(r,r.return);var s=r.stateNode;"function"==typeof s.componentWillUnmount&amp;&amp;aP(r,r.return,s),e(r);break;case 26:case 27:case 5:aR(r,r.return),e(r);break;case 22:aR(r,r.return),null===r.memoizedState&amp;&amp;e(r);break;default:e(r)}t=t.sibling}}(e)),null===e.memoizedProps||"manual"!==e.memoizedProps.mode))e:for(r=null,t=e;;){if(5===t.tag||26===t.tag||27===t.tag){if(null===r){d=r=t;try{if(n=d.stateNode,p)i=n.style,"function"==typeof i.setProperty?i.setProperty("display","none","important"):i.display="none";else{a=d.stateNode;var h=null!=(o=d.memoizedProps.style)&amp;&amp;o.hasOwnProperty("display")?o.display:null;a.style.display=null==h||"boolean"==typeof h?"":(""+h).trim()}}catch(e){cm(d,d.return,e)}}}else if(6===t.tag){if(null===r){d=t;try{d.stateNode.nodeValue=p?"":d.memoizedProps}catch(e){cm(d,d.return,e)}}}else if((22!==t.tag&amp;&amp;23!==t.tag||null===t.memoizedState||t===e)&amp;&amp;null!==t.child){t.child.return=t,t=t.child;continue}if(t===e)break;for(;null===t.sibling;){if(null===t.return||t.return===e)break e;r===t&amp;&amp;(r=null),t=t.return}r===t&amp;&amp;(r=null),t.sibling.return=t.return,t=t.sibling}4&amp;s&amp;&amp;null!==(s=e.updateQueue)&amp;&amp;null!==(r=s.retryQueue)&amp;&amp;(s.retryQueue=null,aX(e,r));break;case 19:aY(t,e),a2(e),4&amp;s&amp;&amp;null!==(s=e.updateQueue)&amp;&amp;(e.updateQueue=null,aX(e,s));case 21:}}function a2(e){var t=e.flags;if(2&amp;t){try{if(27!==e.tag){e:{for(var r=e.return;null!==r;){if(aC(r)){var s=r;break e}r=r.return}throw Error(c(160))}switch(s.tag){case 27:var n=s.stateNode,i=aL(e);aD(e,i,n);break;case 5:var a=s.stateNode;32&amp;s.flags&amp;&amp;(td(a,""),s.flags&amp;=-33);var o=aL(e);aD(e,o,a);break;case 3:case 4:var p=s.stateNode.containerInfo,d=aL(e);!function e(t,r,s){var n=t.tag;if(5===n||6===n)t=t.stateNode,r?8===s.nodeType?s.parentNode.insertBefore(t,r):s.insertBefore(t,r):(8===s.nodeType?(r=s.parentNode).insertBefore(t,s):(r=s).appendChild(t),null!=(s=s._reactRootContainer)||null!==r.onclick||(r.onclick=cZ));else if(4!==n&amp;&amp;27!==n&amp;&amp;null!==(t=t.child))for(e(t,r,s),t=t.sibling;null!==t;)e(t,r,s),t=t.sibling}(e,d,p);break;default:throw Error(c(161))}}}catch(t){cm(e,e.return,t)}e.flags&amp;=-3}4096&amp;t&amp;&amp;(e.flags&amp;=-4097)}function a0(e,t){if(8772&amp;t.subtreeFlags)for(t=t.child;null!==t;)aF(e,t.alternate,t),t=t.sibling}function a4(e,t){var r=null;null!==e&amp;&amp;null!==e.memoizedState&amp;&amp;null!==e.memoizedState.cachePool&amp;&amp;(r=e.memoizedState.cachePool.pool),e=null,null!==t.memoizedState&amp;&amp;null!==t.memoizedState.cachePool&amp;&amp;(e=t.memoizedState.cachePool.pool),e!==r&amp;&amp;(null!=e&amp;&amp;e.refCount++,null!=r&amp;&amp;s8(r))}function a8(e,t){e=null,null!==t.alternate&amp;&amp;(e=t.alternate.memoizedState.cache),(t=t.memoizedState.cache)!==e&amp;&amp;(t.refCount++,null!=e&amp;&amp;s8(e))}function a6(e,t,r,s){if(10256&amp;t.subtreeFlags)for(t=t.child;null!==t;)a9(e,t,r,s),t=t.sibling}function a9(e,t,r,s){var n=t.flags;switch(t.tag){case 0:case 11:case 15:a6(e,t,r,s),2048&amp;n&amp;&amp;az(9,t);break;case 3:a6(e,t,r,s),2048&amp;n&amp;&amp;(e=null,null!==t.alternate&amp;&amp;(e=t.alternate.memoizedState.cache),(t=t.memoizedState.cache)!==e&amp;&amp;(t.refCount++,null!=e&amp;&amp;s8(e)));break;case 12:if(2048&amp;n){a6(e,t,r,s),e=t.stateNode;try{var i=t.memoizedProps,a=i.id,o=i.onPostCommit;"function"==typeof o&amp;&amp;o(a,null===t.alternate?"mount":"update",e.passiveEffectDuration,-0)}catch(e){cm(t,t.return,e)}}else a6(e,t,r,s);break;case 23:break;case 22:i=t.stateNode,null!==t.memoizedState?4&amp;i._visibility?a6(e,t,r,s):a7(e,t):4&amp;i._visibility?a6(e,t,r,s):(i._visibility|=4,function e(t,r,s,n,i){for(i=i&amp;&amp;0!=(10256&amp;r.subtreeFlags),r=r.child;null!==r;){var a=r,o=a.flags;switch(a.tag){case 0:case 11:case 15:e(t,a,s,n,i),az(8,a);break;case 23:break;case 22:var c=a.stateNode;null!==a.memoizedState?4&amp;c._visibility?e(t,a,s,n,i):a7(t,a):(c._visibility|=4,e(t,a,s,n,i)),i&amp;&amp;2048&amp;o&amp;&amp;a4(a.alternate,a);break;case 24:e(t,a,s,n,i),i&amp;&amp;2048&amp;o&amp;&amp;a8(a.alternate,a);break;default:e(t,a,s,n,i)}r=r.sibling}}(e,t,r,s,0!=(10256&amp;t.subtreeFlags))),2048&amp;n&amp;&amp;a4(t.alternate,t);break;case 24:a6(e,t,r,s),2048&amp;n&amp;&amp;a8(t.alternate,t);break;default:a6(e,t,r,s)}}function a7(e,t){if(10256&amp;t.subtreeFlags)for(t=t.child;null!==t;){var r=t,s=r.flags;switch(r.tag){case 22:a7(e,r),2048&amp;s&amp;&amp;a4(r.alternate,r);break;case 24:a7(e,r),2048&amp;s&amp;&amp;a8(r.alternate,r);break;default:a7(e,r)}t=t.sibling}}var a3=8192;function a5(e){if(e.subtreeFlags&amp;a3)for(e=e.child;null!==e;)oe(e),e=e.sibling}function oe(e){switch(e.tag){case 26:a5(e),e.flags&amp;a3&amp;&amp;null!==e.memoizedState&amp;&amp;function(e,t,r){if(null===pI)throw Error(c(475));var s=pI;if("stylesheet"===t.type&amp;&amp;("string"!=typeof r.media||!1!==matchMedia(r.media).matches)&amp;&amp;0==(4&amp;t.state.loading)){if(null===t.instance){var n=py(r.href),i=e.querySelector(pv(n));if(i){null!==(e=i._p)&amp;&amp;"object"==typeof e&amp;&amp;"function"==typeof e.then&amp;&amp;(s.count++,s=p$.bind(s),e.then(s,s)),t.state.loading|=4,t.instance=i,eK(i);return}i=e.ownerDocument||e,r=pb(r),(n=pd.get(n))&amp;&amp;pA(r,n),eK(i=i.createElement("link"));var a=i;a._p=new Promise(function(e,t){a.onload=e,a.onerror=t}),c0(i,"link",r),t.instance=i}null===s.stylesheets&amp;&amp;(s.stylesheets=new Map),s.stylesheets.set(t,e),(e=t.state.preload)&amp;&amp;0==(3&amp;t.state.loading)&amp;&amp;(s.count++,t=p$.bind(s),e.addEventListener("load",t),e.addEventListener("error",t))}}(aZ,e.memoizedState,e.memoizedProps);break;case 5:default:a5(e);break;case 3:case 4:var t=aZ;aZ=pl(e.stateNode.containerInfo),a5(e),aZ=t;break;case 22:null===e.memoizedState&amp;&amp;(null!==(t=e.alternate)&amp;&amp;null!==t.memoizedState?(t=a3,a3=0x1000000,a5(e),a3=t):a5(e))}}function ot(e){var t=e.alternate;if(null!==t&amp;&amp;null!==(e=t.child)){t.child=null;do t=e.sibling,e.sibling=null,e=t;while(null!==e)}}function or(e){var t=e.deletions;if(0!=(16&amp;e.flags)){if(null!==t)for(var r=0;r&lt;t.length;r++){var s=t[r];aM=s,on(s,e)}ot(e)}if(10256&amp;e.subtreeFlags)for(e=e.child;null!==e;)os(e),e=e.sibling}function os(e){switch(e.tag){case 0:case 11:case 15:or(e),2048&amp;e.flags&amp;&amp;aj(9,e,e.return);break;case 3:case 12:default:or(e);break;case 22:var t=e.stateNode;null!==e.memoizedState&amp;&amp;4&amp;t._visibility&amp;&amp;(null===e.return||13!==e.return.tag)?(t._visibility&amp;=-5,function e(t){var r=t.deletions;if(0!=(16&amp;t.flags)){if(null!==r)for(var s=0;s&lt;r.length;s++){var n=r[s];aM=n,on(n,t)}ot(t)}for(t=t.child;null!==t;){switch((r=t).tag){case 0:case 11:case 15:aj(8,r,r.return),e(r);break;case 22:4&amp;(s=r.stateNode)._visibility&amp;&amp;(s._visibility&amp;=-5,e(r));break;default:e(r)}t=t.sibling}}(e)):or(e)}}function on(e,t){for(;null!==aM;){var r=aM;switch(r.tag){case 0:case 11:case 15:aj(8,r,t);break;case 23:case 22:if(null!==r.memoizedState&amp;&amp;null!==r.memoizedState.cachePool){var s=r.memoizedState.cachePool.pool;null!=s&amp;&amp;s.refCount++}break;case 24:s8(r.memoizedState.cache)}if(null!==(s=r.child))s.return=r,aM=s;else for(r=e;null!==aM;){var n=(s=aM).sibling,i=s.return;if(!function e(t){var r=t.alternate;null!==r&amp;&amp;(t.alternate=null,e(r)),t.child=null,t.deletions=null,t.sibling=null,5===t.tag&amp;&amp;null!==(r=t.stateNode)&amp;&amp;eU(r),t.stateNode=null,t.return=null,t.dependencies=null,t.memoizedProps=null,t.memoizedState=null,t.pendingProps=null,t.stateNode=null,t.updateQueue=null}(s),s===r){aM=null;break}if(null!==n){n.return=i,aM=n;break}aM=i}}}function oi(e,t,r,s){this.tag=e,this.key=r,this.sibling=this.child=this.return=this.stateNode=this.type=this.elementType=null,this.index=0,this.refCleanup=this.ref=null,this.pendingProps=t,this.dependencies=this.memoizedState=this.updateQueue=this.memoizedProps=null,this.mode=s,this.subtreeFlags=this.flags=0,this.deletions=null,this.childLanes=this.lanes=0,this.alternate=null}function oa(e,t,r,s){return new oi(e,t,r,s)}function oo(e){return!(!(e=e.prototype)||!e.isReactComponent)}function oc(e,t){var r=e.alternate;return null===r?((r=oa(e.tag,t,e.key,e.mode)).elementType=e.elementType,r.type=e.type,r.stateNode=e.stateNode,r.alternate=e,e.alternate=r):(r.pendingProps=t,r.type=e.type,r.flags=0,r.subtreeFlags=0,r.deletions=null),r.flags=0x1e00000&amp;e.flags,r.childLanes=e.childLanes,r.lanes=e.lanes,r.child=e.child,r.memoizedProps=e.memoizedProps,r.memoizedState=e.memoizedState,r.updateQueue=e.updateQueue,t=e.dependencies,r.dependencies=null===t?null:{lanes:t.lanes,firstContext:t.firstContext},r.sibling=e.sibling,r.index=e.index,r.ref=e.ref,r.refCleanup=e.refCleanup,r}function op(e,t){e.flags&amp;=0x1e00002;var r=e.alternate;return null===r?(e.childLanes=0,e.lanes=t,e.child=null,e.subtreeFlags=0,e.memoizedProps=null,e.memoizedState=null,e.updateQueue=null,e.dependencies=null,e.stateNode=null):(e.childLanes=r.childLanes,e.lanes=r.lanes,e.child=r.child,e.subtreeFlags=0,e.deletions=null,e.memoizedProps=r.memoizedProps,e.memoizedState=r.memoizedState,e.updateQueue=r.updateQueue,e.type=r.type,t=r.dependencies,e.dependencies=null===t?null:{lanes:t.lanes,firstContext:t.firstContext}),e}function od(e,t,r,s,n,i){var a=0;if(s=e,"function"==typeof e)oo(e)&amp;&amp;(a=1);else if("string"==typeof e)a=!function(e,t,r){if(1===r||null!=t.itemProp)return!1;switch(e){case"meta":case"title":return!0;case"style":if("string"!=typeof t.precedence||"string"!=typeof t.href||""===t.href)break;return!0;case"link":if("string"!=typeof t.rel||"string"!=typeof t.href||""===t.href||t.onLoad||t.onError)break;if("stylesheet"===t.rel)return e=t.disabled,"string"==typeof t.precedence&amp;&amp;null==e;return!0;case"script":if(t.async&amp;&amp;"function"!=typeof t.async&amp;&amp;"symbol"!=typeof t.async&amp;&amp;!t.onLoad&amp;&amp;!t.onError&amp;&amp;t.src&amp;&amp;"string"==typeof t.src)return!0}return!1}(e,r,Q.current)?"html"===e||"head"===e||"body"===e?27:5:26;else e:switch(e){case m:return ou(r.children,n,i,t);case h:a=8,n|=24;break;case g:return(e=oa(12,r,t,2|n)).elementType=g,e.lanes=i,e;case w:return(e=oa(13,r,t,n)).elementType=w,e.lanes=i,e;case x:return(e=oa(19,r,t,n)).elementType=x,e.lanes=i,e;case A:return ol(r,n,i,t);default:if("object"==typeof e&amp;&amp;null!==e)switch(e.$$typeof){case f:case v:a=10;break e;case y:a=9;break e;case b:a=11;break e;case S:a=14;break e;case _:a=16,s=null;break e}a=29,r=Error(c(130,null===e?"null":typeof e,"")),s=null}return(t=oa(a,r,t,n)).elementType=e,t.type=s,t.lanes=i,t}function ou(e,t,r,s){return(e=oa(7,e,s,t)).lanes=r,e}function ol(e,t,r,s){(e=oa(22,e,s,t)).elementType=A,e.lanes=r;var n={_visibility:1,_pendingVisibility:1,_pendingMarkers:null,_retryCache:null,_transitions:null,_current:null,detach:function(){var e=n._current;if(null===e)throw Error(c(456));if(0==(2&amp;n._pendingVisibility)){var t=r0(e,2);null!==t&amp;&amp;(n._pendingVisibility|=2,o2(t,e,2))}},attach:function(){var e=n._current;if(null===e)throw Error(c(456));if(0!=(2&amp;n._pendingVisibility)){var t=r0(e,2);null!==t&amp;&amp;(n._pendingVisibility&amp;=-3,o2(t,e,2))}}};return e.stateNode=n,e}function om(e,t,r){return(e=oa(6,e,null,t)).lanes=r,e}function oh(e,t,r){return(t=oa(4,null!==e.children?e.children:[],e.key,t)).lanes=r,t.stateNode={containerInfo:e.containerInfo,pendingChildren:null,implementation:e.implementation},t}function og(e){e.flags|=4}function of(e,t){if("stylesheet"!==t.type||0!=(4&amp;t.state.loading))e.flags&amp;=-0x1000001;else if(e.flags|=0x1000000,!pj(t)){if(null!==(t=sF.current)&amp;&amp;((4194176&amp;ok)===ok?null!==sH:(0x3c00000&amp;ok)!==ok&amp;&amp;0==(0x20000000&amp;ok)||t!==sH))throw sj=sq,sA;e.flags|=8192}}function oy(e,t){null!==t&amp;&amp;(e.flags|=4),16384&amp;e.flags&amp;&amp;(t=22!==e.tag?ez():0x20000000,e.lanes|=t,oD|=t)}function ov(e,t){if(!sm)switch(e.tailMode){case"hidden":t=e.tail;for(var r=null;null!==t;)null!==t.alternate&amp;&amp;(r=t),t=t.sibling;null===r?e.tail=null:r.sibling=null;break;case"collapsed":r=e.tail;for(var s=null;null!==r;)null!==r.alternate&amp;&amp;(s=r),r=r.sibling;null===s?t||null===e.tail?e.tail=null:e.tail.sibling=null:s.sibling=null}}function ob(e){var t=null!==e.alternate&amp;&amp;e.alternate.child===e.child,r=0,s=0;if(t)for(var n=e.child;null!==n;)r|=n.lanes|n.childLanes,s|=0x1e00000&amp;n.subtreeFlags,s|=0x1e00000&amp;n.flags,n.return=e,n=n.sibling;else for(n=e.child;null!==n;)r|=n.lanes|n.childLanes,s|=n.subtreeFlags,s|=n.flags,n.return=e,n=n.sibling;return e.subtreeFlags|=s,e.childLanes=r,t}function ow(e,t){switch(sd(t),t.tag){case 3:ao(s0),Z();break;case 26:case 27:case 5:et(t);break;case 4:Z();break;case 13:sJ(t);break;case 19:H(sX);break;case 10:ao(t.type);break;case 22:case 23:sJ(t),sU(),null!==e&amp;&amp;H(nt);break;case 24:ao(s0)}}var ox={getCacheForType:function(e){var t=am(s0),r=t.data.get(e);return void 0===r&amp;&amp;(r=e(),t.data.set(e,r)),r}},oS="function"==typeof WeakMap?WeakMap:Map,o_=0,oA=null,oq=null,ok=0,oT=0,oz=null,oj=!1,oI=!1,oP=!1,o$=0,oR=0,oE=0,oO=0,oC=0,oL=0,oD=0,oB=null,oN=null,oG=!1,oW=0,oM=1/0,oU=null,oF=null,oH=!1,oV=null,oQ=0,oK=0,oJ=null,oX=0,oY=null;function oZ(){if(0!=(2&amp;o_)&amp;&amp;0!==ok)return ok&amp;-ok;if(null!==P.T){var e=s7;return 0!==e?e:cP()}return eE()}function o1(){0===oL&amp;&amp;(oL=0==(0x20000000&amp;ok)||sm?eT():0x20000000);var e=sF.current;return null!==e&amp;&amp;(e.flags|=32),oL}function o2(e,t,r){(e===oA&amp;&amp;2===oT||null!==e.cancelPendingCommit)&amp;&amp;(o3(e,0),o6(e,ok,oL,!1)),eI(e,r),(0==(2&amp;o_)||e!==oA)&amp;&amp;(e===oA&amp;&amp;(0==(2&amp;o_)&amp;&amp;(oO|=r),4===oR&amp;&amp;o6(e,ok,oL,!1)),cq(e))}function o0(e,t,r){if(0!=(6&amp;o_))throw Error(c(327));for(var s=!r&amp;&amp;0==(60&amp;t)&amp;&amp;0==(t&amp;e.expiredLanes)||ek(e,t),n=s?function(e,t){var r=o_;o_|=2;var s=ce(),n=ct();oA!==e||ok!==t?(oU=null,oM=eo()+500,o3(e,t)):oI=ek(e,t);e:for(;;)try{if(0!==oT&amp;&amp;null!==oq){t=oq;var i=oz;t:switch(oT){case 1:oT=0,oz=null,ca(e,t,i,1);break;case 2:if(sk(i)){oT=0,oz=null,ci(t);break}t=function(){2===oT&amp;&amp;oA===e&amp;&amp;(oT=7),cq(e)},i.then(t,t);break e;case 3:oT=7;break e;case 4:oT=5;break e;case 7:sk(i)?(oT=0,oz=null,ci(t)):(oT=0,oz=null,ca(e,t,i,7));break;case 5:var a=null;switch(oq.tag){case 26:a=oq.memoizedState;case 5:case 27:var o=oq;if(a?pj(a):1){oT=0,oz=null;var p=o.sibling;if(null!==p)oq=p;else{var d=o.return;null!==d?(oq=d,co(d)):oq=null}break t}}oT=0,oz=null,ca(e,t,i,5);break;case 6:oT=0,oz=null,ca(e,t,i,6);break;case 8:o7(),oR=6;break e;default:throw Error(c(462))}}!function(){for(;null!==oq&amp;&amp;!ei();)cn(oq)}();break}catch(t){o5(e,t)}return(ai=an=null,P.H=s,P.A=n,o_=r,null!==oq)?0:(oA=null,ok=0,rZ(),oR)}(e,t):cs(e,t,!0),i=s;;){if(0===n)oI&amp;&amp;!s&amp;&amp;o6(e,t,0,!1);else if(6===n)o6(e,t,0,!oj);else{if(r=e.current.alternate,i&amp;&amp;!function(e){for(var t=e;;){var r=t.tag;if((0===r||11===r||15===r)&amp;&amp;16384&amp;t.flags&amp;&amp;null!==(r=t.updateQueue)&amp;&amp;null!==(r=r.stores))for(var s=0;s&lt;r.length;s++){var n=r[s],i=n.getSnapshot;n=n.value;try{if(!r_(i(),n))return!1}catch(e){return!1}}if(r=t.child,16384&amp;t.subtreeFlags&amp;&amp;null!==r)r.return=t,t=r;else{if(t===e)break;for(;null===t.sibling;){if(null===t.return||t.return===e)return!0;t=t.return}t.sibling.return=t.return,t=t.sibling}}return!0}(r)){n=cs(e,t,!1),i=!1;continue}if(2===n){if(i=t,e.errorRecoveryDisabledLanes&amp;i)var a=0;else a=0!=(a=-0x20000001&amp;e.pendingLanes)?a:0x20000000&amp;a?0x20000000:0;if(0!==a){t=a;e:{n=oB;var o=e.current.memoizedState.isDehydrated;if(o&amp;&amp;(o3(e,a).flags|=256),2!==(a=cs(e,a,!1))){if(oP&amp;&amp;!o){e.errorRecoveryDisabledLanes|=i,oO|=i,n=4;break e}i=oN,oN=n,null!==i&amp;&amp;o4(i)}n=a}if(i=!1,2!==n)continue}}if(1===n){o3(e,0),o6(e,t,0,!0);break}e:{switch(s=e,n){case 0:case 1:throw Error(c(345));case 4:if((4194176&amp;t)===t){o6(s,t,oL,!oj);break e}break;case 2:oN=null;break;case 3:case 5:break;default:throw Error(c(329))}if(s.finishedWork=r,s.finishedLanes=t,(0x3c00000&amp;t)===t&amp;&amp;10&lt;(i=oW+300-eo())){if(o6(s,t,oL,!oj),0!==eq(s,0))break e;s.timeoutHandle=pe(o8.bind(null,s,r,oN,oU,oG,t,oL,oO,oD,oj,2,-0,0),i);break e}o8(s,r,oN,oU,oG,t,oL,oO,oD,oj,0,-0,0)}}break}cq(e)}function o4(e){null===oN?oN=e:oN.push.apply(oN,e)}function o8(e,t,r,s,n,i,a,o,p,d,u,l,m){var h=t.subtreeFlags;if((8192&amp;h||0x1002000==(0x1002000&amp;h))&amp;&amp;(pI={stylesheets:null,count:0,unsuspend:pP},oe(t),null!==(t=function(){if(null===pI)throw Error(c(475));var e=pI;return e.stylesheets&amp;&amp;0===e.count&amp;&amp;pE(e,e.stylesheets),0&lt;e.count?function(t){var r=setTimeout(function(){if(e.stylesheets&amp;&amp;pE(e,e.stylesheets),e.unsuspend){var t=e.unsuspend;e.unsuspend=null,t()}},6e4);return e.unsuspend=t,function(){e.unsuspend=null,clearTimeout(r)}}:null}()))){e.cancelPendingCommit=t(cp.bind(null,e,r,s,n,a,o,p,1,l,m)),o6(e,i,a,!d);return}cp(e,r,s,n,a,o,p,u,l,m)}function o6(e,t,r,s){t&amp;=~oC,t&amp;=~oO,e.suspendedLanes|=t,e.pingedLanes&amp;=~t,s&amp;&amp;(e.warmLanes|=t),s=e.expirationTimes;for(var n=t;0&lt;n;){var i=31-eb(n),a=1&lt;&lt;i;s[i]=-1,n&amp;=~a}0!==r&amp;&amp;eP(e,r,t)}function o9(){return 0!=(6&amp;o_)||(ck(0,!1),!1)}function o7(){if(null!==oq){if(0===oT)var e=oq.return;else e=oq,ai=an=null,nA(e),sP=null,s$=0,e=oq;for(;null!==e;)ow(e.alternate,e),e=e.return;oq=null}}function o3(e,t){e.finishedWork=null,e.finishedLanes=0;var r=e.timeoutHandle;-1!==r&amp;&amp;(e.timeoutHandle=-1,pt(r)),null!==(r=e.cancelPendingCommit)&amp;&amp;(e.cancelPendingCommit=null,r()),o7(),oA=e,oq=r=oc(e.current,null),ok=t,oT=0,oz=null,oj=!1,oI=ek(e,t),oP=!1,oD=oL=oC=oO=oE=oR=0,oN=oB=null,oG=!1,0!=(8&amp;t)&amp;&amp;(t|=32&amp;t);var s=e.entangledLanes;if(0!==s)for(e=e.entanglements,s&amp;=t;0&lt;s;){var n=31-eb(s),i=1&lt;&lt;n;t|=e[n],s&amp;=~i}return o$=t,rZ(),r}function o5(e,t){na=null,P.H=i_,t===s_?(t=sI(),oT=3):t===sA?(t=sI(),oT=4):oT=t===iG?8:null!==t&amp;&amp;"object"==typeof t&amp;&amp;"function"==typeof t.then?6:1,oz=t,null===oq&amp;&amp;(oR=1,iC(e,r7(t,e.current)))}function ce(){var e=P.H;return P.H=i_,null===e?i_:e}function ct(){var e=P.A;return P.A=ox,e}function cr(){oR=4,oj||(4194176&amp;ok)!==ok&amp;&amp;null!==sF.current||(oI=!0),0==(0x7ffffff&amp;oE)&amp;&amp;0==(0x7ffffff&amp;oO)||null===oA||o6(oA,ok,oL,!1)}function cs(e,t,r){var s=o_;o_|=2;var n=ce(),i=ct();(oA!==e||ok!==t)&amp;&amp;(oU=null,o3(e,t)),t=!1;var a=oR;e:for(;;)try{if(0!==oT&amp;&amp;null!==oq){var o=oq,c=oz;switch(oT){case 8:o7(),a=6;break e;case 3:case 2:case 6:null===sF.current&amp;&amp;(t=!0);var p=oT;if(oT=0,oz=null,ca(e,o,c,p),r&amp;&amp;oI){a=0;break e}break;default:p=oT,oT=0,oz=null,ca(e,o,c,p)}}(function(){for(;null!==oq;)cn(oq)})(),a=oR;break}catch(t){o5(e,t)}return t&amp;&amp;e.shellSuspendCounter++,ai=an=null,o_=s,P.H=n,P.A=i,null===oq&amp;&amp;(oA=null,ok=0,rZ()),a}function cn(e){var t=ar(e.alternate,e,o$);e.memoizedProps=e.pendingProps,null===t?co(e):oq=t}function ci(e){var t=e,r=t.alternate;switch(t.tag){case 15:case 0:t=iX(r,t,t.pendingProps,t.type,void 0,ok);break;case 11:t=iX(r,t,t.pendingProps,t.type.render,t.ref,ok);break;case 5:nA(t);default:ow(r,t),t=ar(r,t=oq=op(t,o$),o$)}e.memoizedProps=e.pendingProps,null===t?co(e):oq=t}function ca(e,t,r,s){ai=an=null,nA(t),sP=null,s$=0;var n=t.return;try{if(function(e,t,r,s,n){if(r.flags|=32768,null!==s&amp;&amp;"object"==typeof s&amp;&amp;"function"==typeof s.then){if(null!==(t=r.alternate)&amp;&amp;ad(t,r,n,!0),null!==(r=sF.current)){switch(r.tag){case 13:return null===sH?cr():null===r.alternate&amp;&amp;0===oR&amp;&amp;(oR=3),r.flags&amp;=-257,r.flags|=65536,r.lanes=n,s===sq?r.flags|=16384:(null===(t=r.updateQueue)?r.updateQueue=new Set([s]):t.add(s),ch(e,s,n)),!1;case 22:return r.flags|=65536,s===sq?r.flags|=16384:(null===(t=r.updateQueue)?(t={transitions:null,markerInstances:null,retryQueue:new Set([s])},r.updateQueue=t):null===(r=t.retryQueue)?t.retryQueue=new Set([s]):r.add(s),ch(e,s,n)),!1}throw Error(c(435,r.tag))}return ch(e,s,n),cr(),!1}if(sm)return null!==(t=sF.current)?(0==(65536&amp;t.flags)&amp;&amp;(t.flags|=256),t.flags|=65536,t.lanes=n,s!==sf&amp;&amp;sS(r7(e=Error(c(422),{cause:s}),r))):(s!==sf&amp;&amp;sS(r7(t=Error(c(423),{cause:s}),r)),e=e.current.alternate,e.flags|=65536,n&amp;=-n,e.lanes|=n,s=r7(s,r),n=iD(e.stateNode,s,n),aS(e,n),4!==oR&amp;&amp;(oR=2)),!1;var i=Error(c(520),{cause:s});if(i=r7(i,r),null===oB?oB=[i]:oB.push(i),4!==oR&amp;&amp;(oR=2),null===t)return!0;s=r7(s,r),r=t;do{switch(r.tag){case 3:return r.flags|=65536,e=n&amp;-n,r.lanes|=e,e=iD(r.stateNode,s,e),aS(r,e),!1;case 1:if(t=r.type,i=r.stateNode,0==(128&amp;r.flags)&amp;&amp;("function"==typeof t.getDerivedStateFromError||null!==i&amp;&amp;"function"==typeof i.componentDidCatch&amp;&amp;(null===oF||!oF.has(i))))return r.flags|=65536,n&amp;=-n,r.lanes|=n,iN(n=iB(n),e,r,s),aS(r,n),!1}r=r.return}while(null!==r);return!1}(e,n,t,r,ok)){oR=1,iC(e,r7(r,e.current)),oq=null;return}}catch(t){if(null!==n)throw oq=n,t;oR=1,iC(e,r7(r,e.current)),oq=null;return}32768&amp;t.flags?(sm||1===s?e=!0:oI||0!=(0x20000000&amp;ok)?e=!1:(oj=e=!0,(2===s||3===s||6===s)&amp;&amp;null!==(s=sF.current)&amp;&amp;13===s.tag&amp;&amp;(s.flags|=16384)),cc(t,e)):co(t)}function co(e){var t=e;do{if(0!=(32768&amp;t.flags)){cc(t,oj);return}e=t.return;var r=function(e,t,r){var s=t.pendingProps;switch(sd(t),t.tag){case 16:case 15:case 0:case 11:case 7:case 8:case 12:case 9:case 14:case 1:return ob(t),null;case 3:return r=t.stateNode,s=null,null!==e&amp;&amp;(s=e.memoizedState.cache),t.memoizedState.cache!==s&amp;&amp;(t.flags|=2048),ao(s0),Z(),r.pendingContext&amp;&amp;(r.context=r.pendingContext,r.pendingContext=null),(null===e||null===e.child)&amp;&amp;(sw(t)?og(t):null===e||e.memoizedState.isDehydrated&amp;&amp;0==(256&amp;t.flags)||(t.flags|=1024,null!==sh&amp;&amp;(o4(sh),sh=null))),ob(t),null;case 26:return r=t.memoizedState,null===e?(og(t),null!==r?(ob(t),of(t,r)):(ob(t),t.flags&amp;=-0x1000001)):r?r!==e.memoizedState?(og(t),ob(t),of(t,r)):(ob(t),t.flags&amp;=-0x1000001):(e.memoizedProps!==s&amp;&amp;og(t),ob(t),t.flags&amp;=-0x1000001),null;case 27:et(t),r=J.current;var n=t.type;if(null!==e&amp;&amp;null!=t.stateNode)e.memoizedProps!==s&amp;&amp;og(t);else{if(!s){if(null===t.stateNode)throw Error(c(166));return ob(t),null}e=Q.current,sw(t)?sv(t,e):(e=pp(n,s,r),t.stateNode=e,og(t))}return ob(t),null;case 5:if(et(t),r=t.type,null!==e&amp;&amp;null!=t.stateNode)e.memoizedProps!==s&amp;&amp;og(t);else{if(!s){if(null===t.stateNode)throw Error(c(166));return ob(t),null}if(e=Q.current,sw(t))sv(t,e);else{switch(n=c6(J.current),e){case 1:e=n.createElementNS("http://www.w3.org/2000/svg",r);break;case 2:e=n.createElementNS("http://www.w3.org/1998/Math/MathML",r);break;default:switch(r){case"svg":e=n.createElementNS("http://www.w3.org/2000/svg",r);break;case"math":e=n.createElementNS("http://www.w3.org/1998/Math/MathML",r);break;case"script":(e=n.createElement("div")).innerHTML="&lt;script&gt;&lt;\/script&gt;",e=e.removeChild(e.firstChild);break;case"select":e="string"==typeof s.is?n.createElement("select",{is:s.is}):n.createElement("select"),s.multiple?e.multiple=!0:s.size&amp;&amp;(e.size=s.size);break;default:e="string"==typeof s.is?n.createElement(r,{is:s.is}):n.createElement(r)}}e[eC]=t,e[eL]=s;e:for(n=t.child;null!==n;){if(5===n.tag||6===n.tag)e.appendChild(n.stateNode);else if(4!==n.tag&amp;&amp;27!==n.tag&amp;&amp;null!==n.child){n.child.return=n,n=n.child;continue}if(n===t)break;for(;null===n.sibling;){if(null===n.return||n.return===t)break e;n=n.return}n.sibling.return=n.return,n=n.sibling}switch(t.stateNode=e,c0(e,r,s),r){case"button":case"input":case"select":case"textarea":e=!!s.autoFocus;break;case"img":e=!0;break;default:e=!1}e&amp;&amp;og(t)}}return ob(t),t.flags&amp;=-0x1000001,null;case 6:if(e&amp;&amp;null!=t.stateNode)e.memoizedProps!==s&amp;&amp;og(t);else{if("string"!=typeof s&amp;&amp;null===t.stateNode)throw Error(c(166));if(e=J.current,sw(t)){if(e=t.stateNode,r=t.memoizedProps,s=null,null!==(n=su))switch(n.tag){case 27:case 5:s=n.memoizedProps}e[eC]=t,(e=!!(e.nodeValue===r||null!==s&amp;&amp;!0===s.suppressHydrationWarning||cY(e.nodeValue,r)))||sy(t)}else(e=c6(e).createTextNode(s))[eC]=t,t.stateNode=e}return ob(t),null;case 13:if(s=t.memoizedState,null===e||null!==e.memoizedState&amp;&amp;null!==e.memoizedState.dehydrated){if(n=sw(t),null!==s&amp;&amp;null!==s.dehydrated){if(null===e){if(!n)throw Error(c(318));if(!(n=null!==(n=t.memoizedState)?n.dehydrated:null))throw Error(c(317));n[eC]=t}else sx(),0==(128&amp;t.flags)&amp;&amp;(t.memoizedState=null),t.flags|=4;ob(t),n=!1}else null!==sh&amp;&amp;(o4(sh),sh=null),n=!0;if(!n){if(256&amp;t.flags)return sJ(t),t;return sJ(t),null}}if(sJ(t),0!=(128&amp;t.flags))return t.lanes=r,t;if(r=null!==s,e=null!==e&amp;&amp;null!==e.memoizedState,r){s=t.child,n=null,null!==s.alternate&amp;&amp;null!==s.alternate.memoizedState&amp;&amp;null!==s.alternate.memoizedState.cachePool&amp;&amp;(n=s.alternate.memoizedState.cachePool.pool);var i=null;null!==s.memoizedState&amp;&amp;null!==s.memoizedState.cachePool&amp;&amp;(i=s.memoizedState.cachePool.pool),i!==n&amp;&amp;(s.flags|=2048)}return r!==e&amp;&amp;r&amp;&amp;(t.child.flags|=8192),oy(t,t.updateQueue),ob(t),null;case 4:return Z(),null===e&amp;&amp;cW(t.stateNode.containerInfo),ob(t),null;case 10:return ao(t.type),ob(t),null;case 19:if(H(sX),null===(n=t.memoizedState))return ob(t),null;if(s=0!=(128&amp;t.flags),null===(i=n.rendering)){if(s)ov(n,!1);else{if(0!==oR||null!==e&amp;&amp;0!=(128&amp;e.flags))for(e=t.child;null!==e;){if(null!==(i=sY(e))){for(t.flags|=128,ov(n,!1),e=i.updateQueue,t.updateQueue=e,oy(t,e),t.subtreeFlags=0,e=r,r=t.child;null!==r;)op(r,e),r=r.sibling;return V(sX,1&amp;sX.current|2),t.child}e=e.sibling}null!==n.tail&amp;&amp;eo()&gt;oM&amp;&amp;(t.flags|=128,s=!0,ov(n,!1),t.lanes=4194304)}}else{if(!s){if(null!==(e=sY(i))){if(t.flags|=128,s=!0,e=e.updateQueue,t.updateQueue=e,oy(t,e),ov(n,!0),null===n.tail&amp;&amp;"hidden"===n.tailMode&amp;&amp;!i.alternate&amp;&amp;!sm)return ob(t),null}else 2*eo()-n.renderingStartTime&gt;oM&amp;&amp;0x20000000!==r&amp;&amp;(t.flags|=128,s=!0,ov(n,!1),t.lanes=4194304)}n.isBackwards?(i.sibling=t.child,t.child=i):(null!==(e=n.last)?e.sibling=i:t.child=i,n.last=i)}if(null!==n.tail)return t=n.tail,n.rendering=t,n.tail=t.sibling,n.renderingStartTime=eo(),t.sibling=null,e=sX.current,V(sX,s?1&amp;e|2:1&amp;e),t;return ob(t),null;case 22:case 23:return sJ(t),sU(),s=null!==t.memoizedState,null!==e?null!==e.memoizedState!==s&amp;&amp;(t.flags|=8192):s&amp;&amp;(t.flags|=8192),s?0!=(0x20000000&amp;r)&amp;&amp;0==(128&amp;t.flags)&amp;&amp;(ob(t),6&amp;t.subtreeFlags&amp;&amp;(t.flags|=8192)):ob(t),null!==(r=t.updateQueue)&amp;&amp;oy(t,r.retryQueue),r=null,null!==e&amp;&amp;null!==e.memoizedState&amp;&amp;null!==e.memoizedState.cachePool&amp;&amp;(r=e.memoizedState.cachePool.pool),s=null,null!==t.memoizedState&amp;&amp;null!==t.memoizedState.cachePool&amp;&amp;(s=t.memoizedState.cachePool.pool),s!==r&amp;&amp;(t.flags|=2048),null!==e&amp;&amp;H(nt),null;case 24:return r=null,null!==e&amp;&amp;(r=e.memoizedState.cache),t.memoizedState.cache!==r&amp;&amp;(t.flags|=2048),ao(s0),ob(t),null;case 25:return null}throw Error(c(156,t.tag))}(t.alternate,t,o$);if(null!==r){oq=r;return}if(null!==(t=t.sibling)){oq=t;return}oq=t=e}while(null!==t);0===oR&amp;&amp;(oR=5)}function cc(e,t){do{var r=function(e,t){switch(sd(t),t.tag){case 1:return 65536&amp;(e=t.flags)?(t.flags=-65537&amp;e|128,t):null;case 3:return ao(s0),Z(),0!=(65536&amp;(e=t.flags))&amp;&amp;0==(128&amp;e)?(t.flags=-65537&amp;e|128,t):null;case 26:case 27:case 5:return et(t),null;case 13:if(sJ(t),null!==(e=t.memoizedState)&amp;&amp;null!==e.dehydrated){if(null===t.alternate)throw Error(c(340));sx()}return 65536&amp;(e=t.flags)?(t.flags=-65537&amp;e|128,t):null;case 19:return H(sX),null;case 4:return Z(),null;case 10:return ao(t.type),null;case 22:case 23:return sJ(t),sU(),null!==e&amp;&amp;H(nt),65536&amp;(e=t.flags)?(t.flags=-65537&amp;e|128,t):null;case 24:return ao(s0),null;default:return null}}(e.alternate,e);if(null!==r){r.flags&amp;=32767,oq=r;return}if(null!==(r=e.return)&amp;&amp;(r.flags|=32768,r.subtreeFlags=0,r.deletions=null),!t&amp;&amp;null!==(e=e.sibling)){oq=e;return}oq=e=r}while(null!==e);oR=6,oq=null}function cp(e,t,r,s,n,i,a,o,p,d){var u=P.T,l=G.p;try{G.p=2,P.T=null,function(e,t,r,s,n,i,a,o){do cu();while(null!==oV);if(0!=(6&amp;o_))throw Error(c(327));var p,d,u=e.finishedWork;if(s=e.finishedLanes,null!==u){if(e.finishedWork=null,e.finishedLanes=0,u===e.current)throw Error(c(177));e.callbackNode=null,e.callbackPriority=0,e.cancelPendingCommit=null;var l=u.lanes|u.childLanes;if(function(e,t,r,s,n,i){var a=e.pendingLanes;e.pendingLanes=r,e.suspendedLanes=0,e.pingedLanes=0,e.warmLanes=0,e.expiredLanes&amp;=r,e.entangledLanes&amp;=r,e.errorRecoveryDisabledLanes&amp;=r,e.shellSuspendCounter=0;var o=e.entanglements,c=e.expirationTimes,p=e.hiddenUpdates;for(r=a&amp;~r;0&lt;r;){var d=31-eb(r),u=1&lt;&lt;d;o[d]=0,c[d]=-1;var l=p[d];if(null!==l)for(p[d]=null,d=0;d&lt;l.length;d++){var m=l[d];null!==m&amp;&amp;(m.lane&amp;=-0x20000001)}r&amp;=~u}0!==s&amp;&amp;eP(e,s,0),0!==i&amp;&amp;0===n&amp;&amp;0!==e.tag&amp;&amp;(e.suspendedLanes|=i&amp;~(a&amp;~t))}(e,s,l|=rY,i,a,o),e===oA&amp;&amp;(oq=oA=null,ok=0),0==(10256&amp;u.subtreeFlags)&amp;&amp;0==(10256&amp;u.flags)||oH||(oH=!0,oK=l,oJ=r,p=eu,d=function(){return cu(!0),null},es(p,d)),r=0!=(15990&amp;u.flags),0!=(15990&amp;u.subtreeFlags)||r?(r=P.T,P.T=null,i=G.p,G.p=2,a=o_,o_|=4,function(e,t){if(e=e.containerInfo,c4=pU,rz(e=rT(e))){if("selectionStart"in e)var r={start:e.selectionStart,end:e.selectionEnd};else e:{var s=(r=(r=e.ownerDocument)&amp;&amp;r.defaultView||window).getSelection&amp;&amp;r.getSelection();if(s&amp;&amp;0!==s.rangeCount){r=s.anchorNode;var n,i=s.anchorOffset,a=s.focusNode;s=s.focusOffset;try{r.nodeType,a.nodeType}catch(e){r=null;break e}var o=0,p=-1,d=-1,u=0,l=0,m=e,h=null;t:for(;;){for(;m!==r||0!==i&amp;&amp;3!==m.nodeType||(p=o+i),m!==a||0!==s&amp;&amp;3!==m.nodeType||(d=o+s),3===m.nodeType&amp;&amp;(o+=m.nodeValue.length),null!==(n=m.firstChild);)h=m,m=n;for(;;){if(m===e)break t;if(h===r&amp;&amp;++u===i&amp;&amp;(p=o),h===a&amp;&amp;++l===s&amp;&amp;(d=o),null!==(n=m.nextSibling))break;h=(m=h).parentNode}m=n}r=-1===p||-1===d?null:{start:p,end:d}}else r=null}r=r||{start:0,end:0}}else r=null;for(c8={focusedElem:e,selectionRange:r},pU=!1,aM=t;null!==aM;)if(e=(t=aM).child,0!=(1028&amp;t.subtreeFlags)&amp;&amp;null!==e)e.return=t,aM=e;else for(;null!==aM;){switch(a=(t=aM).alternate,e=t.flags,t.tag){case 0:case 11:case 15:case 5:case 26:case 27:case 6:case 4:case 17:break;case 1:if(0!=(1024&amp;e)&amp;&amp;null!==a){e=void 0,r=t,i=a.memoizedProps,a=a.memoizedState,s=r.stateNode;try{var g=iP(r.type,i,r.elementType===r.type);e=s.getSnapshotBeforeUpdate(g,a),s.__reactInternalSnapshotBeforeUpdate=e}catch(e){cm(r,r.return,e)}}break;case 3:if(0!=(1024&amp;e)){if(9===(r=(e=t.stateNode.containerInfo).nodeType))pa(e);else if(1===r)switch(e.nodeName){case"HEAD":case"HTML":case"BODY":pa(e);break;default:e.textContent=""}}break;default:if(0!=(1024&amp;e))throw Error(c(163))}if(null!==(e=t.sibling)){e.return=t.return,aM=e;break}aM=t.return}g=aU,aU=!1}(e,u),a1(u,e),function(e,t){var r=rT(t);t=e.focusedElem;var s=e.selectionRange;if(r!==t&amp;&amp;t&amp;&amp;t.ownerDocument&amp;&amp;function e(t,r){return!!t&amp;&amp;!!r&amp;&amp;(t===r||(!t||3!==t.nodeType)&amp;&amp;(r&amp;&amp;3===r.nodeType?e(t,r.parentNode):"contains"in t?t.contains(r):!!t.compareDocumentPosition&amp;&amp;!!(16&amp;t.compareDocumentPosition(r))))}(t.ownerDocument.documentElement,t)){if(null!==s&amp;&amp;rz(t)){if(e=s.start,void 0===(r=s.end)&amp;&amp;(r=e),"selectionStart"in t)t.selectionStart=e,t.selectionEnd=Math.min(r,t.value.length);else if((r=(e=t.ownerDocument||document)&amp;&amp;e.defaultView||window).getSelection){r=r.getSelection();var n=t.textContent.length,i=Math.min(s.start,n);s=void 0===s.end?i:Math.min(s.end,n),!r.extend&amp;&amp;i&gt;s&amp;&amp;(n=s,s=i,i=n),n=rk(t,i);var a=rk(t,s);n&amp;&amp;a&amp;&amp;(1!==r.rangeCount||r.anchorNode!==n.node||r.anchorOffset!==n.offset||r.focusNode!==a.node||r.focusOffset!==a.offset)&amp;&amp;((e=e.createRange()).setStart(n.node,n.offset),r.removeAllRanges(),i&gt;s?(r.addRange(e),r.extend(a.node,a.offset)):(e.setEnd(a.node,a.offset),r.addRange(e)))}}for(e=[],r=t;r=r.parentNode;)1===r.nodeType&amp;&amp;e.push({element:r,left:r.scrollLeft,top:r.scrollTop});for("function"==typeof t.focus&amp;&amp;t.focus(),t=0;t&lt;e.length;t++)(r=e[t]).element.scrollLeft=r.left,r.element.scrollTop=r.top}}(c8,e.containerInfo),pU=!!c4,c8=c4=null,e.current=u,aF(e,u.alternate,u),ea(),o_=a,G.p=i,P.T=r):e.current=u,oH?(oH=!1,oV=e,oQ=s):cd(e,l),0===(l=e.pendingLanes)&amp;&amp;(oF=null),function(e){if(ey&amp;&amp;"function"==typeof ey.onCommitFiberRoot)try{ey.onCommitFiberRoot(ef,e,void 0,128==(128&amp;e.current.flags))}catch(e){}}(u.stateNode,n),cq(e),null!==t)for(n=e.onRecoverableError,u=0;u&lt;t.length;u++)n((l=t[u]).value,{componentStack:l.stack});0!=(3&amp;oQ)&amp;&amp;cu(),l=e.pendingLanes,0!=(4194218&amp;s)&amp;&amp;0!=(42&amp;l)?e===oY?oX++:(oX=0,oY=e):oX=0,ck(0,!1)}}(e,t,r,s,l,n,i,a,o,p,d)}finally{P.T=u,G.p=l}}function cd(e,t){0==(e.pooledCacheLanes&amp;=t)&amp;&amp;null!=(t=e.pooledCache)&amp;&amp;(e.pooledCache=null,s8(t))}function cu(){if(null!==oV){var e=oV,t=oK;oK=0;var r=eR(oQ),s=P.T,n=G.p;try{if(G.p=32&gt;r?32:r,P.T=null,null===oV)var i=!1;else{r=oJ,oJ=null;var a=oV,o=oQ;if(oV=null,oQ=0,0!=(6&amp;o_))throw Error(c(331));var p=o_;if(o_|=4,os(a.current),a9(a,a.current,o,r),o_=p,ck(0,!1),ey&amp;&amp;"function"==typeof ey.onPostCommitFiberRoot)try{ey.onPostCommitFiberRoot(ef,a)}catch(e){}i=!0}return i}finally{G.p=n,P.T=s,cd(e,t)}}return!1}function cl(e,t,r){t=r7(r,t),t=iD(e.stateNode,t,2),null!==(e=aw(e,t,2))&amp;&amp;(eI(e,2),cq(e))}function cm(e,t,r){if(3===e.tag)cl(e,e,r);else for(;null!==t;){if(3===t.tag){cl(t,e,r);break}if(1===t.tag){var s=t.stateNode;if("function"==typeof t.type.getDerivedStateFromError||"function"==typeof s.componentDidCatch&amp;&amp;(null===oF||!oF.has(s))){e=r7(r,e),null!==(s=aw(t,r=iB(2),2))&amp;&amp;(iN(r,s,t,e),eI(s,2),cq(s));break}}t=t.return}}function ch(e,t,r){var s=e.pingCache;if(null===s){s=e.pingCache=new oS;var n=new Set;s.set(t,n)}else void 0===(n=s.get(t))&amp;&amp;(n=new Set,s.set(t,n));n.has(r)||(oP=!0,n.add(r),e=cg.bind(null,e,t,r),t.then(e,e))}function cg(e,t,r){var s=e.pingCache;null!==s&amp;&amp;s.delete(t),e.pingedLanes|=e.suspendedLanes&amp;r,e.warmLanes&amp;=~r,oA===e&amp;&amp;(ok&amp;r)===r&amp;&amp;(4===oR||3===oR&amp;&amp;(0x3c00000&amp;ok)===ok&amp;&amp;300&gt;eo()-oW?0==(2&amp;o_)&amp;&amp;o3(e,0):oC|=r,oD===ok&amp;&amp;(oD=0)),cq(e)}function cf(e,t){0===t&amp;&amp;(t=ez()),null!==(e=r0(e,t))&amp;&amp;(eI(e,t),cq(e))}function cy(e){var t=e.memoizedState,r=0;null!==t&amp;&amp;(r=t.retryLane),cf(e,r)}function cv(e,t){var r=0;switch(e.tag){case 13:var s=e.stateNode,n=e.memoizedState;null!==n&amp;&amp;(r=n.retryLane);break;case 19:s=e.stateNode;break;case 22:s=e.stateNode._retryCache;break;default:throw Error(c(314))}null!==s&amp;&amp;s.delete(t),cf(e,r)}var cb=null,cw=null,cx=!1,cS=!1,c_=!1,cA=0;function cq(e){var t;e!==cw&amp;&amp;null===e.next&amp;&amp;(null===cw?cb=cw=e:cw=cw.next=e),cS=!0,cx||(cx=!0,t=cT,ps(function(){0!=(6&amp;o_)?es(ep,t):t()}))}function ck(e,t){if(!c_&amp;&amp;cS){c_=!0;do for(var r=!1,s=cb;null!==s;){if(!t){if(0!==e){var n=s.pendingLanes;if(0===n)var i=0;else{var a=s.suspendedLanes,o=s.pingedLanes;i=0xc000055&amp;(i=(1&lt;&lt;31-eb(42|e)+1)-1&amp;(n&amp;~(a&amp;~o)))?0xc000055&amp;i|1:i?2|i:0}0!==i&amp;&amp;(r=!0,cI(s,i))}else i=ok,0==(3&amp;(i=eq(s,s===oA?i:0)))||ek(s,i)||(r=!0,cI(s,i))}s=s.next}while(r);c_=!1}}function cT(){cS=cx=!1;var e,t=0;0!==cA&amp;&amp;(((e=window.event)&amp;&amp;"popstate"===e.type?e===c5||(c5=e,0):(c5=null,1))||(t=cA),cA=0);for(var r=eo(),s=null,n=cb;null!==n;){var i=n.next,a=cz(n,r);0===a?(n.next=null,null===s?cb=i:s.next=i,null===i&amp;&amp;(cw=s)):(s=n,(0!==t||0!=(3&amp;a))&amp;&amp;(cS=!0)),n=i}ck(t,!1)}function cz(e,t){for(var r=e.suspendedLanes,s=e.pingedLanes,n=e.expirationTimes,i=-0x3c00001&amp;e.pendingLanes;0&lt;i;){var a=31-eb(i),o=1&lt;&lt;a,c=n[a];-1===c?(0==(o&amp;r)||0!=(o&amp;s))&amp;&amp;(n[a]=function(e,t){switch(e){case 1:case 2:case 4:case 8:return t+250;case 16:case 32:case 64:case 128:case 256:case 512:case 1024:case 2048:case 4096:case 8192:case 16384:case 32768:case 65536:case 131072:case 262144:case 524288:case 1048576:case 2097152:return t+5e3;default:return -1}}(o,t)):c&lt;=t&amp;&amp;(e.expiredLanes|=o),i&amp;=~o}if(t=oA,r=ok,r=eq(e,e===t?r:0),s=e.callbackNode,0===r||e===t&amp;&amp;2===oT||null!==e.cancelPendingCommit)return null!==s&amp;&amp;null!==s&amp;&amp;en(s),e.callbackNode=null,e.callbackPriority=0;if(0==(3&amp;r)||ek(e,r)){if((t=r&amp;-r)===e.callbackPriority)return t;switch(null!==s&amp;&amp;en(s),eR(r)){case 2:case 8:r=ed;break;case 32:default:r=eu;break;case 0x10000000:r=em}return r=es(r,s=cj.bind(null,e)),e.callbackPriority=t,e.callbackNode=r,t}return null!==s&amp;&amp;null!==s&amp;&amp;en(s),e.callbackPriority=2,e.callbackNode=null,2}function cj(e,t){var r=e.callbackNode;if(cu()&amp;&amp;e.callbackNode!==r)return null;var s=ok;return 0===(s=eq(e,e===oA?s:0))?null:(o0(e,s,t),cz(e,eo()),null!=e.callbackNode&amp;&amp;e.callbackNode===r?cj.bind(null,e):null)}function cI(e,t){if(cu())return null;o0(e,t,!0)}function cP(){return 0===cA&amp;&amp;(cA=eT()),cA}function c$(e){return null==e||"symbol"==typeof e||"boolean"==typeof e?null:"function"==typeof e?e:ty(""+e)}function cR(e,t){var r=t.ownerDocument.createElement("input");return r.name=t.name,r.value=t.value,e.id&amp;&amp;r.setAttribute("form",e.id),t.parentNode.insertBefore(r,t),e=new FormData(e),r.parentNode.removeChild(r),e}for(var cE=0;cE&lt;rQ.length;cE++){var cO=rQ[cE];rK(cO.toLowerCase(),"on"+(cO[0].toUpperCase()+cO.slice(1)))}rK(rN,"onAnimationEnd"),rK(rG,"onAnimationIteration"),rK(rW,"onAnimationStart"),rK("dblclick","onDoubleClick"),rK("focusin","onFocus"),rK("focusout","onBlur"),rK(rM,"onTransitionRun"),rK(rU,"onTransitionStart"),rK(rF,"onTransitionCancel"),rK(rH,"onTransitionEnd"),eZ("onMouseEnter",["mouseout","mouseover"]),eZ("onMouseLeave",["mouseout","mouseover"]),eZ("onPointerEnter",["pointerout","pointerover"]),eZ("onPointerLeave",["pointerout","pointerover"]),eY("onChange","change click focusin focusout input keydown keyup selectionchange".split(" ")),eY("onSelect","focusout contextmenu dragend focusin keydown keyup mousedown mouseup selectionchange".split(" ")),eY("onBeforeInput",["compositionend","keypress","textInput","paste"]),eY("onCompositionEnd","compositionend focusout keydown keypress keyup mousedown".split(" ")),eY("onCompositionStart","compositionstart focusout keydown keypress keyup mousedown".split(" ")),eY("onCompositionUpdate","compositionupdate focusout keydown keypress keyup mousedown".split(" "));var cC="abort canplay canplaythrough durationchange emptied encrypted ended error loadeddata loadedmetadata loadstart pause play playing progress ratechange resize seeked seeking stalled suspend timeupdate volumechange waiting".split(" "),cL=new Set("beforetoggle cancel close invalid load scroll scrollend toggle".split(" ").concat(cC));function cD(e,t){t=0!=(4&amp;t);for(var r=0;r&lt;e.length;r++){var s=e[r],n=s.event;s=s.listeners;e:{var i=void 0;if(t)for(var a=s.length-1;0&lt;=a;a--){var o=s[a],c=o.instance,p=o.currentTarget;if(o=o.listener,c!==i&amp;&amp;n.isPropagationStopped())break e;i=o,n.currentTarget=p;try{i(n)}catch(e){i$(e)}n.currentTarget=null,i=c}else for(a=0;a&lt;s.length;a++){if(c=(o=s[a]).instance,p=o.currentTarget,o=o.listener,c!==i&amp;&amp;n.isPropagationStopped())break e;i=o,n.currentTarget=p;try{i(n)}catch(e){i$(e)}n.currentTarget=null,i=c}}}}function cB(e,t){var r=t[eB];void 0===r&amp;&amp;(r=t[eB]=new Set);var s=e+"__bubble";r.has(s)||(cM(t,e,2,!1),r.add(s))}function cN(e,t,r){var s=0;t&amp;&amp;(s|=4),cM(r,e,s,t)}var cG="_reactListening"+Math.random().toString(36).slice(2);function cW(e){if(!e[cG]){e[cG]=!0,eJ.forEach(function(t){"selectionchange"!==t&amp;&amp;(cL.has(t)||cN(t,!1,e),cN(t,!0,e))});var t=9===e.nodeType?e:e.ownerDocument;null===t||t[cG]||(t[cG]=!0,cN("selectionchange",!1,t))}}function cM(e,t,r,s){switch(pX(t)){case 2:var n=pF;break;case 8:n=pH;break;default:n=pV}r=n.bind(null,t,r,e),n=void 0,tk&amp;&amp;("touchstart"===t||"touchmove"===t||"wheel"===t)&amp;&amp;(n=!0),s?void 0!==n?e.addEventListener(t,r,{capture:!0,passive:n}):e.addEventListener(t,r,!0):void 0!==n?e.addEventListener(t,r,{passive:n}):e.addEventListener(t,r,!1)}function cU(e,t,r,s,n){var i=s;if(0==(1&amp;t)&amp;&amp;0==(2&amp;t)&amp;&amp;null!==s)e:for(;;){if(null===s)return;var a=s.tag;if(3===a||4===a){var o=s.stateNode.containerInfo;if(o===n||8===o.nodeType&amp;&amp;o.parentNode===n)break;if(4===a)for(a=s.return;null!==a;){var c=a.tag;if((3===c||4===c)&amp;&amp;((c=a.stateNode.containerInfo)===n||8===c.nodeType&amp;&amp;c.parentNode===n))return;a=a.return}for(;null!==o;){if(null===(a=eF(o)))return;if(5===(c=a.tag)||6===c||26===c||27===c){s=i=a;continue e}o=o.parentNode}}s=s.return}tA(function(){var s=i,n=tb(r),a=[];e:{var o=rV.get(e);if(void 0!==o){var c=tN,p=e;switch(e){case"keypress":if(0===t$(r))break e;case"keydown":case"keyup":c=t2;break;case"focusin":p="focus",c=tH;break;case"focusout":p="blur",c=tH;break;case"beforeblur":case"afterblur":c=tH;break;case"click":if(2===r.button)break e;case"auxclick":case"dblclick":case"mousedown":case"mousemove":case"mouseup":case"mouseout":case"mouseover":case"contextmenu":c=tU;break;case"drag":case"dragend":case"dragenter":case"dragexit":case"dragleave":case"dragover":case"dragstart":case"drop":c=tF;break;case"touchcancel":case"touchend":case"touchmove":case"touchstart":c=t4;break;case rN:case rG:case rW:c=tV;break;case rH:c=t8;break;case"scroll":case"scrollend":c=tW;break;case"wheel":c=t6;break;case"copy":case"cut":case"paste":c=tQ;break;case"gotpointercapture":case"lostpointercapture":case"pointercancel":case"pointerdown":case"pointermove":case"pointerout":case"pointerover":case"pointerup":c=t0;break;case"toggle":case"beforetoggle":c=t9}var d=0!=(4&amp;t),u=!d&amp;&amp;("scroll"===e||"scrollend"===e),l=d?null!==o?o+"Capture":null:o;d=[];for(var m,h=s;null!==h;){var g=h;if(m=g.stateNode,5!==(g=g.tag)&amp;&amp;26!==g&amp;&amp;27!==g||null===m||null===l||null!=(g=tq(h,l))&amp;&amp;d.push(cF(h,g,m)),u)break;h=h.return}0&lt;d.length&amp;&amp;(o=new c(o,p,null,r,n),a.push({event:o,listeners:d}))}}if(0==(7&amp;t)){if(o="mouseover"===e||"pointerover"===e,c="mouseout"===e||"pointerout"===e,!(o&amp;&amp;r!==tv&amp;&amp;(p=r.relatedTarget||r.fromElement)&amp;&amp;(eF(p)||p[eD]))&amp;&amp;(c||o)&amp;&amp;(o=n.window===n?n:(o=n.ownerDocument)?o.defaultView||o.parentWindow:window,c?(p=r.relatedTarget||r.toElement,c=s,null!==(p=p?eF(p):null)&amp;&amp;(u=L(p),d=p.tag,p!==u||5!==d&amp;&amp;27!==d&amp;&amp;6!==d)&amp;&amp;(p=null)):(c=null,p=s),c!==p)){if(d=tU,g="onMouseLeave",l="onMouseEnter",h="mouse",("pointerout"===e||"pointerover"===e)&amp;&amp;(d=t0,g="onPointerLeave",l="onPointerEnter",h="pointer"),u=null==c?o:eV(c),m=null==p?o:eV(p),(o=new d(g,h+"leave",c,r,n)).target=u,o.relatedTarget=m,g=null,eF(n)===s&amp;&amp;((d=new d(l,h+"enter",p,r,n)).target=m,d.relatedTarget=u,g=d),u=g,c&amp;&amp;p)t:{for(d=c,l=p,h=0,m=d;m;m=cV(m))h++;for(m=0,g=l;g;g=cV(g))m++;for(;0&lt;h-m;)d=cV(d),h--;for(;0&lt;m-h;)l=cV(l),m--;for(;h--;){if(d===l||null!==l&amp;&amp;d===l.alternate)break t;d=cV(d),l=cV(l)}d=null}else d=null;null!==c&amp;&amp;cQ(a,o,c,d,!1),null!==p&amp;&amp;null!==u&amp;&amp;cQ(a,u,p,d,!0)}e:{if("select"===(c=(o=s?eV(s):window).nodeName&amp;&amp;o.nodeName.toLowerCase())||"input"===c&amp;&amp;"file"===o.type)var f,y=rm;else if(ro(o)){if(rh)y=rS;else{y=rw;var v=rb}}else(c=o.nodeName)&amp;&amp;"input"===c.toLowerCase()&amp;&amp;("checkbox"===o.type||"radio"===o.type)?y=rx:s&amp;&amp;th(s.elementType)&amp;&amp;(y=rm);if(y&amp;&amp;(y=y(e,s))){rc(a,y,r,n);break e}v&amp;&amp;v(e,o,s),"focusout"===e&amp;&amp;s&amp;&amp;"number"===o.type&amp;&amp;null!=s.memoizedProps.value&amp;&amp;ta(o,"number",o.value)}switch(v=s?eV(s):window,e){case"focusin":(ro(v)||"true"===v.contentEditable)&amp;&amp;(rI=v,rP=s,r$=null);break;case"focusout":r$=rP=rI=null;break;case"mousedown":rR=!0;break;case"contextmenu":case"mouseup":case"dragend":rR=!1,rE(a,r,n);break;case"selectionchange":if(rj)break;case"keydown":case"keyup":rE(a,r,n)}if(t3)t:{switch(e){case"compositionstart":var b="onCompositionStart";break t;case"compositionend":b="onCompositionEnd";break t;case"compositionupdate":b="onCompositionUpdate";break t}b=void 0}else ri?rs(e,r)&amp;&amp;(b="onCompositionEnd"):"keydown"===e&amp;&amp;229===r.keyCode&amp;&amp;(b="onCompositionStart");b&amp;&amp;(rt&amp;&amp;"ko"!==r.locale&amp;&amp;(ri||"onCompositionStart"!==b?"onCompositionEnd"===b&amp;&amp;ri&amp;&amp;(f=tP()):(tj="value"in(tz=n)?tz.value:tz.textContent,ri=!0)),0&lt;(v=cH(s,b)).length&amp;&amp;(b=new tK(b,e,null,r,n),a.push({event:b,listeners:v}),f?b.data=f:null!==(f=rn(r))&amp;&amp;(b.data=f))),(f=re?function(e,t){switch(e){case"compositionend":return rn(t);case"keypress":if(32!==t.which)return null;return rr=!0," ";case"textInput":return" "===(e=t.data)&amp;&amp;rr?null:e;default:return null}}(e,r):function(e,t){if(ri)return"compositionend"===e||!t3&amp;&amp;rs(e,t)?(e=tP(),tI=tj=tz=null,ri=!1,e):null;switch(e){case"paste":default:return null;case"keypress":if(!(t.ctrlKey||t.altKey||t.metaKey)||t.ctrlKey&amp;&amp;t.altKey){if(t.char&amp;&amp;1&lt;t.char.length)return t.char;if(t.which)return String.fromCharCode(t.which)}return null;case"compositionend":return rt&amp;&amp;"ko"!==t.locale?null:t.data}}(e,r))&amp;&amp;0&lt;(b=cH(s,"onBeforeInput")).length&amp;&amp;(v=new tK("onBeforeInput","beforeinput",null,r,n),a.push({event:v,listeners:b}),v.data=f),function(e,t,r,s,n){if("submit"===t&amp;&amp;r&amp;&amp;r.stateNode===n){var i=c$((n[eL]||null).action),a=s.submitter;a&amp;&amp;null!==(t=(t=a[eL]||null)?c$(t.formAction):a.getAttribute("formAction"))&amp;&amp;(i=t,a=null);var o=new tN("action","action",null,s,n);e.push({event:o,listeners:[{instance:null,listener:function(){if(s.defaultPrevented){if(0!==cA){var e=a?cR(n,a):new FormData(n);ic(r,{pending:!0,data:e,method:n.method,action:i},null,e)}}else"function"==typeof i&amp;&amp;(o.preventDefault(),ic(r,{pending:!0,data:e=a?cR(n,a):new FormData(n),method:n.method,action:i},i,e))},currentTarget:n}]})}}(a,e,s,r,n)}cD(a,t)})}function cF(e,t,r){return{instance:e,listener:t,currentTarget:r}}function cH(e,t){for(var r=t+"Capture",s=[];null!==e;){var n=e,i=n.stateNode;5!==(n=n.tag)&amp;&amp;26!==n&amp;&amp;27!==n||null===i||(null!=(n=tq(e,r))&amp;&amp;s.unshift(cF(e,n,i)),null!=(n=tq(e,t))&amp;&amp;s.push(cF(e,n,i))),e=e.return}return s}function cV(e){if(null===e)return null;do e=e.return;while(e&amp;&amp;5!==e.tag&amp;&amp;27!==e.tag);return e||null}function cQ(e,t,r,s,n){for(var i=t._reactName,a=[];null!==r&amp;&amp;r!==s;){var o=r,c=o.alternate,p=o.stateNode;if(o=o.tag,null!==c&amp;&amp;c===s)break;5!==o&amp;&amp;26!==o&amp;&amp;27!==o||null===p||(c=p,n?null!=(p=tq(r,i))&amp;&amp;a.unshift(cF(r,p,c)):n||null!=(p=tq(r,i))&amp;&amp;a.push(cF(r,p,c))),r=r.return}0!==a.length&amp;&amp;e.push({event:t,listeners:a})}var cK=/\r\n?/g,cJ=/\u0000|\uFFFD/g;function cX(e){return("string"==typeof e?e:""+e).replace(cK,"\n").replace(cJ,"")}function cY(e,t){return t=cX(t),cX(e)===t}function cZ(){}function c1(e,t,r,s,n,i){switch(r){case"children":"string"==typeof s?"body"===t||"textarea"===t&amp;&amp;""===s||td(e,s):("number"==typeof s||"bigint"==typeof s)&amp;&amp;"body"!==t&amp;&amp;td(e,""+s);break;case"className":e6(e,"class",s);break;case"tabIndex":e6(e,"tabindex",s);break;case"dir":case"role":case"viewBox":case"width":case"height":e6(e,r,s);break;case"style":tm(e,s,i);break;case"data":if("object"!==t){e6(e,"data",s);break}case"src":case"href":if(""===s&amp;&amp;("a"!==t||"href"!==r)||null==s||"function"==typeof s||"symbol"==typeof s||"boolean"==typeof s){e.removeAttribute(r);break}s=ty(""+s),e.setAttribute(r,s);break;case"action":case"formAction":if("function"==typeof s){e.setAttribute(r,"javascript:throw new Error('A React form was unexpectedly submitted. If you called form.submit() manually, consider using form.requestSubmit() instead. If you\\'re trying to use event.stopPropagation() in a submit event handler, consider also calling event.preventDefault().')");break}if("function"==typeof i&amp;&amp;("formAction"===r?("input"!==t&amp;&amp;c1(e,t,"name",n.name,n,null),c1(e,t,"formEncType",n.formEncType,n,null),c1(e,t,"formMethod",n.formMethod,n,null),c1(e,t,"formTarget",n.formTarget,n,null)):(c1(e,t,"encType",n.encType,n,null),c1(e,t,"method",n.method,n,null),c1(e,t,"target",n.target,n,null))),null==s||"symbol"==typeof s||"boolean"==typeof s){e.removeAttribute(r);break}s=ty(""+s),e.setAttribute(r,s);break;case"onClick":null!=s&amp;&amp;(e.onclick=cZ);break;case"onScroll":null!=s&amp;&amp;cB("scroll",e);break;case"onScrollEnd":null!=s&amp;&amp;cB("scrollend",e);break;case"dangerouslySetInnerHTML":if(null!=s){if("object"!=typeof s||!("__html"in s))throw Error(c(61));if(null!=(r=s.__html)){if(null!=n.children)throw Error(c(60));e.innerHTML=r}}break;case"multiple":e.multiple=s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s;break;case"muted":e.muted=s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s;break;case"suppressContentEditableWarning":case"suppressHydrationWarning":case"defaultValue":case"defaultChecked":case"innerHTML":case"ref":case"autoFocus":case"innerText":case"textContent":break;case"xlinkHref":if(null==s||"function"==typeof s||"boolean"==typeof s||"symbol"==typeof s){e.removeAttribute("xlink:href");break}r=ty(""+s),e.setAttributeNS("http://www.w3.org/1999/xlink","xlink:href",r);break;case"contentEditable":case"spellCheck":case"draggable":case"value":case"autoReverse":case"externalResourcesRequired":case"focusable":case"preserveAlpha":null!=s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s?e.setAttribute(r,""+s):e.removeAttribute(r);break;case"inert":case"allowFullScreen":case"async":case"autoPlay":case"controls":case"default":case"defer":case"disabled":case"disablePictureInPicture":case"disableRemotePlayback":case"formNoValidate":case"hidden":case"loop":case"noModule":case"noValidate":case"open":case"playsInline":case"readOnly":case"required":case"reversed":case"scoped":case"seamless":case"itemScope":s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s?e.setAttribute(r,""):e.removeAttribute(r);break;case"capture":case"download":!0===s?e.setAttribute(r,""):!1!==s&amp;&amp;null!=s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s?e.setAttribute(r,s):e.removeAttribute(r);break;case"cols":case"rows":case"size":case"span":null!=s&amp;&amp;"function"!=typeof s&amp;&amp;"symbol"!=typeof s&amp;&amp;!isNaN(s)&amp;&amp;1&lt;=s?e.setAttribute(r,s):e.removeAttribute(r);break;case"rowSpan":case"start":null==s||"function"==typeof s||"symbol"==typeof s||isNaN(s)?e.removeAttribute(r):e.setAttribute(r,s);break;case"popover":cB("beforetoggle",e),cB("toggle",e),e8(e,"popover",s);break;case"xlinkActuate":e9(e,"http://www.w3.org/1999/xlink","xlink:actuate",s);break;case"xlinkArcrole":e9(e,"http://www.w3.org/1999/xlink","xlink:arcrole",s);break;case"xlinkRole":e9(e,"http://www.w3.org/1999/xlink","xlink:role",s);break;case"xlinkShow":e9(e,"http://www.w3.org/1999/xlink","xlink:show",s);break;case"xlinkTitle":e9(e,"http://www.w3.org/1999/xlink","xlink:title",s);break;case"xlinkType":e9(e,"http://www.w3.org/1999/xlink","xlink:type",s);break;case"xmlBase":e9(e,"http://www.w3.org/XML/1998/namespace","xml:base",s);break;case"xmlLang":e9(e,"http://www.w3.org/XML/1998/namespace","xml:lang",s);break;case"xmlSpace":e9(e,"http://www.w3.org/XML/1998/namespace","xml:space",s);break;case"is":e8(e,"is",s);break;default:2&lt;r.length&amp;&amp;("o"===r[0]||"O"===r[0])&amp;&amp;("n"===r[1]||"N"===r[1])||e8(e,r=tg.get(r)||r,s)}}function c2(e,t,r,s,n,i){switch(r){case"style":tm(e,s,i);break;case"dangerouslySetInnerHTML":if(null!=s){if("object"!=typeof s||!("__html"in s))throw Error(c(61));if(null!=(r=s.__html)){if(null!=n.children)throw Error(c(60));e.innerHTML=r}}break;case"children":"string"==typeof s?td(e,s):("number"==typeof s||"bigint"==typeof s)&amp;&amp;td(e,""+s);break;case"onScroll":null!=s&amp;&amp;cB("scroll",e);break;case"onScrollEnd":null!=s&amp;&amp;cB("scrollend",e);break;case"onClick":null!=s&amp;&amp;(e.onclick=cZ);break;case"suppressContentEditableWarning":case"suppressHydrationWarning":case"innerHTML":case"ref":case"innerText":case"textContent":break;default:if(!eX.hasOwnProperty(r))e:{if("o"===r[0]&amp;&amp;"n"===r[1]&amp;&amp;(n=r.endsWith("Capture"),t=r.slice(2,n?r.length-7:void 0),"function"==typeof(i=null!=(i=e[eL]||null)?i[r]:null)&amp;&amp;e.removeEventListener(t,i,n),"function"==typeof s)){"function"!=typeof i&amp;&amp;null!==i&amp;&amp;(r in e?e[r]=null:e.hasAttribute(r)&amp;&amp;e.removeAttribute(r)),e.addEventListener(t,s,n);break e}r in e?e[r]=s:!0===s?e.setAttribute(r,""):e8(e,r,s)}}}function c0(e,t,r){switch(t){case"div":case"span":case"svg":case"path":case"a":case"g":case"p":case"li":break;case"img":cB("error",e),cB("load",e);var s,n=!1,i=!1;for(s in r)if(r.hasOwnProperty(s)){var a=r[s];if(null!=a)switch(s){case"src":n=!0;break;case"srcSet":i=!0;break;case"children":case"dangerouslySetInnerHTML":throw Error(c(137,t));default:c1(e,t,s,a,r,null)}}i&amp;&amp;c1(e,t,"srcSet",r.srcSet,r,null),n&amp;&amp;c1(e,t,"src",r.src,r,null);return;case"input":cB("invalid",e);var o=s=a=i=null,p=null,d=null;for(n in r)if(r.hasOwnProperty(n)){var u=r[n];if(null!=u)switch(n){case"name":i=u;break;case"type":a=u;break;case"checked":p=u;break;case"defaultChecked":d=u;break;case"value":s=u;break;case"defaultValue":o=u;break;case"children":case"dangerouslySetInnerHTML":if(null!=u)throw Error(c(137,t));break;default:c1(e,t,n,u,r,null)}}ti(e,s,o,p,d,a,i,!1),e5(e);return;case"select":for(i in cB("invalid",e),n=a=s=null,r)if(r.hasOwnProperty(i)&amp;&amp;null!=(o=r[i]))switch(i){case"value":s=o;break;case"defaultValue":a=o;break;case"multiple":n=o;default:c1(e,t,i,o,r,null)}t=s,r=a,e.multiple=!!n,null!=t?to(e,!!n,t,!1):null!=r&amp;&amp;to(e,!!n,r,!0);return;case"textarea":for(a in cB("invalid",e),s=i=n=null,r)if(r.hasOwnProperty(a)&amp;&amp;null!=(o=r[a]))switch(a){case"value":n=o;break;case"defaultValue":i=o;break;case"children":s=o;break;case"dangerouslySetInnerHTML":if(null!=o)throw Error(c(91));break;default:c1(e,t,a,o,r,null)}tp(e,n,i,s),e5(e);return;case"option":for(p in r)r.hasOwnProperty(p)&amp;&amp;null!=(n=r[p])&amp;&amp;("selected"===p?e.selected=n&amp;&amp;"function"!=typeof n&amp;&amp;"symbol"!=typeof n:c1(e,t,p,n,r,null));return;case"dialog":cB("cancel",e),cB("close",e);break;case"iframe":case"object":cB("load",e);break;case"video":case"audio":for(n=0;n&lt;cC.length;n++)cB(cC[n],e);break;case"image":cB("error",e),cB("load",e);break;case"details":cB("toggle",e);break;case"embed":case"source":case"link":cB("error",e),cB("load",e);case"area":case"base":case"br":case"col":case"hr":case"keygen":case"meta":case"param":case"track":case"wbr":case"menuitem":for(d in r)if(r.hasOwnProperty(d)&amp;&amp;null!=(n=r[d]))switch(d){case"children":case"dangerouslySetInnerHTML":throw Error(c(137,t));default:c1(e,t,d,n,r,null)}return;default:if(th(t)){for(u in r)r.hasOwnProperty(u)&amp;&amp;void 0!==(n=r[u])&amp;&amp;c2(e,t,u,n,r,void 0);return}}for(o in r)r.hasOwnProperty(o)&amp;&amp;null!=(n=r[o])&amp;&amp;c1(e,t,o,n,r,null)}var c4=null,c8=null;function c6(e){return 9===e.nodeType?e:e.ownerDocument}function c9(e){switch(e){case"http://www.w3.org/2000/svg":return 1;case"http://www.w3.org/1998/Math/MathML":return 2;default:return 0}}function c7(e,t){if(0===e)switch(t){case"svg":return 1;case"math":return 2;default:return 0}return 1===e&amp;&amp;"foreignObject"===t?0:e}function c3(e,t){return"textarea"===e||"noscript"===e||"string"==typeof t.children||"number"==typeof t.children||"bigint"==typeof t.children||"object"==typeof t.dangerouslySetInnerHTML&amp;&amp;null!==t.dangerouslySetInnerHTML&amp;&amp;null!=t.dangerouslySetInnerHTML.__html}var c5=null,pe="function"==typeof setTimeout?setTimeout:void 0,pt="function"==typeof clearTimeout?clearTimeout:void 0,pr="function"==typeof Promise?Promise:void 0,ps="function"==typeof queueMicrotask?queueMicrotask:void 0!==pr?function(e){return pr.resolve(null).then(e).catch(pn)}:pe;function pn(e){setTimeout(function(){throw e})}function pi(e,t){var r=t,s=0;do{var n=r.nextSibling;if(e.removeChild(r),n&amp;&amp;8===n.nodeType){if("/$"===(r=n.data)){if(0===s){e.removeChild(n),di(t);return}s--}else"$"!==r&amp;&amp;"$?"!==r&amp;&amp;"$!"!==r||s++}r=n}while(r);di(t)}function pa(e){var t=e.firstChild;for(t&amp;&amp;10===t.nodeType&amp;&amp;(t=t.nextSibling);t;){var r=t;switch(t=t.nextSibling,r.nodeName){case"HTML":case"HEAD":case"BODY":pa(r),eU(r);continue;case"SCRIPT":case"STYLE":continue;case"LINK":if("stylesheet"===r.rel.toLowerCase())continue}e.removeChild(r)}}function po(e){for(;null!=e;e=e.nextSibling){var t=e.nodeType;if(1===t||3===t)break;if(8===t){if("$"===(t=e.data)||"$!"===t||"$?"===t||"F!"===t||"F"===t)break;if("/$"===t)return null}}return e}function pc(e){e=e.previousSibling;for(var t=0;e;){if(8===e.nodeType){var r=e.data;if("$"===r||"$!"===r||"$?"===r){if(0===t)return e;t--}else"/$"===r&amp;&amp;t++}e=e.previousSibling}return null}function pp(e,t,r){switch(t=c6(r),e){case"html":if(!(e=t.documentElement))throw Error(c(452));return e;case"head":if(!(e=t.head))throw Error(c(453));return e;case"body":if(!(e=t.body))throw Error(c(454));return e;default:throw Error(c(451))}}var pd=new Map,pu=new Set;function pl(e){return"function"==typeof e.getRootNode?e.getRootNode():e.ownerDocument}var pm=G.d;G.d={f:function(){var e=pm.f(),t=o9();return e||t},r:function(e){var t=eH(e);null!==t&amp;&amp;5===t.tag&amp;&amp;"form"===t.type?id(t):pm.r(e)},D:function(e){pm.D(e),pg("dns-prefetch",e,null)},C:function(e,t){pm.C(e,t),pg("preconnect",e,t)},L:function(e,t,r){if(pm.L(e,t,r),ph&amp;&amp;e&amp;&amp;t){var s='link[rel="preload"][as="'+ts(t)+'"]';"image"===t&amp;&amp;r&amp;&amp;r.imageSrcSet?(s+='[imagesrcset="'+ts(r.imageSrcSet)+'"]',"string"==typeof r.imageSizes&amp;&amp;(s+='[imagesizes="'+ts(r.imageSizes)+'"]')):s+='[href="'+ts(e)+'"]';var n=s;switch(t){case"style":n=py(e);break;case"script":n=pw(e)}pd.has(n)||(e=$({rel:"preload",href:"image"===t&amp;&amp;r&amp;&amp;r.imageSrcSet?void 0:e,as:t},r),pd.set(n,e),null!==ph.querySelector(s)||"style"===t&amp;&amp;ph.querySelector(pv(n))||"script"===t&amp;&amp;ph.querySelector(px(n))||(c0(t=ph.createElement("link"),"link",e),eK(t),ph.head.appendChild(t)))}},m:function(e,t){if(pm.m(e,t),ph&amp;&amp;e){var r=t&amp;&amp;"string"==typeof t.as?t.as:"script",s='link[rel="modulepreload"][as="'+ts(r)+'"][href="'+ts(e)+'"]',n=s;switch(r){case"audioworklet":case"paintworklet":case"serviceworker":case"sharedworker":case"worker":case"script":n=pw(e)}if(!pd.has(n)&amp;&amp;(e=$({rel:"modulepreload",href:e},t),pd.set(n,e),null===ph.querySelector(s))){switch(r){case"audioworklet":case"paintworklet":case"serviceworker":case"sharedworker":case"worker":case"script":if(ph.querySelector(px(n)))return}c0(r=ph.createElement("link"),"link",e),eK(r),ph.head.appendChild(r)}}},X:function(e,t){if(pm.X(e,t),ph&amp;&amp;e){var r=eQ(ph).hoistableScripts,s=pw(e),n=r.get(s);n||((n=ph.querySelector(px(s)))||(e=$({src:e,async:!0},t),(t=pd.get(s))&amp;&amp;pq(e,t),eK(n=ph.createElement("script")),c0(n,"link",e),ph.head.appendChild(n)),n={type:"script",instance:n,count:1,state:null},r.set(s,n))}},S:function(e,t,r){if(pm.S(e,t,r),ph&amp;&amp;e){var s=eQ(ph).hoistableStyles,n=py(e);t=t||"default";var i=s.get(n);if(!i){var a={loading:0,preload:null};if(i=ph.querySelector(pv(n)))a.loading=5;else{e=$({rel:"stylesheet",href:e,"data-precedence":t},r),(r=pd.get(n))&amp;&amp;pA(e,r);var o=i=ph.createElement("link");eK(o),c0(o,"link",e),o._p=new Promise(function(e,t){o.onload=e,o.onerror=t}),o.addEventListener("load",function(){a.loading|=1}),o.addEventListener("error",function(){a.loading|=2}),a.loading|=4,p_(i,t,ph)}i={type:"stylesheet",instance:i,count:1,state:a},s.set(n,i)}}},M:function(e,t){if(pm.M(e,t),ph&amp;&amp;e){var r=eQ(ph).hoistableScripts,s=pw(e),n=r.get(s);n||((n=ph.querySelector(px(s)))||(e=$({src:e,async:!0,type:"module"},t),(t=pd.get(s))&amp;&amp;pq(e,t),eK(n=ph.createElement("script")),c0(n,"link",e),ph.head.appendChild(n)),n={type:"script",instance:n,count:1,state:null},r.set(s,n))}}};var ph="undefined"==typeof document?null:document;function pg(e,t,r){if(ph&amp;&amp;"string"==typeof t&amp;&amp;t){var s=ts(t);s='link[rel="'+e+'"][href="'+s+'"]',"string"==typeof r&amp;&amp;(s+='[crossorigin="'+r+'"]'),pu.has(s)||(pu.add(s),e={rel:e,crossOrigin:r,href:t},null===ph.querySelector(s)&amp;&amp;(c0(t=ph.createElement("link"),"link",e),eK(t),ph.head.appendChild(t)))}}function pf(e,t,r,s){var n=(n=J.current)?pl(n):null;if(!n)throw Error(c(446));switch(e){case"meta":case"title":return null;case"style":return"string"==typeof r.precedence&amp;&amp;"string"==typeof r.href?(t=py(r.href),(s=(r=eQ(n).hoistableStyles).get(t))||(s={type:"style",instance:null,count:0,state:null},r.set(t,s)),s):{type:"void",instance:null,count:0,state:null};case"link":if("stylesheet"===r.rel&amp;&amp;"string"==typeof r.href&amp;&amp;"string"==typeof r.precedence){e=py(r.href);var i,a,o,p,d=eQ(n).hoistableStyles,u=d.get(e);if(u||(n=n.ownerDocument||n,u={type:"stylesheet",instance:null,count:0,state:{loading:0,preload:null}},d.set(e,u),(d=n.querySelector(pv(e)))&amp;&amp;!d._p&amp;&amp;(u.instance=d,u.state.loading=5),pd.has(e)||(r={rel:"preload",as:"style",href:r.href,crossOrigin:r.crossOrigin,integrity:r.integrity,media:r.media,hrefLang:r.hrefLang,referrerPolicy:r.referrerPolicy},pd.set(e,r),d||(i=n,a=e,o=r,p=u.state,i.querySelector('link[rel="preload"][as="style"]['+a+"]")?p.loading=1:(a=i.createElement("link"),p.preload=a,a.addEventListener("load",function(){return p.loading|=1}),a.addEventListener("error",function(){return p.loading|=2}),c0(a,"link",o),eK(a),i.head.appendChild(a))))),t&amp;&amp;null===s)throw Error(c(528,""));return u}if(t&amp;&amp;null!==s)throw Error(c(529,""));return null;case"script":return t=r.async,"string"==typeof(r=r.src)&amp;&amp;t&amp;&amp;"function"!=typeof t&amp;&amp;"symbol"!=typeof t?(t=pw(r),(s=(r=eQ(n).hoistableScripts).get(t))||(s={type:"script",instance:null,count:0,state:null},r.set(t,s)),s):{type:"void",instance:null,count:0,state:null};default:throw Error(c(444,e))}}function py(e){return'href="'+ts(e)+'"'}function pv(e){return'link[rel="stylesheet"]['+e+"]"}function pb(e){return $({},e,{"data-precedence":e.precedence,precedence:null})}function pw(e){return'[src="'+ts(e)+'"]'}function px(e){return"script[async]"+e}function pS(e,t,r){if(t.count++,null===t.instance)switch(t.type){case"style":var s=e.querySelector('style[data-href~="'+ts(r.href)+'"]');if(s)return t.instance=s,eK(s),s;var n=$({},r,{"data-href":r.href,"data-precedence":r.precedence,href:null,precedence:null});return eK(s=(e.ownerDocument||e).createElement("style")),c0(s,"style",n),p_(s,r.precedence,e),t.instance=s;case"stylesheet":n=py(r.href);var i=e.querySelector(pv(n));if(i)return t.state.loading|=4,t.instance=i,eK(i),i;s=pb(r),(n=pd.get(n))&amp;&amp;pA(s,n),eK(i=(e.ownerDocument||e).createElement("link"));var a=i;return a._p=new Promise(function(e,t){a.onload=e,a.onerror=t}),c0(i,"link",s),t.state.loading|=4,p_(i,r.precedence,e),t.instance=i;case"script":if(i=pw(r.src),n=e.querySelector(px(i)))return t.instance=n,eK(n),n;return s=r,(n=pd.get(i))&amp;&amp;pq(s=$({},r),n),eK(n=(e=e.ownerDocument||e).createElement("script")),c0(n,"link",s),e.head.appendChild(n),t.instance=n;case"void":return null;default:throw Error(c(443,t.type))}else"stylesheet"===t.type&amp;&amp;0==(4&amp;t.state.loading)&amp;&amp;(s=t.instance,t.state.loading|=4,p_(s,r.precedence,e));return t.instance}function p_(e,t,r){for(var s=r.querySelectorAll('link[rel="stylesheet"][data-precedence],style[data-precedence]'),n=s.length?s[s.length-1]:null,i=n,a=0;a&lt;s.length;a++){var o=s[a];if(o.dataset.precedence===t)i=o;else if(i!==n)break}i?i.parentNode.insertBefore(e,i.nextSibling):(t=9===r.nodeType?r.head:r).insertBefore(e,t.firstChild)}function pA(e,t){null==e.crossOrigin&amp;&amp;(e.crossOrigin=t.crossOrigin),null==e.referrerPolicy&amp;&amp;(e.referrerPolicy=t.referrerPolicy),null==e.title&amp;&amp;(e.title=t.title)}function pq(e,t){null==e.crossOrigin&amp;&amp;(e.crossOrigin=t.crossOrigin),null==e.referrerPolicy&amp;&amp;(e.referrerPolicy=t.referrerPolicy),null==e.integrity&amp;&amp;(e.integrity=t.integrity)}var pk=null;function pT(e,t,r){if(null===pk){var s=new Map,n=pk=new Map;n.set(r,s)}else(s=(n=pk).get(r))||(s=new Map,n.set(r,s));if(s.has(e))return s;for(s.set(e,null),r=r.getElementsByTagName(e),n=0;n&lt;r.length;n++){var i=r[n];if(!(i[eM]||i[eC]||"link"===e&amp;&amp;"stylesheet"===i.getAttribute("rel"))&amp;&amp;"http://www.w3.org/2000/svg"!==i.namespaceURI){var a=i.getAttribute(t)||"";a=e+a;var o=s.get(a);o?o.push(i):s.set(a,[i])}}return s}function pz(e,t,r){(e=e.ownerDocument||e).head.insertBefore(r,"title"===t?e.querySelector("head &gt; title"):null)}function pj(e){return"stylesheet"!==e.type||0!=(3&amp;e.state.loading)}var pI=null;function pP(){}function p$(){if(this.count--,0===this.count){if(this.stylesheets)pE(this,this.stylesheets);else if(this.unsuspend){var e=this.unsuspend;this.unsuspend=null,e()}}}var pR=null;function pE(e,t){e.stylesheets=null,null!==e.unsuspend&amp;&amp;(e.count++,pR=new Map,t.forEach(pO,e),pR=null,p$.call(e))}function pO(e,t){if(!(4&amp;t.state.loading)){var r=pR.get(e);if(r)var s=r.get(null);else{r=new Map,pR.set(e,r);for(var n=e.querySelectorAll("link[data-precedence],style[data-precedence]"),i=0;i&lt;n.length;i++){var a=n[i];("LINK"===a.nodeName||"not all"!==a.getAttribute("media"))&amp;&amp;(r.set(a.dataset.precedence,a),s=a)}s&amp;&amp;r.set(null,s)}a=(n=t.instance).getAttribute("data-precedence"),(i=r.get(a)||s)===s&amp;&amp;r.set(null,n),r.set(a,n),this.count++,s=p$.bind(this),n.addEventListener("load",s),n.addEventListener("error",s),i?i.parentNode.insertBefore(n,i.nextSibling):(e=9===e.nodeType?e.head:e).insertBefore(n,e.firstChild),t.state.loading|=4}}var pC={$$typeof:v,Provider:null,Consumer:null,_currentValue:W,_currentValue2:W,_threadCount:0};function pL(e,t,r,s,n,i,a,o){this.tag=1,this.containerInfo=e,this.finishedWork=this.pingCache=this.current=this.pendingChildren=null,this.timeoutHandle=-1,this.callbackNode=this.next=this.pendingContext=this.context=this.cancelPendingCommit=null,this.callbackPriority=0,this.expirationTimes=ej(-1),this.entangledLanes=this.shellSuspendCounter=this.errorRecoveryDisabledLanes=this.finishedLanes=this.expiredLanes=this.warmLanes=this.pingedLanes=this.suspendedLanes=this.pendingLanes=0,this.entanglements=ej(0),this.hiddenUpdates=ej(null),this.identifierPrefix=s,this.onUncaughtError=n,this.onCaughtError=i,this.onRecoverableError=a,this.pooledCache=null,this.pooledCacheLanes=0,this.formState=o,this.incompleteTransitions=new Map}function pD(e,t,r,s,n,i,a,o,c,p,d,u){return e=new pL(e,t,r,a,o,c,p,u),t=1,!0===i&amp;&amp;(t|=24),i=oa(3,null,null,t),e.current=i,i.stateNode=e,t=s4(),t.refCount++,e.pooledCache=t,t.refCount++,i.memoizedState={element:s,isDehydrated:r,cache:t},ay(i),e}function pB(e){return e?e=r6:r6}function pN(e,t,r,s,n,i){var a;n=(a=n)?a=r6:r6,null===s.context?s.context=n:s.pendingContext=n,(s=ab(t)).payload={element:r},null!==(i=void 0===i?null:i)&amp;&amp;(s.callback=i),null!==(r=aw(e,s,t))&amp;&amp;(o2(r,e,t),ax(r,e,t))}function pG(e,t){if(null!==(e=e.memoizedState)&amp;&amp;null!==e.dehydrated){var r=e.retryLane;e.retryLane=0!==r&amp;&amp;r&lt;t?r:t}}function pW(e,t){pG(e,t),(e=e.alternate)&amp;&amp;pG(e,t)}function pM(e){if(13===e.tag){var t=r0(e,0x4000000);null!==t&amp;&amp;o2(t,e,0x4000000),pW(e,0x4000000)}}var pU=!0;function pF(e,t,r,s){var n=P.T;P.T=null;var i=G.p;try{G.p=2,pV(e,t,r,s)}finally{G.p=i,P.T=n}}function pH(e,t,r,s){var n=P.T;P.T=null;var i=G.p;try{G.p=8,pV(e,t,r,s)}finally{G.p=i,P.T=n}}function pV(e,t,r,s){if(pU){var n=pQ(s);if(null===n)cU(e,t,s,pK,r),p9(e,s);else if(function(e,t,r,s,n){switch(t){case"focusin":return pZ=p7(pZ,e,t,r,s,n),!0;case"dragenter":return p1=p7(p1,e,t,r,s,n),!0;case"mouseover":return p2=p7(p2,e,t,r,s,n),!0;case"pointerover":var i=n.pointerId;return p0.set(i,p7(p0.get(i)||null,e,t,r,s,n)),!0;case"gotpointercapture":return i=n.pointerId,p4.set(i,p7(p4.get(i)||null,e,t,r,s,n)),!0}return!1}(n,e,t,r,s))s.stopPropagation();else if(p9(e,s),4&amp;t&amp;&amp;-1&lt;p6.indexOf(e)){for(;null!==n;){var i=eH(n);if(null!==i)switch(i.tag){case 3:if((i=i.stateNode).current.memoizedState.isDehydrated){var a=eA(i.pendingLanes);if(0!==a){var o=i;for(o.pendingLanes|=2,o.entangledLanes|=2;a;){var c=1&lt;&lt;31-eb(a);o.entanglements[1]|=c,a&amp;=~c}cq(i),0==(6&amp;o_)&amp;&amp;(oM=eo()+500,ck(0,!1))}}break;case 13:null!==(o=r0(i,2))&amp;&amp;o2(o,i,2),o9(),pW(i,2)}if(null===(i=pQ(s))&amp;&amp;cU(e,t,s,pK,r),i===n)break;n=i}null!==n&amp;&amp;s.stopPropagation()}else cU(e,t,s,null,r)}}function pQ(e){return pJ(e=tb(e))}var pK=null;function pJ(e){if(pK=null,null!==(e=eF(e))){var t=L(e);if(null===t)e=null;else{var r=t.tag;if(13===r){if(null!==(e=D(t)))return e;e=null}else if(3===r){if(t.stateNode.current.memoizedState.isDehydrated)return 3===t.tag?t.stateNode.containerInfo:null;e=null}else t!==e&amp;&amp;(e=null)}}return pK=e,null}function pX(e){switch(e){case"beforetoggle":case"cancel":case"click":case"close":case"contextmenu":case"copy":case"cut":case"auxclick":case"dblclick":case"dragend":case"dragstart":case"drop":case"focusin":case"focusout":case"input":case"invalid":case"keydown":case"keypress":case"keyup":case"mousedown":case"mouseup":case"paste":case"pause":case"play":case"pointercancel":case"pointerdown":case"pointerup":case"ratechange":case"reset":case"resize":case"seeked":case"submit":case"toggle":case"touchcancel":case"touchend":case"touchstart":case"volumechange":case"change":case"selectionchange":case"textInput":case"compositionstart":case"compositionend":case"compositionupdate":case"beforeblur":case"afterblur":case"beforeinput":case"blur":case"fullscreenchange":case"focus":case"hashchange":case"popstate":case"select":case"selectstart":return 2;case"drag":case"dragenter":case"dragexit":case"dragleave":case"dragover":case"mousemove":case"mouseout":case"mouseover":case"pointermove":case"pointerout":case"pointerover":case"scroll":case"touchmove":case"wheel":case"mouseenter":case"mouseleave":case"pointerenter":case"pointerleave":return 8;case"message":switch(ec()){case ep:return 2;case ed:return 8;case eu:case el:return 32;case em:return 0x10000000;default:return 32}default:return 32}}var pY=!1,pZ=null,p1=null,p2=null,p0=new Map,p4=new Map,p8=[],p6="mousedown mouseup touchcancel touchend touchstart auxclick dblclick pointercancel pointerdown pointerup dragend dragstart drop compositionend compositionstart keydown keypress keyup input textInput copy cut paste click change contextmenu reset".split(" ");function p9(e,t){switch(e){case"focusin":case"focusout":pZ=null;break;case"dragenter":case"dragleave":p1=null;break;case"mouseover":case"mouseout":p2=null;break;case"pointerover":case"pointerout":p0.delete(t.pointerId);break;case"gotpointercapture":case"lostpointercapture":p4.delete(t.pointerId)}}function p7(e,t,r,s,n,i){return null===e||e.nativeEvent!==i?(e={blockedOn:t,domEventName:r,eventSystemFlags:s,nativeEvent:i,targetContainers:[n]},null!==t&amp;&amp;null!==(t=eH(t))&amp;&amp;pM(t)):(e.eventSystemFlags|=s,t=e.targetContainers,null!==n&amp;&amp;-1===t.indexOf(n)&amp;&amp;t.push(n)),e}function p3(e){var t=eF(e.target);if(null!==t){var r=L(t);if(null!==r){if(13===(t=r.tag)){if(null!==(t=D(r))){e.blockedOn=t,function(e,t){var r=G.p;try{return G.p=e,t()}finally{G.p=r}}(e.priority,function(){if(13===r.tag){var e=oZ(),t=r0(r,e);null!==t&amp;&amp;o2(t,r,e),pW(r,e)}});return}}else if(3===t&amp;&amp;r.stateNode.current.memoizedState.isDehydrated){e.blockedOn=3===r.tag?r.stateNode.containerInfo:null;return}}}e.blockedOn=null}function p5(e){if(null!==e.blockedOn)return!1;for(var t=e.targetContainers;0&lt;t.length;){var r=pQ(e.nativeEvent);if(null!==r)return null!==(t=eH(r))&amp;&amp;pM(t),e.blockedOn=r,!1;var s=new(r=e.nativeEvent).constructor(r.type,r);tv=s,r.target.dispatchEvent(s),tv=null,t.shift()}return!0}function de(e,t,r){p5(e)&amp;&amp;r.delete(t)}function dt(){pY=!1,null!==pZ&amp;&amp;p5(pZ)&amp;&amp;(pZ=null),null!==p1&amp;&amp;p5(p1)&amp;&amp;(p1=null),null!==p2&amp;&amp;p5(p2)&amp;&amp;(p2=null),p0.forEach(de),p4.forEach(de)}function dr(e,t){e.blockedOn===t&amp;&amp;(e.blockedOn=null,pY||(pY=!0,i.unstable_scheduleCallback(i.unstable_NormalPriority,dt)))}var ds=null;function dn(e){ds!==e&amp;&amp;(ds=e,i.unstable_scheduleCallback(i.unstable_NormalPriority,function(){ds===e&amp;&amp;(ds=null);for(var t=0;t&lt;e.length;t+=3){var r=e[t],s=e[t+1],n=e[t+2];if("function"!=typeof s){if(null===pJ(s||r))continue;break}var i=eH(r);null!==i&amp;&amp;(e.splice(t,3),t-=3,ic(i,{pending:!0,data:n,method:r.method,action:s},s,n))}}))}function di(e){function t(t){return dr(t,e)}null!==pZ&amp;&amp;dr(pZ,e),null!==p1&amp;&amp;dr(p1,e),null!==p2&amp;&amp;dr(p2,e),p0.forEach(t),p4.forEach(t);for(var r=0;r&lt;p8.length;r++){var s=p8[r];s.blockedOn===e&amp;&amp;(s.blockedOn=null)}for(;0&lt;p8.length&amp;&amp;null===(r=p8[0]).blockedOn;)p3(r),null===r.blockedOn&amp;&amp;p8.shift();if(null!=(r=(e.ownerDocument||e).$$reactFormReplay))for(s=0;s&lt;r.length;s+=3){var n=r[s],i=r[s+1],a=n[eL]||null;if("function"==typeof i)a||dn(r);else if(a){var o=null;if(i&amp;&amp;i.hasAttribute("formAction")){if(n=i,a=i[eL]||null)o=a.formAction;else if(null!==pJ(n))continue}else o=a.action;"function"==typeof o?r[s+1]=o:(r.splice(s,3),s-=3),dn(r)}}}function da(e){this._internalRoot=e}function dc(e){this._internalRoot=e}dc.prototype.render=da.prototype.render=function(e){var t=this._internalRoot;if(null===t)throw Error(c(409));pN(t.current,oZ(),e,t,null,null)},dc.prototype.unmount=da.prototype.unmount=function(){var e=this._internalRoot;if(null!==e){this._internalRoot=null;var t=e.containerInfo;0===e.tag&amp;&amp;cu(),pN(e.current,2,null,e,null,null),o9(),t[eD]=null}},dc.prototype.unstable_scheduleHydration=function(e){if(e){var t=eE();e={blockedOn:null,target:e,priority:t};for(var r=0;r&lt;p8.length&amp;&amp;0!==t&amp;&amp;t&lt;p8[r].priority;r++);p8.splice(r,0,e),0===r&amp;&amp;p3(e)}};var dp=a.version;if("19.0.0"!==dp)throw Error(c(527,dp,"19.0.0"));if(G.findDOMNode=function(e){var t=e._reactInternals;if(void 0===t){if("function"==typeof e.render)throw Error(c(188));throw Error(c(268,e=Object.keys(e).join(",")))}return e=null===(e=null!==(e=function(e){var t=e.alternate;if(!t){if(null===(t=L(e)))throw Error(c(188));return t!==e?null:e}for(var r=e,s=t;;){var n=r.return;if(null===n)break;var i=n.alternate;if(null===i){if(null!==(s=n.return)){r=s;continue}break}if(n.child===i.child){for(i=n.child;i;){if(i===r)return B(n),e;if(i===s)return B(n),t;i=i.sibling}throw Error(c(188))}if(r.return!==s.return)r=n,s=i;else{for(var a=!1,o=n.child;o;){if(o===r){a=!0,r=n,s=i;break}if(o===s){a=!0,s=n,r=i;break}o=o.sibling}if(!a){for(o=i.child;o;){if(o===r){a=!0,r=i,s=n;break}if(o===s){a=!0,s=i,r=n;break}o=o.sibling}if(!a)throw Error(c(189))}}if(r.alternate!==s)throw Error(c(190))}if(3!==r.tag)throw Error(c(188));return r.stateNode.current===r?e:t}(t))?function e(t){var r=t.tag;if(5===r||26===r||27===r||6===r)return t;for(t=t.child;null!==t;){if(null!==(r=e(t)))return r;t=t.sibling}return null}(e):null)?null:e.stateNode},"undefined"!=typeof __REACT_DEVTOOLS_GLOBAL_HOOK__){var dd=__REACT_DEVTOOLS_GLOBAL_HOOK__;if(!dd.isDisabled&amp;&amp;dd.supportsFiber)try{ef=dd.inject({bundleType:0,version:"19.0.0",rendererPackageName:"react-dom",currentDispatcherRef:P,findFiberByHostInstance:eF,reconcilerVersion:"19.0.0"}),ey=dd}catch(e){}}t.createRoot=function(e,t){if(!p(e))throw Error(c(299));var r=!1,s="",n=iR,i=iE,a=iO,o=null;return null!=t&amp;&amp;(!0===t.unstable_strictMode&amp;&amp;(r=!0),void 0!==t.identifierPrefix&amp;&amp;(s=t.identifierPrefix),void 0!==t.onUncaughtError&amp;&amp;(n=t.onUncaughtError),void 0!==t.onCaughtError&amp;&amp;(i=t.onCaughtError),void 0!==t.onRecoverableError&amp;&amp;(a=t.onRecoverableError),void 0!==t.unstable_transitionCallbacks&amp;&amp;(o=t.unstable_transitionCallbacks)),t=pD(e,1,!1,null,null,r,s,n,i,a,o,null),e[eD]=t.current,cW(8===e.nodeType?e.parentNode:e),new da(t)},t.hydrateRoot=function(e,t,r){if(!p(e))throw Error(c(299));var s,n=!1,i="",a=iR,o=iE,d=iO,u=null,l=null;return null!=r&amp;&amp;(!0===r.unstable_strictMode&amp;&amp;(n=!0),void 0!==r.identifierPrefix&amp;&amp;(i=r.identifierPrefix),void 0!==r.onUncaughtError&amp;&amp;(a=r.onUncaughtError),void 0!==r.onCaughtError&amp;&amp;(o=r.onCaughtError),void 0!==r.onRecoverableError&amp;&amp;(d=r.onRecoverableError),void 0!==r.unstable_transitionCallbacks&amp;&amp;(u=r.unstable_transitionCallbacks),void 0!==r.formState&amp;&amp;(l=r.formState)),(t=pD(e,1,!0,t,null!=r?r:null,n,i,a,o,d,u,l)).context=(s=null,r6),r=t.current,(i=ab(n=oZ())).callback=null,aw(r,i,n),t.current.lanes=n,eI(t,n),cq(t),e[eD]=t.current,cW(e),new dc(t)},t.version="19.0.0"},545829:function(e,t,r){"use strict";var s=r(202784);function n(e){var t="https://react.dev/errors/"+e;if(1&lt;arguments.length){t+="?args[]="+encodeURIComponent(arguments[1]);for(var r=2;r&lt;arguments.length;r++)t+="&amp;args[]="+encodeURIComponent(arguments[r])}return"Minified React error #"+e+"; visit "+t+" for the full message or use the non-minified dev environment for full errors and additional helpful warnings."}function i(){}var a={d:{f:i,r:function(){throw Error(n(522))},D:i,C:i,L:i,m:i,X:i,S:i,M:i},p:0,findDOMNode:null},o=Symbol.for("react.portal"),c=s.__CLIENT_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE;function p(e,t){return"font"===e?"":"string"==typeof t?"use-credentials"===t?t:"":void 0}t.__DOM_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE=a,t.createPortal=function(e,t){var r=2&lt;arguments.length&amp;&amp;void 0!==arguments[2]?arguments[2]:null;if(!t||1!==t.nodeType&amp;&amp;9!==t.nodeType&amp;&amp;11!==t.nodeType)throw Error(n(299));return function(e,t,r){var s=3&lt;arguments.length&amp;&amp;void 0!==arguments[3]?arguments[3]:null;return{$$typeof:o,key:null==s?null:""+s,children:e,containerInfo:t,implementation:r}}(e,t,null,r)},t.flushSync=function(e){var t=c.T,r=a.p;try{if(c.T=null,a.p=2,e)return e()}finally{c.T=t,a.p=r,a.d.f()}},t.preconnect=function(e,t){"string"==typeof e&amp;&amp;(t=t?"string"==typeof(t=t.crossOrigin)?"use-credentials"===t?t:"":void 0:null,a.d.C(e,t))},t.prefetchDNS=function(e){"string"==typeof e&amp;&amp;a.d.D(e)},t.preinit=function(e,t){if("string"==typeof e&amp;&amp;t&amp;&amp;"string"==typeof t.as){var r=t.as,s=p(r,t.crossOrigin),n="string"==typeof t.integrity?t.integrity:void 0,i="string"==typeof t.fetchPriority?t.fetchPriority:void 0;"style"===r?a.d.S(e,"string"==typeof t.precedence?t.precedence:void 0,{crossOrigin:s,integrity:n,fetchPriority:i}):"script"===r&amp;&amp;a.d.X(e,{crossOrigin:s,integrity:n,fetchPriority:i,nonce:"string"==typeof t.nonce?t.nonce:void 0})}},t.preinitModule=function(e,t){if("string"==typeof e){if("object"==typeof t&amp;&amp;null!==t){if(null==t.as||"script"===t.as){var r=p(t.as,t.crossOrigin);a.d.M(e,{crossOrigin:r,integrity:"string"==typeof t.integrity?t.integrity:void 0,nonce:"string"==typeof t.nonce?t.nonce:void 0})}}else null==t&amp;&amp;a.d.M(e)}},t.preload=function(e,t){if("string"==typeof e&amp;&amp;"object"==typeof t&amp;&amp;null!==t&amp;&amp;"string"==typeof t.as){var r=t.as,s=p(r,t.crossOrigin);a.d.L(e,r,{crossOrigin:s,integrity:"string"==typeof t.integrity?t.integrity:void 0,nonce:"string"==typeof t.nonce?t.nonce:void 0,type:"string"==typeof t.type?t.type:void 0,fetchPriority:"string"==typeof t.fetchPriority?t.fetchPriority:void 0,referrerPolicy:"string"==typeof t.referrerPolicy?t.referrerPolicy:void 0,imageSrcSet:"string"==typeof t.imageSrcSet?t.imageSrcSet:void 0,imageSizes:"string"==typeof t.imageSizes?t.imageSizes:void 0,media:"string"==typeof t.media?t.media:void 0})}},t.preloadModule=function(e,t){if("string"==typeof e){if(t){var r=p(t.as,t.crossOrigin);a.d.m(e,{as:"string"==typeof t.as&amp;&amp;"script"!==t.as?t.as:void 0,crossOrigin:r,integrity:"string"==typeof t.integrity?t.integrity:void 0})}else a.d.m(e)}},t.requestFormReset=function(e){a.d.r(e)},t.unstable_batchedUpdates=function(e,t){return e(t)},t.useFormState=function(e,t,r){return c.H.useFormState(e,t,r)},t.useFormStatus=function(){return c.H.useHostTransitionStatus()},t.version="19.0.0"},117029:function(e,t,r){"use strict";!function e(){if("undefined"!=typeof __REACT_DEVTOOLS_GLOBAL_HOOK__&amp;&amp;"function"==typeof __REACT_DEVTOOLS_GLOBAL_HOOK__.checkDCE)try{__REACT_DEVTOOLS_GLOBAL_HOOK__.checkDCE(e)}catch(e){console.error(e)}}(),e.exports=r(122802)},928316:function(e,t,r){"use strict";!function e(){if("undefined"!=typeof __REACT_DEVTOOLS_GLOBAL_HOOK__&amp;&amp;"function"==typeof __REACT_DEVTOOLS_GLOBAL_HOOK__.checkDCE)try{__REACT_DEVTOOLS_GLOBAL_HOOK__.checkDCE(e)}catch(e){console.error(e)}}(),e.exports=r(545829)},578435:function(e){var t="undefined"!=typeof Element,r="function"==typeof Map,s="function"==typeof Set,n="function"==typeof ArrayBuffer&amp;&amp;!!ArrayBuffer.isView;e.exports=function(e,i){try{return function e(i,a){if(i===a)return!0;if(i&amp;&amp;a&amp;&amp;"object"==typeof i&amp;&amp;"object"==typeof a){var o,c,p,d;if(i.constructor!==a.constructor)return!1;if(Array.isArray(i)){if((o=i.length)!=a.length)return!1;for(c=o;0!=c--;)if(!e(i[c],a[c]))return!1;return!0}if(r&amp;&amp;i instanceof Map&amp;&amp;a instanceof Map){if(i.size!==a.size)return!1;for(d=i.entries();!(c=d.next()).done;)if(!a.has(c.value[0]))return!1;for(d=i.entries();!(c=d.next()).done;)if(!e(c.value[1],a.get(c.value[0])))return!1;return!0}if(s&amp;&amp;i instanceof Set&amp;&amp;a instanceof Set){if(i.size!==a.size)return!1;for(d=i.entries();!(c=d.next()).done;)if(!a.has(c.value[0]))return!1;return!0}if(n&amp;&amp;ArrayBuffer.isView(i)&amp;&amp;ArrayBuffer.isView(a)){if((o=i.length)!=a.length)return!1;for(c=o;0!=c--;)if(i[c]!==a[c])return!1;return!0}if(i.constructor===RegExp)return i.source===a.source&amp;&amp;i.flags===a.flags;if(i.valueOf!==Object.prototype.valueOf&amp;&amp;"function"==typeof i.valueOf&amp;&amp;"function"==typeof a.valueOf)return i.valueOf()===a.valueOf();if(i.toString!==Object.prototype.toString&amp;&amp;"function"==typeof i.toString&amp;&amp;"function"==typeof a.toString)return i.toString()===a.toString();if((o=(p=Object.keys(i)).length)!==Object.keys(a).length)return!1;for(c=o;0!=c--;)if(!Object.prototype.hasOwnProperty.call(a,p[c]))return!1;if(t&amp;&amp;i instanceof Element)return!1;for(c=o;0!=c--;)if(("_owner"!==p[c]&amp;&amp;"__v"!==p[c]&amp;&amp;"__o"!==p[c]||!i.$$typeof)&amp;&amp;!e(i[p[c]],a[p[c]]))return!1;return!0}return i!=i&amp;&amp;a!=a}(e,i)}catch(e){if((e.message||"").match(/stack|recursion/i))return console.warn("react-fast-compare cannot handle circular refs"),!1;throw e}}},766866:function(e,t){"use strict";var r="function"==typeof Symbol&amp;&amp;Symbol.for,s=r?Symbol.for("react.element"):60103,n=r?Symbol.for("react.portal"):60106,i=r?Symbol.for("react.fragment"):60107,a=r?Symbol.for("react.strict_mode"):60108,o=r?Symbol.for("react.profiler"):60114,c=r?Symbol.for("react.provider"):60109,p=r?Symbol.for("react.context"):60110,d=r?Symbol.for("react.async_mode"):60111,u=r?Symbol.for("react.concurrent_mode"):60111,l=r?Symbol.for("react.forward_ref"):60112,m=r?Symbol.for("react.suspense"):60113,h=r?Symbol.for("react.suspense_list"):60120,g=r?Symbol.for("react.memo"):60115,f=r?Symbol.for("react.lazy"):60116,y=r?Symbol.for("react.block"):60121,v=r?Symbol.for("react.fundamental"):60117,b=r?Symbol.for("react.responder"):60118,w=r?Symbol.for("react.scope"):60119;function x(e){if("object"==typeof e&amp;&amp;null!==e){var t=e.$$typeof;switch(t){case s:switch(e=e.type){case d:case u:case i:case o:case a:case m:return e;default:switch(e=e&amp;&amp;e.$$typeof){case p:case l:case f:case g:case c:return e;default:return t}}case n:return t}}}function S(e){return x(e)===u}t.AsyncMode=d,t.ConcurrentMode=u,t.ContextConsumer=p,t.ContextProvider=c,t.Element=s,t.ForwardRef=l,t.Fragment=i,t.Lazy=f,t.Memo=g,t.Portal=n,t.Profiler=o,t.StrictMode=a,t.Suspense=m,t.isAsyncMode=function(e){return S(e)||x(e)===d},t.isConcurrentMode=S,t.isContextConsumer=function(e){return x(e)===p},t.isContextProvider=function(e){return x(e)===c},t.isElement=function(e){return"object"==typeof e&amp;&amp;null!==e&amp;&amp;e.$$typeof===s},t.isForwardRef=function(e){return x(e)===l},t.isFragment=function(e){return x(e)===i},t.isLazy=function(e){return x(e)===f},t.isMemo=function(e){return x(e)===g},t.isPortal=function(e){return x(e)===n},t.isProfiler=function(e){return x(e)===o},t.isStrictMode=function(e){return x(e)===a},t.isSuspense=function(e){return x(e)===m},t.isValidElementType=function(e){return"string"==typeof e||"function"==typeof e||e===i||e===u||e===o||e===a||e===m||e===h||"object"==typeof e&amp;&amp;null!==e&amp;&amp;(e.$$typeof===f||e.$$typeof===g||e.$$typeof===c||e.$$typeof===p||e.$$typeof===l||e.$$typeof===v||e.$$typeof===b||e.$$typeof===w||e.$$typeof===y)},t.typeOf=x},148570:function(e,t,r){"use strict";e.exports=r(766866)},389028:function(e,t,r){"use strict";function s(e,t){e.prototype=Object.create(t.prototype),e.prototype.constructor=e,e.__proto__=t}function n(e){if(void 0===e)throw ReferenceError("this hasn't been initialised - super() hasn't been called");return e}function i(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(){return(a=Object.assign||function(e){for(var t=1;t&lt;arguments.length;t++){var r=arguments[t];for(var s in r)Object.prototype.hasOwnProperty.call(r,s)&amp;&amp;(e[s]=r[s])}return e}).apply(this,arguments)}var o=r(202784),c=[],p=[],d=o.createContext(null);function u(e){var t=e(),r={loading:!0,loaded:null,error:null};return r.promise=t.then(function(e){return r.loading=!1,r.loaded=e,e}).catch(function(e){throw r.loading=!1,r.error=e,e}),r}function l(e){var t={loading:!1,loaded:{},error:null},r=[];try{Object.keys(e).forEach(function(s){var n=u(e[s]);n.loading?t.loading=!0:(t.loaded[s]=n.loaded,t.error=n.error),r.push(n.promise),n.promise.then(function(e){t.loaded[s]=e}).catch(function(e){t.error=e})})}catch(e){t.error=e}return t.promise=Promise.all(r).then(function(e){return t.loading=!1,e}).catch(function(e){throw t.loading=!1,e}),t}function m(e,t){return o.createElement(e&amp;&amp;e.__esModule?e.default:e,t)}function h(e,t){if(!t.loading)throw Error("react-loadable requires a `loading` component");var u,l,h=a({loader:null,loading:null,delay:200,timeout:null,render:m,webpack:null,modules:null},t),g=null;function f(){return g||(g=e(h.loader)),g.promise}return c.push(f),"function"==typeof h.webpack&amp;&amp;p.push(function(){if((0,h.webpack)().every(function(e){return void 0!==e&amp;&amp;void 0!==r.m[e]}))return f()}),l=u=function(t){function r(r){var s;return i(n(n(s=t.call(this,r)||this)),"retry",function(){s.setState({error:null,loading:!0,timedOut:!1}),g=e(h.loader),s._loadModule()}),f(),s.state={error:g.error,pastDelay:!1,timedOut:!1,loading:g.loading,loaded:g.loaded},s}s(r,t),r.preload=function(){return f()};var a=r.prototype;return a.UNSAFE_componentWillMount=function(){this._loadModule()},a.componentDidMount=function(){this._mounted=!0},a._loadModule=function(){var e=this;if(this.context&amp;&amp;Array.isArray(h.modules)&amp;&amp;h.modules.forEach(function(t){e.context.report(t)}),g.loading){var t=function(t){e._mounted&amp;&amp;e.setState(t)};"number"==typeof h.delay&amp;&amp;(0===h.delay?this.setState({pastDelay:!0}):this._delay=setTimeout(function(){t({pastDelay:!0})},h.delay)),"number"==typeof h.timeout&amp;&amp;(this._timeout=setTimeout(function(){t({timedOut:!0})},h.timeout));var r=function(){t({error:g.error,loaded:g.loaded,loading:g.loading}),e._clearTimeouts()};g.promise.then(function(){return r(),null}).catch(function(e){return r(),null})}},a.componentWillUnmount=function(){this._mounted=!1,this._clearTimeouts()},a._clearTimeouts=function(){clearTimeout(this._delay),clearTimeout(this._timeout)},a.render=function(){return this.state.loading||this.state.error?o.createElement(h.loading,{isLoading:this.state.loading,pastDelay:this.state.pastDelay,timedOut:this.state.timedOut,error:this.state.error,retry:this.retry}):this.state.loaded?h.render(this.state.loaded,this.props):null},r}(o.Component),i(u,"contextType",d),l}function g(e){return h(u,e)}g.Map=function(e){if("function"!=typeof e.render)throw Error("LoadableMap requires a `render(loaded, props)` function");return h(l,e)};var f=function(e){function t(){return e.apply(this,arguments)||this}return s(t,e),t.prototype.render=function(){return o.createElement(d.Provider,{value:{report:this.props.report}},o.Children.only(this.props.children))},t}(o.Component);function y(e){for(var t=[];e.length;){var r=e.pop();t.push(r())}return Promise.all(t).then(function(){if(e.length)return y(e)})}g.Capture=f,g.preloadAll=function(){return new Promise(function(e,t){y(c).then(e,t)})},g.preloadReady=function(){return new Promise(function(e,t){y(p).then(e,e)})},e.exports=g},309702:function(e,t,r){"use strict";r.d(t,{H:function(){return a},f:function(){return function e(t,r,n){return void 0===n&amp;&amp;(n=[]),t.some(function(t){var i=t.path?(0,s.LX)(r,t):n.length?n[n.length-1].match:s.F0.computeRootMatch(r);return i&amp;&amp;(n.push({route:t,match:i}),t.routes&amp;&amp;e(t.routes,r,n)),i}),n}}});var s=r(107267),n=r(313714),i=r(202784);function a(e,t,r){return void 0===t&amp;&amp;(t={}),void 0===r&amp;&amp;(r={}),e?i.createElement(s.rs,r,e.map(function(e,r){return i.createElement(s.AW,{key:e.key||r,path:e.path,exact:e.exact,strict:e.strict,render:function(r){return e.render?e.render((0,n.Z)({},r,{},t,{route:e})):i.createElement(e.component,(0,n.Z)({},r,t,{route:e}))}})})):null}},647933:function(e,t,r){"use strict";r.d(t,{OL:function(){return w},UT:function(){return u},VK:function(){return d},rU:function(){return y}});var s=r(107267),n=r(541543),i=r(202784),a=r(716962),o=r(313714),c=r(283660),p=r(444965),d=function(e){function t(){for(var t,r=arguments.length,s=Array(r),n=0;n&lt;r;n++)s[n]=arguments[n];return(t=e.call.apply(e,[this].concat(s))||this).history=(0,a.lX)(t.props),t}return(0,n.Z)(t,e),t.prototype.render=function(){return i.createElement(s.F0,{history:this.history,children:this.props.children})},t}(i.Component),u=function(e){function t(){for(var t,r=arguments.length,s=Array(r),n=0;n&lt;r;n++)s[n]=arguments[n];return(t=e.call.apply(e,[this].concat(s))||this).history=(0,a.q_)(t.props),t}return(0,n.Z)(t,e),t.prototype.render=function(){return i.createElement(s.F0,{history:this.history,children:this.props.children})},t}(i.Component),l=function(e,t){return"function"==typeof e?e(t):e},m=function(e,t){return"string"==typeof e?(0,a.ob)(e,null,null,t):e},h=function(e){return e},g=i.forwardRef;void 0===g&amp;&amp;(g=h);var f=g(function(e,t){var r=e.innerRef,s=e.navigate,n=e.onClick,a=(0,c.Z)(e,["innerRef","navigate","onClick"]),p=a.target,d=(0,o.Z)({},a,{onClick:function(e){try{n&amp;&amp;n(e)}catch(t){throw e.preventDefault(),t}!e.defaultPrevented&amp;&amp;0===e.button&amp;&amp;(!p||"_self"===p)&amp;&amp;!(e.metaKey||e.altKey||e.ctrlKey||e.shiftKey)&amp;&amp;(e.preventDefault(),s())}});return h!==g?d.ref=t||r:d.ref=r,i.createElement("a",d)}),y=g(function(e,t){var r=e.component,n=void 0===r?f:r,d=e.replace,u=e.to,y=e.innerRef,v=(0,c.Z)(e,["component","replace","to","innerRef"]);return i.createElement(s.s6.Consumer,null,function(e){e||(0,p.Z)(!1);var r=e.history,s=m(l(u,e.location),e.location),c=s?r.createHref(s):"",f=(0,o.Z)({},v,{href:c,navigate:function(){var t=l(u,e.location),s=(0,a.Ep)(e.location)===(0,a.Ep)(m(t));(d||s?r.replace:r.push)(t)}});return h!==g?f.ref=t||y:f.innerRef=y,i.createElement(n,f)})}),v=function(e){return e},b=i.forwardRef;void 0===b&amp;&amp;(b=v);var w=b(function(e,t){var r=e["aria-current"],n=void 0===r?"page":r,a=e.activeClassName,d=void 0===a?"active":a,u=e.activeStyle,h=e.className,g=e.exact,f=e.isActive,w=e.location,x=e.sensitive,S=e.strict,_=e.style,A=e.to,q=e.innerRef,k=(0,c.Z)(e,["aria-current","activeClassName","activeStyle","className","exact","isActive","location","sensitive","strict","style","to","innerRef"]);return i.createElement(s.s6.Consumer,null,function(e){e||(0,p.Z)(!1);var r=w||e.location,a=m(l(A,r),r),c=a.pathname,T=c&amp;&amp;c.replace(/([.+*?=^!:${}()[\]|/\\])/g,"\\$1"),z=T?(0,s.LX)(r.pathname,{path:T,exact:g,sensitive:x,strict:S}):null,j=!!(f?f(z,r):z),I="function"==typeof h?h(j):h,P="function"==typeof _?_(j):_;j&amp;&amp;(I=function(){for(var e=arguments.length,t=Array(e),r=0;r&lt;e;r++)t[r]=arguments[r];return t.filter(function(e){return e}).join(" ")}(I,d),P=(0,o.Z)({},P,u));var $=(0,o.Z)({"aria-current":j&amp;&amp;n||null,className:I,style:P,to:a},k);return v!==b?$.ref=t||q:$.innerRef=q,i.createElement(y,$)})})},107267:function(e,t,r){"use strict";r.d(t,{AW:function(){return w},F0:function(){return f},LX:function(){return b},TH:function(){return A},k6:function(){return _},rs:function(){return x},s6:function(){return g}});var s=r(541543),n=r(202784),i=r(213980),a=r.n(i),o=(r(716962),r(444965)),c=r(313714),p=r(779056),d=r.n(p);r(148570),r(283660),r(373463);var u="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:void 0!==r.g?r.g:{},l=n.createContext||function(e,t){var r,i,o,c="__create-react-context-"+(u[r="__global_unique_id__"]=(u[r]||0)+1)+"__",p=function(e){function r(){for(var t,r,s,n=arguments.length,i=Array(n),a=0;a&lt;n;a++)i[a]=arguments[a];return(t=e.call.apply(e,[this].concat(i))||this).emitter=(r=t.props.value,s=[],{on:function(e){s.push(e)},off:function(e){s=s.filter(function(t){return t!==e})},get:function(){return r},set:function(e,t){r=e,s.forEach(function(e){return e(r,t)})}}),t}(0,s.Z)(r,e);var n=r.prototype;return n.getChildContext=function(){var e;return(e={})[c]=this.emitter,e},n.componentWillReceiveProps=function(e){if(this.props.value!==e.value){var r,s=this.props.value,n=e.value;(s===n?0!==s||1/s==1/n:s!=s&amp;&amp;n!=n)?r=0:0!=(r=("function"==typeof t?t(s,n):0x3fffffff)|0)&amp;&amp;this.emitter.set(e.value,r)}},n.render=function(){return this.props.children},r}(n.Component);p.childContextTypes=((i={})[c]=a().object.isRequired,i);var d=function(t){function r(){for(var e,r=arguments.length,s=Array(r),n=0;n&lt;r;n++)s[n]=arguments[n];return(e=t.call.apply(t,[this].concat(s))||this).observedBits=void 0,e.state={value:e.getValue()},e.onUpdate=function(t,r){((0|e.observedBits)&amp;r)!=0&amp;&amp;e.setState({value:e.getValue()})},e}(0,s.Z)(r,t);var n=r.prototype;return n.componentWillReceiveProps=function(e){var t=e.observedBits;this.observedBits=null==t?0x3fffffff:t},n.componentDidMount=function(){this.context[c]&amp;&amp;this.context[c].on(this.onUpdate);var e=this.props.observedBits;this.observedBits=null==e?0x3fffffff:e},n.componentWillUnmount=function(){this.context[c]&amp;&amp;this.context[c].off(this.onUpdate)},n.getValue=function(){return this.context[c]?this.context[c].get():e},n.render=function(){var e;return(Array.isArray(e=this.props.children)?e[0]:e)(this.state.value)},r}(n.Component);return d.contextTypes=((o={})[c]=a().object,o),{Provider:p,Consumer:d}},m=function(e){var t=l();return t.displayName=e,t},h=m("Router-History"),g=m("Router"),f=function(e){function t(t){var r;return(r=e.call(this,t)||this).state={location:t.history.location},r._isMounted=!1,r._pendingLocation=null,t.staticContext||(r.unlisten=t.history.listen(function(e){r._pendingLocation=e})),r}(0,s.Z)(t,e),t.computeRootMatch=function(e){return{path:"/",url:"/",params:{},isExact:"/"===e}};var r=t.prototype;return r.componentDidMount=function(){var e=this;this._isMounted=!0,this.unlisten&amp;&amp;this.unlisten(),this.props.staticContext||(this.unlisten=this.props.history.listen(function(t){e._isMounted&amp;&amp;e.setState({location:t})})),this._pendingLocation&amp;&amp;this.setState({location:this._pendingLocation})},r.componentWillUnmount=function(){this.unlisten&amp;&amp;(this.unlisten(),this._isMounted=!1,this._pendingLocation=null)},r.render=function(){return n.createElement(g.Provider,{value:{history:this.props.history,location:this.state.location,match:t.computeRootMatch(this.state.location.pathname),staticContext:this.props.staticContext}},n.createElement(h.Provider,{children:this.props.children||null,value:this.props.history}))},t}(n.Component);n.Component,n.Component;var y={},v=0;function b(e,t){void 0===t&amp;&amp;(t={}),("string"==typeof t||Array.isArray(t))&amp;&amp;(t={path:t});var r=t,s=r.path,n=r.exact,i=void 0!==n&amp;&amp;n,a=r.strict,o=void 0!==a&amp;&amp;a,c=r.sensitive,p=void 0!==c&amp;&amp;c;return[].concat(s).reduce(function(t,r){if(!r&amp;&amp;""!==r)return null;if(t)return t;var s=function(e,t){var r=""+t.end+t.strict+t.sensitive,s=y[r]||(y[r]={});if(s[e])return s[e];var n=[],i={regexp:d()(e,n,t),keys:n};return v&lt;1e4&amp;&amp;(s[e]=i,v++),i}(r,{end:i,strict:o,sensitive:p}),n=s.regexp,a=s.keys,c=n.exec(e);if(!c)return null;var u=c[0],l=c.slice(1),m=e===u;return i&amp;&amp;!m?null:{path:r,url:"/"===r&amp;&amp;""===u?"/":u,isExact:m,params:a.reduce(function(e,t,r){return e[t.name]=l[r],e},{})}},null)}var w=function(e){function t(){return e.apply(this,arguments)||this}return(0,s.Z)(t,e),t.prototype.render=function(){var e=this;return n.createElement(g.Consumer,null,function(t){t||(0,o.Z)(!1);var r,s=e.props.location||t.location,i=e.props.computedMatch?e.props.computedMatch:e.props.path?b(s.pathname,e.props):t.match,a=(0,c.Z)({},t,{location:s,match:i}),p=e.props,d=p.children,u=p.component,l=p.render;return Array.isArray(d)&amp;&amp;(r=d,0===n.Children.count(r))&amp;&amp;(d=null),n.createElement(g.Provider,{value:a},a.match?d?"function"==typeof d?d(a):d:u?n.createElement(u,a):l?l(a):null:"function"==typeof d?d(a):null)})},t}(n.Component);n.Component;var x=function(e){function t(){return e.apply(this,arguments)||this}return(0,s.Z)(t,e),t.prototype.render=function(){var e=this;return n.createElement(g.Consumer,null,function(t){t||(0,o.Z)(!1);var r,s,i=e.props.location||t.location;return n.Children.forEach(e.props.children,function(e){if(null==s&amp;&amp;n.isValidElement(e)){r=e;var a=e.props.path||e.props.from;s=a?b(i.pathname,(0,c.Z)({},e.props,{path:a})):t.match}}),s?n.cloneElement(r,{location:i,computedMatch:s}):null})},t}(n.Component),S=n.useContext;function _(){return S(h)}function A(){return S(g).location}},649613:function(e){e.exports=Array.isArray||function(e){return"[object Array]"==Object.prototype.toString.call(e)}},779056:function(e,t,r){var s=r(649613);e.exports=function e(t,r,n){var a,o;return(s(r)||(n=r||n,r=[]),n=n||{},t instanceof RegExp)?function(e,t){var r=e.source.match(/\((?!\?)/g);if(r)for(var s=0;s&lt;r.length;s++)t.push({name:s,prefix:null,delimiter:null,optional:!1,repeat:!1,partial:!1,asterisk:!1,pattern:null});return e.keys=t,e}(t,r):s(t)?function(t,r,s){for(var n,i=[],a=0;a&lt;t.length;a++)i.push(e(t[a],r,s).source);return(n=RegExp("(?:"+i.join("|")+")",p(s))).keys=r,n}(t,r,n):(a=r,d(i(t,o=n),a,o))},e.exports.parse=i,e.exports.compile=function(e,t){return o(i(e,t),t)},e.exports.tokensToFunction=o,e.exports.tokensToRegExp=d;var n=RegExp("(\\\\.)|([\\/.])?(?:(?:\\:(\\w+)(?:\\(((?:\\\\.|[^\\\\()])+)\\))?|\\(((?:\\\\.|[^\\\\()])+)\\))([+*?])?|(\\*))","g");function i(e,t){for(var r,s=[],i=0,a=0,o="",p=t&amp;&amp;t.delimiter||"/";null!=(r=n.exec(e));){var d=r[0],u=r[1],l=r.index;if(o+=e.slice(a,l),a=l+d.length,u){o+=u[1];continue}var m=e[a],h=r[2],g=r[3],f=r[4],y=r[5],v=r[6],b=r[7];o&amp;&amp;(s.push(o),o="");var w=null!=h&amp;&amp;null!=m&amp;&amp;m!==h,x="+"===v||"*"===v,S="?"===v||"*"===v,_=r[2]||p,A=f||y;s.push({name:g||i++,prefix:h||"",delimiter:_,optional:S,repeat:x,partial:w,asterisk:!!b,pattern:A?A.replace(/([=!:$\/()])/g,"\\$1"):b?".*":"[^"+c(_)+"]+?"})}return a&lt;e.length&amp;&amp;(o+=e.substr(a)),o&amp;&amp;s.push(o),s}function a(e){return encodeURI(e).replace(/[\/?#]/g,function(e){return"%"+e.charCodeAt(0).toString(16).toUpperCase()})}function o(e,t){for(var r=Array(e.length),n=0;n&lt;e.length;n++)"object"==typeof e[n]&amp;&amp;(r[n]=RegExp("^(?:"+e[n].pattern+")$",p(t)));return function(t,n){for(var i="",o=t||{},c=(n||{}).pretty?a:encodeURIComponent,p=0;p&lt;e.length;p++){var d,u=e[p];if("string"==typeof u){i+=u;continue}var l=o[u.name];if(null==l){if(u.optional){u.partial&amp;&amp;(i+=u.prefix);continue}throw TypeError('Expected "'+u.name+'" to be defined')}if(s(l)){if(!u.repeat)throw TypeError('Expected "'+u.name+'" to not repeat, but received `'+JSON.stringify(l)+"`");if(0===l.length){if(u.optional)continue;throw TypeError('Expected "'+u.name+'" to not be empty')}for(var m=0;m&lt;l.length;m++){if(d=c(l[m]),!r[p].test(d))throw TypeError('Expected all "'+u.name+'" to match "'+u.pattern+'", but received `'+JSON.stringify(d)+"`");i+=(0===m?u.prefix:u.delimiter)+d}continue}if(d=u.asterisk?encodeURI(l).replace(/[?#]/g,function(e){return"%"+e.charCodeAt(0).toString(16).toUpperCase()}):c(l),!r[p].test(d))throw TypeError('Expected "'+u.name+'" to match "'+u.pattern+'", but received "'+d+'"');i+=u.prefix+d}return i}}function c(e){return e.replace(/([.+*?=^!:${}()[\]|\/\\])/g,"\\$1")}function p(e){return e&amp;&amp;e.sensitive?"":"i"}function d(e,t,r){s(t)||(r=t||r,t=[]);for(var n,i,a=(r=r||{}).strict,o=!1!==r.end,d="",u=0;u&lt;e.length;u++){var l=e[u];if("string"==typeof l)d+=c(l);else{var m=c(l.prefix),h="(?:"+l.pattern+")";t.push(l),l.repeat&amp;&amp;(h+="(?:"+m+h+")*"),d+=h=l.optional?l.partial?m+"("+h+")?":"(?:"+m+"("+h+"))?":m+"("+h+")"}}var g=c(r.delimiter||"/"),f=d.slice(-g.length)===g;return a||(d=(f?d.slice(0,-g.length):d)+"(?:"+g+"(?=$))?"),o?d+="$":d+=a&amp;&amp;f?"":"(?="+g+"|$)",n=RegExp("^"+d,p(r)),i=t,n.keys=i,n}},647750:function(e,t){"use strict";var r=Symbol.for("react.transitional.element"),s=Symbol.for("react.fragment");function n(e,t,s){var n=null;if(void 0!==s&amp;&amp;(n=""+s),void 0!==t.key&amp;&amp;(n=""+t.key),"key"in t)for(var i in s={},t)"key"!==i&amp;&amp;(s[i]=t[i]);else s=t;return{$$typeof:r,type:e,key:n,ref:void 0!==(t=s.ref)?t:null,props:s}}t.Fragment=s,t.jsx=n,t.jsxs=n},319029:function(e,t){"use strict";var r=Symbol.for("react.transitional.element"),s=Symbol.for("react.portal"),n=Symbol.for("react.fragment"),i=Symbol.for("react.strict_mode"),a=Symbol.for("react.profiler"),o=Symbol.for("react.consumer"),c=Symbol.for("react.context"),p=Symbol.for("react.forward_ref"),d=Symbol.for("react.suspense"),u=Symbol.for("react.memo"),l=Symbol.for("react.lazy"),m=Symbol.iterator,h={isMounted:function(){return!1},enqueueForceUpdate:function(){},enqueueReplaceState:function(){},enqueueSetState:function(){}},g=Object.assign,f={};function y(e,t,r){this.props=e,this.context=t,this.refs=f,this.updater=r||h}function v(){}function b(e,t,r){this.props=e,this.context=t,this.refs=f,this.updater=r||h}y.prototype.isReactComponent={},y.prototype.setState=function(e,t){if("object"!=typeof e&amp;&amp;"function"!=typeof e&amp;&amp;null!=e)throw Error("takes an object of state variables to update or a function which returns an object of state variables.");this.updater.enqueueSetState(this,e,t,"setState")},y.prototype.forceUpdate=function(e){this.updater.enqueueForceUpdate(this,e,"forceUpdate")},v.prototype=y.prototype;var w=b.prototype=new v;w.constructor=b,g(w,y.prototype),w.isPureReactComponent=!0;var x=Array.isArray,S={H:null,A:null,T:null,S:null},_=Object.prototype.hasOwnProperty;function A(e,t,s,n,i,a){return{$$typeof:r,type:e,key:t,ref:void 0!==(s=a.ref)?s:null,props:a}}function q(e){return"object"==typeof e&amp;&amp;null!==e&amp;&amp;e.$$typeof===r}var k=/\/+/g;function T(e,t){var r,s;return"object"==typeof e&amp;&amp;null!==e&amp;&amp;null!=e.key?(r=""+e.key,s={"=":"=0",":":"=2"},"$"+r.replace(/[=:]/g,function(e){return s[e]})):t.toString(36)}function z(){}function j(e,t,n){if(null==e)return e;var i=[],a=0;return!function e(t,n,i,a,o){var c,p,d,u=typeof t;("undefined"===u||"boolean"===u)&amp;&amp;(t=null);var h=!1;if(null===t)h=!0;else switch(u){case"bigint":case"string":case"number":h=!0;break;case"object":switch(t.$$typeof){case r:case s:h=!0;break;case l:return e((h=t._init)(t._payload),n,i,a,o)}}if(h)return o=o(t),h=""===a?"."+T(t,0):a,x(o)?(i="",null!=h&amp;&amp;(i=h.replace(k,"$&amp;/")+"/"),e(o,n,i,"",function(e){return e})):null!=o&amp;&amp;(q(o)&amp;&amp;(c=o,p=i+(null==o.key||t&amp;&amp;t.key===o.key?"":(""+o.key).replace(k,"$&amp;/")+"/")+h,o=A(c.type,p,void 0,void 0,void 0,c.props)),n.push(o)),1;h=0;var g=""===a?".":a+":";if(x(t))for(var f=0;f&lt;t.length;f++)u=g+T(a=t[f],f),h+=e(a,n,i,u,o);else if("function"==typeof(f=null===(d=t)||"object"!=typeof d?null:"function"==typeof(d=m&amp;&amp;d[m]||d["@@iterator"])?d:null))for(t=f.call(t),f=0;!(a=t.next()).done;)u=g+T(a=a.value,f++),h+=e(a,n,i,u,o);else if("object"===u){if("function"==typeof t.then)return e(function(e){switch(e.status){case"fulfilled":return e.value;case"rejected":throw e.reason;default:switch("string"==typeof e.status?e.then(z,z):(e.status="pending",e.then(function(t){"pending"===e.status&amp;&amp;(e.status="fulfilled",e.value=t)},function(t){"pending"===e.status&amp;&amp;(e.status="rejected",e.reason=t)})),e.status){case"fulfilled":return e.value;case"rejected":throw e.reason}}throw e}(t),n,i,a,o);throw Error("Objects are not valid as a React child (found: "+("[object Object]"===(n=String(t))?"object with keys {"+Object.keys(t).join(", ")+"}":n)+"). If you meant to render a collection of children, use an array instead.")}return h}(e,i,"","",function(e){return t.call(n,e,a++)}),i}function I(e){if(-1===e._status){var t=e._result;(t=t()).then(function(t){(0===e._status||-1===e._status)&amp;&amp;(e._status=1,e._result=t)},function(t){(0===e._status||-1===e._status)&amp;&amp;(e._status=2,e._result=t)}),-1===e._status&amp;&amp;(e._status=0,e._result=t)}if(1===e._status)return e._result.default;throw e._result}var P="function"==typeof reportError?reportError:function(e){if("object"==typeof window&amp;&amp;"function"==typeof window.ErrorEvent){var t=new window.ErrorEvent("error",{bubbles:!0,cancelable:!0,message:"object"==typeof e&amp;&amp;null!==e&amp;&amp;"string"==typeof e.message?String(e.message):String(e),error:e});if(!window.dispatchEvent(t))return}else if("object"==typeof process&amp;&amp;"function"==typeof process.emit){process.emit("uncaughtException",e);return}console.error(e)};function $(){}t.Children={map:j,forEach:function(e,t,r){j(e,function(){t.apply(this,arguments)},r)},count:function(e){var t=0;return j(e,function(){t++}),t},toArray:function(e){return j(e,function(e){return e})||[]},only:function(e){if(!q(e))throw Error("React.Children.only expected to receive a single React element child.");return e}},t.Component=y,t.Fragment=n,t.Profiler=a,t.PureComponent=b,t.StrictMode=i,t.Suspense=d,t.__CLIENT_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE=S,t.act=function(){throw Error("act(...) is not supported in production builds of React.")},t.cache=function(e){return function(){return e.apply(null,arguments)}},t.cloneElement=function(e,t,r){if(null==e)throw Error("The argument must be a React element, but you passed "+e+".");var s=g({},e.props),n=e.key,i=void 0;if(null!=t)for(a in void 0!==t.ref&amp;&amp;(i=void 0),void 0!==t.key&amp;&amp;(n=""+t.key),t)_.call(t,a)&amp;&amp;"key"!==a&amp;&amp;"__self"!==a&amp;&amp;"__source"!==a&amp;&amp;("ref"!==a||void 0!==t.ref)&amp;&amp;(s[a]=t[a]);var a=arguments.length-2;if(1===a)s.children=r;else if(1&lt;a){for(var o=Array(a),c=0;c&lt;a;c++)o[c]=arguments[c+2];s.children=o}return A(e.type,n,void 0,void 0,i,s)},t.createContext=function(e){return(e={$$typeof:c,_currentValue:e,_currentValue2:e,_threadCount:0,Provider:null,Consumer:null}).Provider=e,e.Consumer={$$typeof:o,_context:e},e},t.createElement=function(e,t,r){var s,n={},i=null;if(null!=t)for(s in void 0!==t.key&amp;&amp;(i=""+t.key),t)_.call(t,s)&amp;&amp;"key"!==s&amp;&amp;"__self"!==s&amp;&amp;"__source"!==s&amp;&amp;(n[s]=t[s]);var a=arguments.length-2;if(1===a)n.children=r;else if(1&lt;a){for(var o=Array(a),c=0;c&lt;a;c++)o[c]=arguments[c+2];n.children=o}if(e&amp;&amp;e.defaultProps)for(s in a=e.defaultProps)void 0===n[s]&amp;&amp;(n[s]=a[s]);return A(e,i,void 0,void 0,null,n)},t.createRef=function(){return{current:null}},t.forwardRef=function(e){return{$$typeof:p,render:e}},t.isValidElement=q,t.lazy=function(e){return{$$typeof:l,_payload:{_status:-1,_result:e},_init:I}},t.memo=function(e,t){return{$$typeof:u,type:e,compare:void 0===t?null:t}},t.startTransition=function(e){var t=S.T,r={};S.T=r;try{var s=e(),n=S.S;null!==n&amp;&amp;n(r,s),"object"==typeof s&amp;&amp;null!==s&amp;&amp;"function"==typeof s.then&amp;&amp;s.then($,P)}catch(e){P(e)}finally{S.T=t}},t.unstable_useCacheRefresh=function(){return S.H.useCacheRefresh()},t.use=function(e){return S.H.use(e)},t.useActionState=function(e,t,r){return S.H.useActionState(e,t,r)},t.useCallback=function(e,t){return S.H.useCallback(e,t)},t.useContext=function(e){return S.H.useContext(e)},t.useDebugValue=function(){},t.useDeferredValue=function(e,t){return S.H.useDeferredValue(e,t)},t.useEffect=function(e,t){return S.H.useEffect(e,t)},t.useId=function(){return S.H.useId()},t.useImperativeHandle=function(e,t,r){return S.H.useImperativeHandle(e,t,r)},t.useInsertionEffect=function(e,t){return S.H.useInsertionEffect(e,t)},t.useLayoutEffect=function(e,t){return S.H.useLayoutEffect(e,t)},t.useMemo=function(e,t){return S.H.useMemo(e,t)},t.useOptimistic=function(e,t){return S.H.useOptimistic(e,t)},t.useReducer=function(e,t,r){return S.H.useReducer(e,t,r)},t.useRef=function(e){return S.H.useRef(e)},t.useState=function(e){return S.H.useState(e)},t.useSyncExternalStore=function(e,t,r){return S.H.useSyncExternalStore(e,t,r)},t.useTransition=function(){return S.H.useTransition()},t.version="19.0.0"},202784:function(e,t,r){"use strict";e.exports=r(319029)},552322:function(e,t,r){"use strict";e.exports=r(647750)},666369:function(e,t){"use strict";function r(e,t){var r=e.length;for(e.push(t);0&lt;r;){var s=r-1&gt;&gt;&gt;1,n=e[s];if(0&lt;i(n,t))e[s]=t,e[r]=n,r=s;else break}}function s(e){return 0===e.length?null:e[0]}function n(e){if(0===e.length)return null;var t=e[0],r=e.pop();if(r!==t){e[0]=r;for(var s=0,n=e.length,a=n&gt;&gt;&gt;1;s&lt;a;){var o=2*(s+1)-1,c=e[o],p=o+1,d=e[p];if(0&gt;i(c,r))p&lt;n&amp;&amp;0&gt;i(d,c)?(e[s]=d,e[p]=r,s=p):(e[s]=c,e[o]=r,s=o);else if(p&lt;n&amp;&amp;0&gt;i(d,r))e[s]=d,e[p]=r,s=p;else break}}return t}function i(e,t){var r=e.sortIndex-t.sortIndex;return 0!==r?r:e.id-t.id}if(t.unstable_now=void 0,"object"==typeof performance&amp;&amp;"function"==typeof performance.now){var a,o=performance;t.unstable_now=function(){return o.now()}}else{var c=Date,p=c.now();t.unstable_now=function(){return c.now()-p}}var d=[],u=[],l=1,m=null,h=3,g=!1,f=!1,y=!1,v="function"==typeof setTimeout?setTimeout:null,b="function"==typeof clearTimeout?clearTimeout:null,w="undefined"!=typeof setImmediate?setImmediate:null;function x(e){for(var t=s(u);null!==t;){if(null===t.callback)n(u);else if(t.startTime&lt;=e)n(u),t.sortIndex=t.expirationTime,r(d,t);else break;t=s(u)}}function S(e){if(y=!1,x(e),!f){if(null!==s(d))f=!0,P();else{var t=s(u);null!==t&amp;&amp;$(S,t.startTime-e)}}}var _=!1,A=-1,q=5,k=-1;function T(){return!(t.unstable_now()-k&lt;q)}function z(){if(_){var e=t.unstable_now();k=e;var r=!0;try{e:{f=!1,y&amp;&amp;(y=!1,b(A),A=-1),g=!0;var i=h;try{t:{for(x(e),m=s(d);null!==m&amp;&amp;!(m.expirationTime&gt;e&amp;&amp;T());){var o=m.callback;if("function"==typeof o){m.callback=null,h=m.priorityLevel;var c=o(m.expirationTime&lt;=e);if(e=t.unstable_now(),"function"==typeof c){m.callback=c,x(e),r=!0;break t}m===s(d)&amp;&amp;n(d),x(e)}else n(d);m=s(d)}if(null!==m)r=!0;else{var p=s(u);null!==p&amp;&amp;$(S,p.startTime-e),r=!1}}break e}finally{m=null,h=i,g=!1}r=void 0}}finally{r?a():_=!1}}}if("function"==typeof w)a=function(){w(z)};else if("undefined"!=typeof MessageChannel){var j=new MessageChannel,I=j.port2;j.port1.onmessage=z,a=function(){I.postMessage(null)}}else a=function(){v(z,0)};function P(){_||(_=!0,a())}function $(e,r){A=v(function(){e(t.unstable_now())},r)}t.unstable_IdlePriority=5,t.unstable_ImmediatePriority=1,t.unstable_LowPriority=4,t.unstable_NormalPriority=3,t.unstable_Profiling=null,t.unstable_UserBlockingPriority=2,t.unstable_cancelCallback=function(e){e.callback=null},t.unstable_continueExecution=function(){f||g||(f=!0,P())},t.unstable_forceFrameRate=function(e){0&gt;e||125&lt;e?console.error("forceFrameRate takes a positive int between 0 and 125, forcing frame rates higher than 125 fps is not supported"):q=0&lt;e?Math.floor(1e3/e):5},t.unstable_getCurrentPriorityLevel=function(){return h},t.unstable_getFirstCallbackNode=function(){return s(d)},t.unstable_next=function(e){switch(h){case 1:case 2:case 3:var t=3;break;default:t=h}var r=h;h=t;try{return e()}finally{h=r}},t.unstable_pauseExecution=function(){},t.unstable_requestPaint=function(){},t.unstable_runWithPriority=function(e,t){switch(e){case 1:case 2:case 3:case 4:case 5:break;default:e=3}var r=h;h=e;try{return t()}finally{h=r}},t.unstable_scheduleCallback=function(e,n,i){var a=t.unstable_now();switch(i="object"==typeof i&amp;&amp;null!==i&amp;&amp;"number"==typeof(i=i.delay)&amp;&amp;0&lt;i?a+i:a,e){case 1:var o=-1;break;case 2:o=250;break;case 5:o=0x3fffffff;break;case 4:o=1e4;break;default:o=5e3}return o=i+o,e={id:l++,callback:n,priorityLevel:e,startTime:i,expirationTime:o,sortIndex:-1},i&gt;a?(e.sortIndex=i,r(u,e),null===s(d)&amp;&amp;e===s(u)&amp;&amp;(y?(b(A),A=-1):y=!0,$(S,i-a))):(e.sortIndex=o,r(d,e),f||g||(f=!0,P())),e},t.unstable_shouldYield=T,t.unstable_wrapCallback=function(e){var t=h;return function(){var r=h;h=t;try{return e.apply(this,arguments)}finally{h=r}}}},714616:function(e,t,r){"use strict";e.exports=r(666369)},588665:function(e){e.exports=function(e,t,r,s){var n=r?r.call(s,e,t):void 0;if(void 0!==n)return!!n;if(e===t)return!0;if("object"!=typeof e||!e||"object"!=typeof t||!t)return!1;var i=Object.keys(e),a=Object.keys(t);if(i.length!==a.length)return!1;for(var o=Object.prototype.hasOwnProperty.bind(t),c=0;c&lt;i.length;c++){var p=i[c];if(!o(p))return!1;var d=e[p],u=t[p];if(!1===(n=r?r.call(s,d,u,p):void 0)||void 0===n&amp;&amp;d!==u)return!1}return!0}},211787:function(e,t,r){"use strict";r.d(t,{W:function(){return n}});var s=r(202784);function n(){return s.createElement("svg",{width:"20",height:"20",className:"DocSearch-Search-Icon",viewBox:"0 0 20 20"},s.createElement("path",{d:"M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z",stroke:"currentColor",fill:"none",fillRule:"evenodd",strokeLinecap:"round",strokeLinejoin:"round"}))}},820050:function(e,t,r){"use strict";r.d(t,{Z:function(){return a}});var s=r(552903),n=r(728165),i=r(649221);function a(){let{siteConfig:e}=(0,i.Z)(),t=e.customFields?.demoButton;return(0,s.tZ)("div",{css:(0,n.iv)`
        padding: 1rem;
      `,children:(0,s.tZ)("a",{css:(0,n.iv)`
          display: block;
          padding: 0.5rem 1rem;
          border-radius: 3px;
          background-color: var(--ifm-color-primary);
          background: linear-gradient(5deg, var(--ifm-color-primary), #ef8515);
          color: white;
          font-weight: 900;
          text-align: center;
          text-decoration: none;
          &amp;:hover {
            text-decoration: none;
            background: var(--ifm-color-primary);
            color: white;
          }
        `,rel:"nofollow",target:"_blank",href:t.url,children:t.text})})}},677288:function(e,t,r){"use strict";r.d(t,{_:function(){return i},t:function(){return a}});var s=r(552322),n=r(202784);let i=n.createContext(!1);function a(e){let{children:t}=e,[r,a]=(0,n.useState)(!1);return(0,n.useEffect)(()=&gt;{a(!0)},[]),(0,s.jsx)(i.Provider,{value:r,children:t})}},187955:function(e,t,r){"use strict";var s=r("552322"),n=r("202784"),i=r("117029"),a=r("284221"),o=r("647933"),c=r("75150"),p=r("158724");let d=[r(201221),r(83260),r(578421),r(151656),r(660169),r(355175),r(876681)];var u=r("430913"),l=r("107267"),m=r("309702"),h=r("57505"),g=r("995367");let f=function(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:"default",{replace:t}=(0,l.k6)(),{pathname:r}=(0,l.TH)(),s=(0,g.ZP)();(0,n.useEffect)(()=&gt;{try{let n=s["docusaurus-plugin-content-docs"];if(!n)return;let i=n[e].versions.reduce((e,t)=&gt;e.concat(t.docs),[]),a=r.endsWith("/")?r.replace(/\/$/,""):`${r}/`,o=-1!==i.findIndex(e=&gt;e.path===r),c=-1!==i.findIndex(e=&gt;e.path===a);!o&amp;&amp;c&amp;&amp;t(a)}catch(e){console.error(e)}},[t,r,s])};function y(e){let{children:t}=e;return f(),(0,s.jsxs)(s.Fragment,{children:[(0,s.jsxs)(h.Z,{children:[(0,s.jsx)("link",{rel:"icon",href:"/favicon.ico",sizes:"any"}),(0,s.jsx)("link",{rel:"icon",href:"/favicon.svg",type:"image/svg+xml"})]}),t]})}var v=r("649221"),b=r("245961"),w=r("892408"),x=r("844700"),S=r("548466"),_=r("40382"),A=r("29005"),q=r("586643"),k=r("755733");function T(){let{i18n:{currentLocale:e,defaultLocale:t,localeConfigs:r}}=(0,v.Z)(),n=(0,S.l)(),i=r[e].htmlLang,a=e=&gt;e.replace("-","_");return(0,s.jsxs)(h.Z,{children:[Object.entries(r).map(e=&gt;{let[t,{htmlLang:r}]=e;return(0,s.jsx)("link",{rel:"alternate",href:n.createUrl({locale:t,fullyQualified:!0}),hrefLang:r},t)}),(0,s.jsx)("link",{rel:"alternate",href:n.createUrl({locale:t,fullyQualified:!0}),hrefLang:"x-default"}),(0,s.jsx)("meta",{property:"og:locale",content:a(i)}),Object.values(r).filter(e=&gt;i!==e.htmlLang).map(e=&gt;(0,s.jsx)("meta",{property:"og:locale:alternate",content:a(e.htmlLang)},`meta-og-${e.htmlLang}`))]})}function z(e){let{permalink:t}=e,{siteConfig:{url:r}}=(0,v.Z)(),n=function(){let{siteConfig:{url:e,baseUrl:t,trailingSlash:r}}=(0,v.Z)(),{pathname:s}=(0,l.TH)();return e+(0,q.applyTrailingSlash)((0,b.ZP)(s),{trailingSlash:r,baseUrl:t})}(),i=t?`${r}${t}`:n;return(0,s.jsxs)(h.Z,{children:[(0,s.jsx)("meta",{property:"og:url",content:i}),(0,s.jsx)("link",{rel:"canonical",href:i})]})}function j(){let{i18n:{currentLocale:e}}=(0,v.Z)(),{metadata:t,image:r}=(0,w.L)();return(0,s.jsxs)(s.Fragment,{children:[(0,s.jsxs)(h.Z,{children:[(0,s.jsx)("meta",{name:"twitter:card",content:"summary_large_image"}),(0,s.jsx)("body",{className:_.h})]}),r&amp;&amp;(0,s.jsx)(x.d,{image:r}),(0,s.jsx)(z,{}),(0,s.jsx)(T,{}),(0,s.jsx)(k.Z,{tag:A.H,locale:e}),(0,s.jsx)(h.Z,{children:t.map((e,t)=&gt;(0,s.jsx)("meta",{...e},t))})]})}let I=()=&gt;{let{siteConfig:{url:e,baseUrl:t,trailingSlash:r},globalData:s}=(0,v.Z)(),{pathname:i}=(0,l.TH)(),a=s["docusaurus-plugin-content-docs"]?.default,o=a?.versions.map(e=&gt;e.name),c=o?.reduce((e,t)=&gt;e.replace(`/${t}`,""),i),p=a?.versions.find(e=&gt;e.isLast),d=(0,n.useMemo)(()=&gt;p?.docs.find(e=&gt;c&amp;&amp;l.LX(e.path,c)?.isExact)?.path??i,[p,c]);return e+(0,q.applyTrailingSlash)((0,b.ZP)(d),{trailingSlash:r,baseUrl:t})};function P(){let e=I();return(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(j,{}),(0,s.jsx)(h.Z,{children:(0,s.jsx)("link",{rel:"canonical",href:e})})]})}let $=new Map;var R=r("677288"),E=r("70127"),O=r("884294");function C(e){for(var t=arguments.length,r=Array(t&gt;1?t-1:0),s=1;s&lt;t;s++)r[s-1]=arguments[s];let n=d.map(t=&gt;{let s=t.default?.[e]??t[e];return s?.(...r)});return()=&gt;n.forEach(e=&gt;e?.())}let L=function(e){let{children:t,location:r,previousLocation:s}=e;return(0,O.Z)(()=&gt;{s!==r&amp;&amp;(function(e){let{location:t,previousLocation:r}=e;if(!r)return;let s=t.pathname===r.pathname,n=t.hash===r.hash,i=t.search===r.search;if(s&amp;&amp;n&amp;&amp;!i)return;let{hash:a}=t;if(a){let e=decodeURIComponent(a.substring(1)),t=document.getElementById(e);t?.scrollIntoView()}else window.scrollTo(0,0)}({location:r,previousLocation:s}),C("onRouteDidUpdate",{previousLocation:s,location:r}))},[s,r]),t};function D(e){return Promise.all(Array.from(new Set([e,decodeURI(e)])).map(e=&gt;(0,m.f)(u.Z,e)).flat().map(e=&gt;e.route.component.preload?.()))}class B extends n.Component{previousLocation;routeUpdateCleanupCb;constructor(e){super(e),this.previousLocation=null,this.routeUpdateCleanupCb=p.default.canUseDOM?C("onRouteUpdate",{previousLocation:null,location:this.props.location}):()=&gt;{},this.state={nextRouteHasLoaded:!0}}shouldComponentUpdate(e,t){if(e.location===this.props.location)return t.nextRouteHasLoaded;let r=e.location;return this.previousLocation=this.props.location,this.setState({nextRouteHasLoaded:!1}),this.routeUpdateCleanupCb=C("onRouteUpdate",{previousLocation:this.previousLocation,location:r}),D(r.pathname).then(()=&gt;{this.routeUpdateCleanupCb(),this.setState({nextRouteHasLoaded:!0})}).catch(e=&gt;{console.warn(e),window.location.reload()}),!1}render(){let{children:e,location:t}=this.props;return(0,s.jsx)(L,{previousLocation:this.previousLocation,location:t,children:(0,s.jsx)(l.AW,{location:t,render:()=&gt;e})})}}let N="__docusaurus-base-url-issue-banner-suggestion-container";function G(){let{siteConfig:{baseUrl:e}}=(0,v.Z)();return(0,s.jsx)(s.Fragment,{children:!p.default.canUseDOM&amp;&amp;(0,s.jsx)(h.Z,{children:(0,s.jsx)("script",{children:`
document.addEventListener('DOMContentLoaded', function maybeInsertBanner() {
  var shouldInsert = typeof window['docusaurus'] === 'undefined';
  shouldInsert &amp;&amp; insertBanner();
});

function insertBanner() {
  var bannerContainer = document.createElement('div');
  bannerContainer.id = '__docusaurus-base-url-issue-banner-container';
  var bannerHtml = ${JSON.stringify(`
&lt;div id="__docusaurus-base-url-issue-banner" style="border: thick solid red; background-color: rgb(255, 230, 179); margin: 20px; padding: 20px; font-size: 20px;"&gt;
   &lt;p style="font-weight: bold; font-size: 30px;"&gt;Your Docusaurus site did not load properly.&lt;/p&gt;
   &lt;p&gt;A very common reason is a wrong site &lt;a href="https://docusaurus.io/docs/docusaurus.config.js/#baseUrl" style="font-weight: bold;"&gt;baseUrl configuration&lt;/a&gt;.&lt;/p&gt;
   &lt;p&gt;Current configured baseUrl = &lt;span style="font-weight: bold; color: red;"&gt;${e}&lt;/span&gt; ${"/"===e?" (default value)":""}&lt;/p&gt;
   &lt;p&gt;We suggest trying baseUrl = &lt;span id="${N}" style="font-weight: bold; color: green;"&gt;&lt;/span&gt;&lt;/p&gt;
&lt;/div&gt;
`).replace(/&lt;/g,"\\&lt;")};
  bannerContainer.innerHTML = bannerHtml;
  document.body.prepend(bannerContainer);
  var suggestionContainer = document.getElementById('${N}');
  var actualHomePagePath = window.location.pathname;
  var suggestedBaseUrl = actualHomePagePath.substr(-1) === '/'
        ? actualHomePagePath
        : actualHomePagePath + '/';
  suggestionContainer.innerHTML = suggestedBaseUrl;
}
`})})})}function W(){let{siteConfig:{baseUrl:e,baseUrlIssueBanner:t}}=(0,v.Z)(),{pathname:r}=(0,l.TH)();return t&amp;&amp;r===e?(0,s.jsx)(G,{}):null}function M(){let{siteConfig:{favicon:e,title:t,noIndex:r},i18n:{currentLocale:n,localeConfigs:i}}=(0,v.Z)(),a=(0,b.ZP)(e),{htmlLang:o,direction:c}=i[n];return(0,s.jsxs)(h.Z,{children:[(0,s.jsx)("html",{lang:o,dir:c}),(0,s.jsx)("title",{children:t}),(0,s.jsx)("meta",{property:"og:title",content:t}),(0,s.jsx)("meta",{name:"viewport",content:"width=device-width, initial-scale=1.0"}),r&amp;&amp;(0,s.jsx)("meta",{name:"robots",content:"noindex, nofollow"}),e&amp;&amp;(0,s.jsx)("link",{rel:"icon",href:a})]})}var U=r("586400"),F=r("560061");function H(){let e=(0,F.Z)();return(0,s.jsx)(h.Z,{children:(0,s.jsx)("html",{"data-has-hydrated":e})})}let V=(0,m.H)(u.Z);function Q(){let e=function(e){if($.has(e.pathname))return{...e,pathname:$.get(e.pathname)};if((0,m.f)(u.Z,e.pathname).some(e=&gt;{let{route:t}=e;return!0===t.exact}))return $.set(e.pathname,e.pathname),e;let t=e.pathname.trim().replace(/(?:\/index)?\.html$/,"")||"/";return $.set(e.pathname,t),{...e,pathname:t}}((0,l.TH)());return(0,s.jsx)(B,{location:e,children:V})}var K=r("637138");let J=!function(e){try{return document.createElement("link").relList.supports(e)}catch{return!1}}("prefetch")?function(e){return new Promise((t,r)=&gt;{let s=new XMLHttpRequest;s.open("GET",e,!0),s.withCredentials=!0,s.onload=()=&gt;{200===s.status?t():r()},s.send(null)})}:function(e){return new Promise((t,r)=&gt;{if("undefined"==typeof document){r();return}let s=document.createElement("link");s.setAttribute("rel","prefetch"),s.setAttribute("href",e),s.onload=()=&gt;t(),s.onerror=()=&gt;r();let n=document.getElementsByTagName("head")[0]??document.getElementsByName("script")[0]?.parentNode;n?.appendChild(s)})};var X=r("840316");let Y=new Set,Z=new Set,ee=()=&gt;navigator.connection?.effectiveType.includes("2g")||navigator.connection?.saveData,et=e=&gt;!ee()&amp;&amp;!Z.has(e)&amp;&amp;!Y.has(e),er=e=&gt;!ee()&amp;&amp;!Z.has(e),es=e=&gt;Object.entries(K).filter(t=&gt;{let[r]=t;return r.replace(/-[^-]+$/,"")===e}).flatMap(e=&gt;{let[,t]=e;return Object.values((0,X.Z)(t))}),en=Object.freeze({prefetch:e=&gt;!!et(e)&amp;&amp;(Y.add(e),Promise.all((0,m.f)(u.Z,e).flatMap(e=&gt;es(e.route.path)).map(e=&gt;{let t=r.gca(e);return t&amp;&amp;!t.includes("undefined")?J(t).catch(()=&gt;{}):Promise.resolve()}))),preload:e=&gt;!!er(e)&amp;&amp;(Z.add(e),D(e))});if(e=r.hmd(e),p.default.canUseDOM){window.docusaurus=en;let t=document.getElementById("__docusaurus"),r=(0,s.jsx)(a.B6,{children:(0,s.jsx)(function(e){let{children:t}=e;return"hash"===c.default.future.experimental_router?(0,s.jsx)(o.UT,{children:t}):(0,s.jsx)(o.VK,{children:t})},{children:(0,s.jsx)(function(){return(0,s.jsx)(U.Z,{children:(0,s.jsx)(E.M,{children:(0,s.jsxs)(R.t,{children:[(0,s.jsxs)(y,{children:[(0,s.jsx)(M,{}),(0,s.jsx)(P,{}),(0,s.jsx)(W,{}),(0,s.jsx)(Q,{})]}),(0,s.jsx)(H,{})]})})})},{})})}),p=(e,t)=&gt;{console.error("Docusaurus React Root onRecoverableError:",e,t)},d=()=&gt;{if(window.docusaurusRoot){window.docusaurusRoot.render(r);return}window.docusaurusRoot=i.hydrateRoot(t,r,{onRecoverableError:p})};D(window.location.pathname).then(()=&gt;{(0,n.startTransition)(d)}),e.hot&amp;&amp;e.hot.accept()}},70127:function(e,t,r){"use strict";r.d(t,{_:()=&gt;u,M:()=&gt;l});var s=r("552322"),n=r("202784"),i=r("75150"),a=JSON.parse('{"docusaurus-plugin-content-docs":{"default":{"path":"/service-bridge","versions":[{"name":"next","label":"next","isLast":false,"path":"/service-bridge/next","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/next/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/next/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/next/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/next/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/next/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/next/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/next/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/next/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/next/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/next/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/next/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/configuration-inheritance","path":"/service-bridge/next/concepts/configuration-inheritance","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/next/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/next/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/next/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/next/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/next/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/next/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/next/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/next/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/next/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/next/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-ambient","path":"/service-bridge/next/concepts/tsb-and-ambient","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/next/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/next/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/next/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/next/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/next/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/next/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/next/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/next/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/next/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/next/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/next/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/automated-synchronization","path":"/service-bridge/next/design-guides/ha-dr-mp/active-standby/automated-synchronization","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/manual-backup-restore","path":"/service-bridge/next/design-guides/ha-dr-mp/active-standby/manual-backup-restore","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/troubleshoot","path":"/service-bridge/next/design-guides/ha-dr-mp/active-standby/troubleshoot","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/before-you-begin","path":"/service-bridge/next/design-guides/ha-dr-mp/before-you-begin","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/best-practices","path":"/service-bridge/next/design-guides/ha-dr-mp/best-practices","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/next/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/next/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/manual/reinstall","path":"/service-bridge/next/design-guides/ha-dr-mp/manual/reinstall","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/operating/monitor","path":"/service-bridge/next/design-guides/ha-dr-mp/operating/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/operating/troubleshoot","path":"/service-bridge/next/design-guides/ha-dr-mp/operating/troubleshoot","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/next/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/next/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/next/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/next/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/next/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/next/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/next/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/next/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/next/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/next/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/next/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/next/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/next/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/next/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/next/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/next/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/next/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/next/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/next/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/next/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/host-based-egress-access-control","path":"/service-bridge/next/howto/gateway/host-based-egress-access-control","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/next/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-failover-priority","path":"/service-bridge/next/howto/gateway/multi-cluster-traffic-failover-priority","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/next/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/oas-validation","path":"/service-bridge/next/howto/gateway/oas-validation","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/next/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/next/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/next/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unfied-gateway-management-via-mp","path":"/service-bridge/next/howto/gateway/unfied-gateway-management-via-mp","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/next/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway-upgrade","path":"/service-bridge/next/howto/gateway/unified-gateway-upgrade","sidebar":"defaultSidebar"},{"id":"howto/gateway/weighted-distribution-and-fallback","path":"/service-bridge/next/howto/gateway/weighted-distribution-and-fallback","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/next/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/clusterrole","path":"/service-bridge/next/howto/gitops/clusterrole","sidebar":"defaultSidebar"},{"id":"howto/gitops/flagger","path":"/service-bridge/next/howto/gitops/flagger","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/next/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/next/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-oap","path":"/service-bridge/next/howto/hpa-using-oap","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/next/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-oap","path":"/service-bridge/next/howto/promql-using-oap","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/next/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/next/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/next/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/next/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/next/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/next/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/next/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/next/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/next/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/next/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/next/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/gateway-mtls","path":"/service-bridge/next/howto/traffic/gateway-mtls","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/next/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/next/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/next/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/next/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/next/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/next/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/next/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/next/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/next/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/next/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/next/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/next/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/next/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/next/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/next/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/next/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/next/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/next/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/next/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/next/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/next/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/next/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/next/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/next/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/next/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/next/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/next/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/next/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/next/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/next/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/next/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/next/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/auditlog-retention","path":"/service-bridge/next/operations/postgresql/auditlog-retention","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/next/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/next/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/postgresql/managing-kubegres","path":"/service-bridge/next/operations/postgresql/managing-kubegres","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/next/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/next/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/next/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/next/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/next/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/next/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/next/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/next/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/new-user-local-idp","path":"/service-bridge/next/operations/users/new-user-local-idp","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/next/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/tsb-fqns","path":"/service-bridge/next/operations/users/tsb-fqns"},{"id":"operations/users/user-synchronization","path":"/service-bridge/next/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/users/users-roles-and-permissions","path":"/service-bridge/next/operations/users/users-roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/next/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/next/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/next/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/next/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/next/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/next/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/next/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/next/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/next/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/next/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/next/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/next/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/next/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/next/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/next/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/next/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/audit","path":"/service-bridge/next/reference/cli/reference/audit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/next/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/next/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/next/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/debug","path":"/service-bridge/next/reference/cli/reference/debug","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/next/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/next/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/next/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/next/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/next/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/next/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/next/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/service-account","path":"/service-bridge/next/reference/cli/reference/service-account","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/status","path":"/service-bridge/next/reference/cli/reference/status","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/next/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/next/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/next/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/next/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/next/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/next/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/next/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/next/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/next/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/next/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/next/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/next/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/next/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/next/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/next/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/next/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/next/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/status","path":"/service-bridge/next/refs/install/controlplane/v1alpha1/status","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/next/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/next/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/next/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/status","path":"/service-bridge/next/refs/install/managementplane/v1alpha1/status","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/next/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/next/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/next/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/next/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/next/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/next/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/next/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/next/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/next/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/next/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","path":"/service-bridge/next/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","path":"/service-bridge/next/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","path":"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","path":"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service"},{"id":"refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","path":"/service-bridge/next/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration"},{"id":"refs/onboarding/private/component/plane/generator/v1alpha1/version","path":"/service-bridge/next/refs/onboarding/private/component/plane/generator/v1alpha1/version"},{"id":"refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","path":"/service-bridge/next/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token"},{"id":"refs/onboarding/private/install/v1alpha1/spec","path":"/service-bridge/next/refs/onboarding/private/install/v1alpha1/spec"},{"id":"refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","path":"/service-bridge/next/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service"},{"id":"refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","path":"/service-bridge/next/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service"},{"id":"refs/onboarding/private/protocol/registration/v1alpha1/registration_service","path":"/service-bridge/next/refs/onboarding/private/protocol/registration/v1alpha1/registration_service"},{"id":"refs/onboarding/private/protocol/session/v1alpha1/session_service","path":"/service-bridge/next/refs/onboarding/private/protocol/session/v1alpha1/session_service"},{"id":"refs/onboarding/private/types/config/v1alpha1/transport_security","path":"/service-bridge/next/refs/onboarding/private/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/ec2","path":"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/ec2"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/sts","path":"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/sts"},{"id":"refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","path":"/service-bridge/next/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/private/types/discovery/v1alpha1/discovery","path":"/service-bridge/next/refs/onboarding/private/types/discovery/v1alpha1/discovery"},{"id":"refs/onboarding/private/types/sidecar/v1alpha1/configuration","path":"/service-bridge/next/refs/onboarding/private/types/sidecar/v1alpha1/configuration"},{"id":"refs/private/iam/v1/iam","path":"/service-bridge/next/refs/private/iam/v1/iam"},{"id":"refs/test/v1/echo","path":"/service-bridge/next/refs/test/v1/echo"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/next/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/next/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/next/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/next/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/next/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/dashboard_service","path":"/service-bridge/next/refs/tsb/dashboard/v1/dashboard_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/diagnostic_service","path":"/service-bridge/next/refs/tsb/diagnostic/v2/diagnostic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/next/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/next/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/next/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/next/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/next/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/next/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/next/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/next/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/next/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/next/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/next/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/next/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/next/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/next/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/next/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile","path":"/service-bridge/next/refs/tsb/profile/v2/profile","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile_service","path":"/service-bridge/next/refs/tsb/profile/v2/profile_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/next/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/next/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/next/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/next/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/next/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/next/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/next/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/next/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/next/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/next/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/next/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/next/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/next/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/next/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/next/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/next/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/next/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/membership","path":"/service-bridge/next/refs/tsb/segmentation/v1/membership","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/policy","path":"/service-bridge/next/refs/tsb/segmentation/v1/policy","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/rules","path":"/service-bridge/next/refs/tsb/segmentation/v1/rules","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/service","path":"/service-bridge/next/refs/tsb/segmentation/v1/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/next/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/next/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_traffic_setting","path":"/service-bridge/next/refs/tsb/traffic/v2/service_traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/next/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/next/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/next/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/next/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/api","path":"/service-bridge/next/refs/tsb/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/next/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/next/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/next/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/next/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/next/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/next/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/next/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/next/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/next/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/next/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/next/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/next/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/next/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/next/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/next/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/next/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/next/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/announcement","path":"/service-bridge/next/release-notes-announcements/announcement","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/next/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/next/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/next/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/next/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/next/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/next/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/next/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/next/setup/components","sidebar":"defaultSidebar"},{"id":"setup/fips","path":"/service-bridge/next/setup/fips","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/next/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/next/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/next/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/next/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/next/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/next/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/next/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/next/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/next/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/next/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/next/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/next/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/next/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/next/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/next/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/next/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/next/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/next/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/next/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/next/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/next/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/next/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/next/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/next/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/next/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/next/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/next/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/next/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/next/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/next/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/next/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/next/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/next/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/next/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/next/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/next/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/component-status","path":"/service-bridge/next/troubleshooting/component-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/next/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/next/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/next/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/next/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/next/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/proxy-tools","path":"/service-bridge/next/troubleshooting/proxy-tools","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/next/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/next/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"workingwithsupport/workingWithTetrateSupport","path":"/service-bridge/next/workingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/release-notes-announcements","path":"/service-bridge/next/release-notes-announcements","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/next/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/next/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/next/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/next/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/next/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/next/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/next/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/next/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/next/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/next/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/next/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/next/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/next/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/next/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/next/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/next/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/next/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/next/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/next/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/next/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/next/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/next/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/next/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/next/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/next/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/next/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/next/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/next/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/next/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/next/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/next/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/next/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/next/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/grpc","path":"/service-bridge/next/refs/tsb/dashboard/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/grpc","path":"/service-bridge/next/refs/tsb/diagnostic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/next/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/next/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/next/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/grpc","path":"/service-bridge/next/refs/tsb/profile/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/next/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/next/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/next/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/next/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/grpc","path":"/service-bridge/next/refs/tsb/segmentation/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/next/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/next/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/next/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/next/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/next/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/next/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/next/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/next/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/next/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/next/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/next/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/next/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/yaml","path":"/service-bridge/next/refs/tsb/profile/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/next/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/next/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/next/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/yaml","path":"/service-bridge/next/refs/tsb/segmentation/v1/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/next/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/next/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/next/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/next/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/next/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/next/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/next/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/next/","label":"index"}}}},{"name":"1.12.x","label":"1.12.x","isLast":true,"path":"/service-bridge","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/configuration-inheritance","path":"/service-bridge/concepts/configuration-inheritance","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/automated-synchronization","path":"/service-bridge/design-guides/ha-dr-mp/active-standby/automated-synchronization","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/manual-backup-restore","path":"/service-bridge/design-guides/ha-dr-mp/active-standby/manual-backup-restore","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/active-standby/troubleshoot","path":"/service-bridge/design-guides/ha-dr-mp/active-standby/troubleshoot","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/before-you-begin","path":"/service-bridge/design-guides/ha-dr-mp/before-you-begin","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/best-practices","path":"/service-bridge/design-guides/ha-dr-mp/best-practices","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/manual/reinstall","path":"/service-bridge/design-guides/ha-dr-mp/manual/reinstall","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/operating/monitor","path":"/service-bridge/design-guides/ha-dr-mp/operating/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/operating/troubleshoot","path":"/service-bridge/design-guides/ha-dr-mp/operating/troubleshoot","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/host-based-egress-access-control","path":"/service-bridge/howto/gateway/host-based-egress-access-control","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-failover-priority","path":"/service-bridge/howto/gateway/multi-cluster-traffic-failover-priority","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/oas-validation","path":"/service-bridge/howto/gateway/oas-validation","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unfied-gateway-management-via-mp","path":"/service-bridge/howto/gateway/unfied-gateway-management-via-mp","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway-upgrade","path":"/service-bridge/howto/gateway/unified-gateway-upgrade","sidebar":"defaultSidebar"},{"id":"howto/gateway/weighted-distribution-and-fallback","path":"/service-bridge/howto/gateway/weighted-distribution-and-fallback","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/clusterrole","path":"/service-bridge/howto/gitops/clusterrole","sidebar":"defaultSidebar"},{"id":"howto/gitops/flagger","path":"/service-bridge/howto/gitops/flagger","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/gateway-mtls","path":"/service-bridge/howto/traffic/gateway-mtls","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/auditlog-retention","path":"/service-bridge/operations/postgresql/auditlog-retention","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/postgresql/managing-kubegres","path":"/service-bridge/operations/postgresql/managing-kubegres","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/new-user-local-idp","path":"/service-bridge/operations/users/new-user-local-idp","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/tsb-fqns","path":"/service-bridge/operations/users/tsb-fqns"},{"id":"operations/users/user-synchronization","path":"/service-bridge/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/users/users-roles-and-permissions","path":"/service-bridge/operations/users/users-roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/audit","path":"/service-bridge/reference/cli/reference/audit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/debug","path":"/service-bridge/reference/cli/reference/debug","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/service-account","path":"/service-bridge/reference/cli/reference/service-account","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/status","path":"/service-bridge/reference/cli/reference/status","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/status","path":"/service-bridge/refs/install/controlplane/v1alpha1/status","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/status","path":"/service-bridge/refs/install/managementplane/v1alpha1/status","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","path":"/service-bridge/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","path":"/service-bridge/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","path":"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","path":"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service"},{"id":"refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","path":"/service-bridge/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration"},{"id":"refs/onboarding/private/component/plane/generator/v1alpha1/version","path":"/service-bridge/refs/onboarding/private/component/plane/generator/v1alpha1/version"},{"id":"refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","path":"/service-bridge/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token"},{"id":"refs/onboarding/private/install/v1alpha1/spec","path":"/service-bridge/refs/onboarding/private/install/v1alpha1/spec"},{"id":"refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","path":"/service-bridge/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service"},{"id":"refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","path":"/service-bridge/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service"},{"id":"refs/onboarding/private/protocol/registration/v1alpha1/registration_service","path":"/service-bridge/refs/onboarding/private/protocol/registration/v1alpha1/registration_service"},{"id":"refs/onboarding/private/protocol/session/v1alpha1/session_service","path":"/service-bridge/refs/onboarding/private/protocol/session/v1alpha1/session_service"},{"id":"refs/onboarding/private/types/config/v1alpha1/transport_security","path":"/service-bridge/refs/onboarding/private/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/ec2","path":"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/ec2"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/sts","path":"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/sts"},{"id":"refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","path":"/service-bridge/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/private/types/discovery/v1alpha1/discovery","path":"/service-bridge/refs/onboarding/private/types/discovery/v1alpha1/discovery"},{"id":"refs/onboarding/private/types/sidecar/v1alpha1/configuration","path":"/service-bridge/refs/onboarding/private/types/sidecar/v1alpha1/configuration"},{"id":"refs/private/iam/v1/iam","path":"/service-bridge/refs/private/iam/v1/iam"},{"id":"refs/test/v1/echo","path":"/service-bridge/refs/test/v1/echo"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/dashboard_service","path":"/service-bridge/refs/tsb/dashboard/v1/dashboard_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/diagnostic_service","path":"/service-bridge/refs/tsb/diagnostic/v2/diagnostic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile","path":"/service-bridge/refs/tsb/profile/v2/profile","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile_service","path":"/service-bridge/refs/tsb/profile/v2/profile_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/membership","path":"/service-bridge/refs/tsb/segmentation/v1/membership","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/policy","path":"/service-bridge/refs/tsb/segmentation/v1/policy","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/rules","path":"/service-bridge/refs/tsb/segmentation/v1/rules","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/service","path":"/service-bridge/refs/tsb/segmentation/v1/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_traffic_setting","path":"/service-bridge/refs/tsb/traffic/v2/service_traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/api","path":"/service-bridge/refs/tsb/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/announcement","path":"/service-bridge/release-notes-announcements/announcement","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/setup/components","sidebar":"defaultSidebar"},{"id":"setup/fips","path":"/service-bridge/setup/fips","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/component-status","path":"/service-bridge/troubleshooting/component-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/proxy-tools","path":"/service-bridge/troubleshooting/proxy-tools","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"workingwithsupport/workingWithTetrateSupport","path":"/service-bridge/workingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/release-notes-announcements","path":"/service-bridge/release-notes-announcements","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/grpc","path":"/service-bridge/refs/tsb/dashboard/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/grpc","path":"/service-bridge/refs/tsb/diagnostic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/grpc","path":"/service-bridge/refs/tsb/profile/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/grpc","path":"/service-bridge/refs/tsb/segmentation/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/yaml","path":"/service-bridge/refs/tsb/profile/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/yaml","path":"/service-bridge/refs/tsb/segmentation/v1/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/","label":"index"}}}},{"name":"1.11.x","label":"1.11.x","isLast":false,"path":"/service-bridge/1.11.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.11.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.11.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.11.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.11.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.11.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.11.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.11.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.11.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.11.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.11.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.11.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/configuration-inheritance","path":"/service-bridge/1.11.x/concepts/configuration-inheritance","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/1.11.x/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.11.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.11.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.11.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.11.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.11.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.11.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.11.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.11.x/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/1.11.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.11.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/1.11.x/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/1.11.x/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/1.11.x/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/1.11.x/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/1.11.x/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/1.11.x/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/1.11.x/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/1.11.x/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/1.11.x/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/1.11.x/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/1.11.x/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/dr-managementplane","path":"/service-bridge/1.11.x/design-guides/ha-dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/ha-managementplane","path":"/service-bridge/1.11.x/design-guides/ha-dr-mp/ha-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/1.11.x/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/1.11.x/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/1.11.x/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/1.11.x/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/1.11.x/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.11.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.11.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.11.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.11.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.11.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.11.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.11.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.11.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/1.11.x/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.11.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.11.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/host-based-egress-access-control","path":"/service-bridge/1.11.x/howto/gateway/host-based-egress-access-control","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/1.11.x/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-failover-priority","path":"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-failover-priority","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.11.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/1.11.x/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.11.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/1.11.x/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway-upgrade","path":"/service-bridge/1.11.x/howto/gateway/unified-gateway-upgrade","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.11.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/clusterrole","path":"/service-bridge/1.11.x/howto/gitops/clusterrole","sidebar":"defaultSidebar"},{"id":"howto/gitops/flagger","path":"/service-bridge/1.11.x/howto/gitops/flagger","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.11.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.11.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.11.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/1.11.x/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/1.11.x/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.11.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.11.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.11.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.11.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.11.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.11.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.11.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.11.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.11.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.11.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.11.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/gateway-mtls","path":"/service-bridge/1.11.x/howto/traffic/gateway-mtls","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.11.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.11.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.11.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.11.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.11.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.11.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/1.11.x/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.11.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.11.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.11.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.11.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.11.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.11.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.11.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.11.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.11.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.11.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/1.11.x/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.11.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.11.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.11.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/1.11.x/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.11.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/1.11.x/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.11.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.11.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/1.11.x/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.11.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.11.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.11.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.11.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.11.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/auditlog-retention","path":"/service-bridge/1.11.x/operations/postgresql/auditlog-retention","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/1.11.x/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/1.11.x/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/postgresql/managing-kubegres","path":"/service-bridge/1.11.x/operations/postgresql/managing-kubegres","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.11.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.11.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.11.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/1.11.x/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.11.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.11.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.11.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.11.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/new-user-local-idp","path":"/service-bridge/1.11.x/operations/users/new-user-local-idp","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.11.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/tsb-fqns","path":"/service-bridge/1.11.x/operations/users/tsb-fqns"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.11.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/users/users-roles-and-permissions","path":"/service-bridge/1.11.x/operations/users/users-roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.11.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.11.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.11.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.11.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.11.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.11.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.11.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.11.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.11.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.11.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.11.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.11.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.11.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.11.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.11.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.11.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/audit","path":"/service-bridge/1.11.x/reference/cli/reference/audit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.11.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.11.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.11.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/debug","path":"/service-bridge/1.11.x/reference/cli/reference/debug","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.11.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.11.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.11.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.11.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.11.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.11.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.11.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/service-account","path":"/service-bridge/1.11.x/reference/cli/reference/service-account","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/status","path":"/service-bridge/1.11.x/reference/cli/reference/status","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.11.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.11.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.11.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/1.11.x/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.11.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.11.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.11.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.11.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.11.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.11.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.11.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.11.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.11.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.11.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.11.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.11.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.11.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.11.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.11.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.11.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.11.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.11.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.11.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.11.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.11.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.11.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.11.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.11.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","path":"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","path":"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","path":"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","path":"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service"},{"id":"refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","path":"/service-bridge/1.11.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration"},{"id":"refs/onboarding/private/component/plane/generator/v1alpha1/version","path":"/service-bridge/1.11.x/refs/onboarding/private/component/plane/generator/v1alpha1/version"},{"id":"refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","path":"/service-bridge/1.11.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token"},{"id":"refs/onboarding/private/install/v1alpha1/spec","path":"/service-bridge/1.11.x/refs/onboarding/private/install/v1alpha1/spec"},{"id":"refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","path":"/service-bridge/1.11.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service"},{"id":"refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","path":"/service-bridge/1.11.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service"},{"id":"refs/onboarding/private/protocol/registration/v1alpha1/registration_service","path":"/service-bridge/1.11.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service"},{"id":"refs/onboarding/private/protocol/session/v1alpha1/session_service","path":"/service-bridge/1.11.x/refs/onboarding/private/protocol/session/v1alpha1/session_service"},{"id":"refs/onboarding/private/types/config/v1alpha1/transport_security","path":"/service-bridge/1.11.x/refs/onboarding/private/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/ec2","path":"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/sts","path":"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts"},{"id":"refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","path":"/service-bridge/1.11.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/private/types/discovery/v1alpha1/discovery","path":"/service-bridge/1.11.x/refs/onboarding/private/types/discovery/v1alpha1/discovery"},{"id":"refs/onboarding/private/types/sidecar/v1alpha1/configuration","path":"/service-bridge/1.11.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration"},{"id":"refs/private/iam/v1/iam","path":"/service-bridge/1.11.x/refs/private/iam/v1/iam"},{"id":"refs/test/v1/echo","path":"/service-bridge/1.11.x/refs/test/v1/echo"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.11.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.11.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.11.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.11.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.11.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/dashboard_service","path":"/service-bridge/1.11.x/refs/tsb/dashboard/v1/dashboard_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/diagnostic_service","path":"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/diagnostic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile","path":"/service-bridge/1.11.x/refs/tsb/profile/v2/profile","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile_service","path":"/service-bridge/1.11.x/refs/tsb/profile/v2/profile_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.11.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.11.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.11.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.11.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.11.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.11.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.11.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.11.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.11.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.11.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.11.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/membership","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/membership","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/policy","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/policy","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/rules","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/rules","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/service","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_traffic_setting","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.11.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.11.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.11.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.11.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.11.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.11.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.11.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.11.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.11.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.11.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.11.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.11.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.11.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.11.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.11.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.11.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.11.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.11.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/announcement","path":"/service-bridge/1.11.x/release-notes-announcements/announcement","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.11.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.11.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.11.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.11.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/1.11.x/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.11.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.11.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.11.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/fips","path":"/service-bridge/1.11.x/setup/fips","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.11.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.11.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.11.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.11.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.11.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.11.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.11.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.11.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.11.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/1.11.x/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.11.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.11.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.11.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.11.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/1.11.x/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.11.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.11.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.11.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.11.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.11.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.11.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.11.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/1.11.x/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.11.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.11.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.11.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.11.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.11.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.11.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.11.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.11.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.11.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.11.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.11.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.11.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/proxy-tools","path":"/service-bridge/1.11.x/troubleshooting/proxy-tools","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.11.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.11.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"workingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.11.x/workingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/release-notes-announcements","path":"/service-bridge/1.11.x/release-notes-announcements","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.11.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.11.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.11.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.11.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.11.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.11.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.11.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.11.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.11.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.11.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.11.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.11.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.11.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.11.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.11.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.11.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/1.11.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.11.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.11.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.11.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.11.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.11.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.11.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.11.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.11.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.11.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.11.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.11.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.11.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/dashboard/v1/grpc","path":"/service-bridge/1.11.x/refs/tsb/dashboard/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/diagnostic/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/profile/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/grpc","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.11.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.11.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.11.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.11.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.11.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/profile/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/segmentation/v1/yaml","path":"/service-bridge/1.11.x/refs/tsb/segmentation/v1/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.11.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.11.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.11.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.11.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.11.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.11.x/","label":"index"}}}},{"name":"1.10.x","label":"1.10.x","isLast":false,"path":"/service-bridge/1.10.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.10.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.10.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.10.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.10.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.10.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.10.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.10.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.10.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.10.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.10.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.10.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/configuration-inheritance","path":"/service-bridge/1.10.x/concepts/configuration-inheritance","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/1.10.x/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.10.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.10.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.10.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.10.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.10.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.10.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.10.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.10.x/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/1.10.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.10.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/1.10.x/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/1.10.x/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/1.10.x/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/1.10.x/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/1.10.x/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/1.10.x/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/1.10.x/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/1.10.x/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/1.10.x/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/1.10.x/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/1.10.x/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/dr-managementplane","path":"/service-bridge/1.10.x/design-guides/ha-dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/ha-managementplane","path":"/service-bridge/1.10.x/design-guides/ha-dr-mp/ha-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/1.10.x/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/1.10.x/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/1.10.x/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/1.10.x/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/1.10.x/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.10.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.10.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.10.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.10.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.10.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.10.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.10.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.10.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/1.10.x/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.10.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.10.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/host-based-egress-access-control","path":"/service-bridge/1.10.x/howto/gateway/host-based-egress-access-control","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/1.10.x/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-failover-priority","path":"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-failover-priority","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.10.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/1.10.x/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.10.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/1.10.x/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway-upgrade","path":"/service-bridge/1.10.x/howto/gateway/unified-gateway-upgrade","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.10.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/flagger","path":"/service-bridge/1.10.x/howto/gitops/flagger","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.10.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.10.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.10.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/1.10.x/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/1.10.x/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.10.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.10.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.10.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.10.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.10.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.10.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.10.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.10.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.10.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.10.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.10.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/gateway-mtls","path":"/service-bridge/1.10.x/howto/traffic/gateway-mtls","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.10.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.10.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.10.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.10.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.10.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.10.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/1.10.x/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.10.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.10.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.10.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.10.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.10.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.10.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.10.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.10.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.10.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.10.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/1.10.x/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.10.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.10.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.10.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/1.10.x/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.10.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/1.10.x/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.10.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.10.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/1.10.x/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.10.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.10.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.10.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.10.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.10.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/auditlog-retention","path":"/service-bridge/1.10.x/operations/postgresql/auditlog-retention","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/1.10.x/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/1.10.x/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/postgresql/managing-kubegres","path":"/service-bridge/1.10.x/operations/postgresql/managing-kubegres","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.10.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.10.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.10.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/1.10.x/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.10.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.10.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.10.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.10.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/new-user-local-idp","path":"/service-bridge/1.10.x/operations/users/new-user-local-idp","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.10.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/tsb-fqns","path":"/service-bridge/1.10.x/operations/users/tsb-fqns"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.10.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/users/users-roles-and-permissions","path":"/service-bridge/1.10.x/operations/users/users-roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.10.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.10.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.10.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.10.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.10.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.10.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.10.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.10.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.10.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.10.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.10.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.10.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.10.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.10.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.10.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.10.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.10.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.10.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.10.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.10.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.10.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.10.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.10.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.10.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.10.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.10.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/status","path":"/service-bridge/1.10.x/reference/cli/reference/status","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.10.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.10.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.10.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/1.10.x/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.10.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.10.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.10.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.10.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.10.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.10.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.10.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.10.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.10.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.10.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.10.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.10.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.10.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.10.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.10.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.10.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.10.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.10.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.10.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.10.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.10.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.10.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.10.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.10.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","path":"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","path":"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","path":"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service"},{"id":"refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","path":"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service"},{"id":"refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","path":"/service-bridge/1.10.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration"},{"id":"refs/onboarding/private/component/plane/generator/v1alpha1/version","path":"/service-bridge/1.10.x/refs/onboarding/private/component/plane/generator/v1alpha1/version"},{"id":"refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","path":"/service-bridge/1.10.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token"},{"id":"refs/onboarding/private/install/v1alpha1/spec","path":"/service-bridge/1.10.x/refs/onboarding/private/install/v1alpha1/spec"},{"id":"refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","path":"/service-bridge/1.10.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service"},{"id":"refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","path":"/service-bridge/1.10.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service"},{"id":"refs/onboarding/private/protocol/registration/v1alpha1/registration_service","path":"/service-bridge/1.10.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service"},{"id":"refs/onboarding/private/protocol/session/v1alpha1/session_service","path":"/service-bridge/1.10.x/refs/onboarding/private/protocol/session/v1alpha1/session_service"},{"id":"refs/onboarding/private/types/config/v1alpha1/transport_security","path":"/service-bridge/1.10.x/refs/onboarding/private/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/ec2","path":"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2"},{"id":"refs/onboarding/private/types/credential/aws/v1alpha1/sts","path":"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts"},{"id":"refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","path":"/service-bridge/1.10.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/private/types/discovery/v1alpha1/discovery","path":"/service-bridge/1.10.x/refs/onboarding/private/types/discovery/v1alpha1/discovery"},{"id":"refs/onboarding/private/types/sidecar/v1alpha1/configuration","path":"/service-bridge/1.10.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration"},{"id":"refs/private/iam/v1/iam","path":"/service-bridge/1.10.x/refs/private/iam/v1/iam"},{"id":"refs/test/v1/echo","path":"/service-bridge/1.10.x/refs/test/v1/echo"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.10.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.10.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.10.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.10.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.10.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile","path":"/service-bridge/1.10.x/refs/tsb/profile/v2/profile","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/profile_service","path":"/service-bridge/1.10.x/refs/tsb/profile/v2/profile_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.10.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.10.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.10.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.10.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.10.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.10.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.10.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.10.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.10.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.10.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.10.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_traffic_setting","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.10.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.10.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.10.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.10.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.10.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.10.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.10.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.10.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.10.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.10.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.10.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.10.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.10.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.10.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.10.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.10.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.10.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.10.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.10.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.10.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/toc","path":"/service-bridge/1.10.x/release-notes-announcements/","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.10.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.10.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/1.10.x/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.10.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.10.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.10.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/fips","path":"/service-bridge/1.10.x/setup/fips","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.10.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.10.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.10.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.10.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.10.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.10.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.10.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.10.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.10.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/1.10.x/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.10.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.10.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.10.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.10.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/1.10.x/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.10.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.10.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.10.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.10.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.10.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.10.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.10.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/1.10.x/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.10.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.10.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.10.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.10.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.10.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.10.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.10.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.10.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.10.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.10.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.10.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.10.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/proxy-tools","path":"/service-bridge/1.10.x/troubleshooting/proxy-tools","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.10.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.10.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"workingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.10.x/workingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.10.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.10.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.10.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.10.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.10.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.10.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.10.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.10.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.10.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.10.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.10.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.10.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.10.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.10.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.10.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.10.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/1.10.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.10.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.10.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.10.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.10.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.10.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.10.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.10.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.10.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.10.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.10.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.10.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.10.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/profile/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.10.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.10.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.10.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.10.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.10.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/profile/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/profile/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.10.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.10.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.10.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.10.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.10.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.10.x/","label":"index"}}}},{"name":"1.9.x","label":"1.9.x","isLast":false,"path":"/service-bridge/1.9.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.9.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.9.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.9.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.9.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.9.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.9.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.9.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.9.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.9.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.9.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.9.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/1.9.x/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.9.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.9.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.9.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.9.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.9.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.9.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.9.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.9.x/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/1.9.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.9.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/1.9.x/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/1.9.x/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/1.9.x/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/1.9.x/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/1.9.x/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/1.9.x/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/1.9.x/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/1.9.x/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/1.9.x/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/1.9.x/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/1.9.x/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/dr-managementplane","path":"/service-bridge/1.9.x/design-guides/ha-dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/ha-managementplane","path":"/service-bridge/1.9.x/design-guides/ha-dr-mp/ha-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/1.9.x/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/1.9.x/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/1.9.x/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/1.9.x/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/1.9.x/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.9.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.9.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.9.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.9.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.9.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.9.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.9.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.9.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/1.9.x/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.9.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/egress-gateways","path":"/service-bridge/1.9.x/howto/gateway/egress-gateways","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.9.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/host-based-egress-access-control","path":"/service-bridge/1.9.x/howto/gateway/host-based-egress-access-control","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/1.9.x/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-failover-priority","path":"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-failover-priority","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.9.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/1.9.x/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.9.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/1.9.x/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway-upgrade","path":"/service-bridge/1.9.x/howto/gateway/unified-gateway-upgrade","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.9.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/flagger","path":"/service-bridge/1.9.x/howto/gitops/flagger","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.9.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.9.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.9.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/1.9.x/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/1.9.x/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.9.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.9.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.9.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.9.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.9.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.9.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.9.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.9.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.9.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.9.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.9.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/external-site-https","path":"/service-bridge/1.9.x/howto/traffic/external-site-https","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.9.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.9.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.9.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.9.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.9.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.9.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/1.9.x/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.9.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.9.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.9.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.9.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.9.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.9.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.9.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.9.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.9.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.9.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/1.9.x/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.9.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.9.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.9.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/1.9.x/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.9.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/1.9.x/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.9.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.9.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/1.9.x/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.9.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.9.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.9.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.9.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.9.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/auditlog-retention","path":"/service-bridge/1.9.x/operations/postgresql/auditlog-retention","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/1.9.x/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/1.9.x/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/postgresql/managing-kubegres","path":"/service-bridge/1.9.x/operations/postgresql/managing-kubegres","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.9.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.9.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.9.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/1.9.x/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.9.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.9.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.9.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.9.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/new-user-local-idp","path":"/service-bridge/1.9.x/operations/users/new-user-local-idp","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.9.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/roles-and-permissions","path":"/service-bridge/1.9.x/operations/users/roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.9.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.9.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.9.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.9.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.9.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.9.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.9.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.9.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.9.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.9.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.9.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.9.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.9.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.9.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.9.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.9.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.9.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.9.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.9.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.9.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.9.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.9.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.9.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.9.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.9.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.9.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.9.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.9.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.9.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.9.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/1.9.x/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.9.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.9.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.9.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.9.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.9.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.9.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.9.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.9.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.9.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.9.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.9.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.9.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.9.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.9.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.9.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.9.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/istio.io/api/operator/v1alpha1/operator","path":"/service-bridge/1.9.x/refs/istio.io/api/operator/v1alpha1/operator"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.9.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.9.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.9.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.9.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.9.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.9.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.9.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.9.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.9.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.9.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.9.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.9.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.9.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.9.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.9.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.9.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.9.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.9.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.9.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.9.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.9.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.9.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.9.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.9.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.9.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.9.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.9.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.9.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.9.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.9.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.9.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.9.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.9.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.9.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.9.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.9.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.9.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.9.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.9.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.9.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.9.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.9.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.9.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.9.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/toc","path":"/service-bridge/1.9.x/release-notes-announcements/","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.9.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.9.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/1.9.x/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.9.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.9.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.9.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.9.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.9.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.9.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.9.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.9.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.9.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.9.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.9.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.9.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/1.9.x/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.9.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.9.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.9.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.9.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/1.9.x/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.9.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.9.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.9.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.9.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.9.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.9.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.9.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/1.9.x/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.9.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.9.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.9.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.9.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.9.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.9.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.9.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.9.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/debug-container","path":"/service-bridge/1.9.x/troubleshooting/debug-container","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.9.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.9.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.9.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.9.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.9.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.9.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"workingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.9.x/workingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.9.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.9.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.9.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.9.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.9.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.9.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.9.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.9.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.9.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.9.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.9.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.9.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.9.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.9.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.9.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.9.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/1.9.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.9.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.9.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.9.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.9.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.9.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.9.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.9.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.9.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.9.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.9.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.9.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.9.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.9.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.9.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.9.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.9.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.9.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.9.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.9.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.9.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.9.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.9.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.9.x/","label":"index"}}}},{"name":"1.8.x","label":"1.8.x","isLast":false,"path":"/service-bridge/1.8.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.8.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.8.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.8.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.8.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.8.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.8.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.8.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.8.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.8.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.8.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.8.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/1.8.x/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.8.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.8.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.8.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.8.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.8.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.8.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.8.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.8.x/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/1.8.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.8.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"concepts/tsb-and-istio","path":"/service-bridge/1.8.x/concepts/tsb-and-istio","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/1.8.x/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/1.8.x/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/1.8.x/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/1.8.x/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/1.8.x/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/1.8.x/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/1.8.x/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/1.8.x/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/1.8.x/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/1.8.x/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/dr-managementplane","path":"/service-bridge/1.8.x/design-guides/ha-dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/ha-managementplane","path":"/service-bridge/1.8.x/design-guides/ha-dr-mp/ha-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/1.8.x/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/1.8.x/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/1.8.x/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/1.8.x/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/1.8.x/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.8.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.8.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.8.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.8.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.8.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.8.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.8.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.8.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-oidc","path":"/service-bridge/1.8.x/howto/gateway/configure-oidc","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.8.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/egress-gateways","path":"/service-bridge/1.8.x/howto/gateway/egress-gateways","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.8.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/1.8.x/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.8.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/1.8.x/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.8.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/1.8.x/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.8.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.8.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.8.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.8.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/1.8.x/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/1.8.x/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.8.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.8.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.8.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.8.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.8.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.8.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.8.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.8.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.8.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.8.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.8.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/external-site-https","path":"/service-bridge/1.8.x/howto/traffic/external-site-https","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.8.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.8.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.8.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.8.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.8.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.8.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/1.8.x/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.8.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.8.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.8.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.8.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.8.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.8.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.8.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.8.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.8.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.8.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/1.8.x/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.8.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.8.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.8.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/1.8.x/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.8.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/1.8.x/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.8.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.8.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/features/tls-origin-multi-cluster","path":"/service-bridge/1.8.x/operations/features/tls-origin-multi-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.8.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.8.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.8.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.8.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.8.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql/azure-credentials","path":"/service-bridge/1.8.x/operations/postgresql/azure-credentials","sidebar":"defaultSidebar"},{"id":"operations/postgresql/backup-and-restore","path":"/service-bridge/1.8.x/operations/postgresql/backup-and-restore","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.8.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.8.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.8.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/1.8.x/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.8.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.8.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.8.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.8.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.8.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/roles-and-permissions","path":"/service-bridge/1.8.x/operations/users/roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.8.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.8.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.8.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.8.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.8.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.8.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.8.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.8.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.8.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.8.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.8.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.8.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.8.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.8.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.8.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.8.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.8.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.8.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.8.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.8.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.8.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.8.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.8.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.8.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.8.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.8.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.8.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.8.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.8.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.8.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/1.8.x/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.8.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.8.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.8.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.8.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.8.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.8.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.8.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.8.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.8.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.8.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.8.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.8.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.8.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.8.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.8.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.8.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/istio.io/api/operator/v1alpha1/operator","path":"/service-bridge/1.8.x/refs/istio.io/api/operator/v1alpha1/operator"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.8.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.8.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.8.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.8.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.8.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.8.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.8.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.8.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.8.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.8.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.8.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.8.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.8.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.8.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.8.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.8.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.8.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.8.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.8.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.8.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.8.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.8.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.8.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.8.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.8.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.8.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.8.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.8.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.8.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.8.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.8.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.8.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.8.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.8.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.8.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.8.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.8.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.8.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.8.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.8.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.8.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.8.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.8.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.8.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/toc","path":"/service-bridge/1.8.x/release-notes-announcements/","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.8.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.8.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/1.8.x/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.8.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.8.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.8.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.8.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.8.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.8.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.8.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.8.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.8.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.8.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.8.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.8.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries-installation","path":"/service-bridge/1.8.x/setup/isolation-boundaries-installation","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.8.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.8.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.8.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.8.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/1.8.x/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.8.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.8.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.8.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.8.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.8.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.8.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.8.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrade-best-practices","path":"/service-bridge/1.8.x/setup/upgrade-best-practices","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.8.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.8.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.8.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.8.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.8.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.8.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.8.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.8.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/debug-container","path":"/service-bridge/1.8.x/troubleshooting/debug-container","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.8.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.8.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.8.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.8.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.8.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.8.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"wokingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.8.x/wokingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.8.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.8.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.8.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.8.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.8.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.8.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.8.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.8.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.8.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.8.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.8.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.8.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.8.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.8.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.8.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.8.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/postgresql","path":"/service-bridge/1.8.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.8.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.8.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.8.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.8.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.8.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.8.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.8.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.8.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.8.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.8.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.8.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.8.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.8.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.8.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.8.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.8.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.8.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.8.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.8.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.8.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.8.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.8.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.8.x/","label":"index"}}}},{"name":"1.7.x","label":"1.7.x","isLast":false,"path":"/service-bridge/1.7.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.7.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.7.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.7.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.7.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.7.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.7.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.7.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.7.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.7.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.7.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.7.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/glossary","path":"/service-bridge/1.7.x/concepts/glossary","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.7.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.7.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.7.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.7.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.7.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.7.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.7.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.7.x/concepts/terminology"},{"id":"concepts/toc","path":"/service-bridge/1.7.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.7.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/cross-cluster","path":"/service-bridge/1.7.x/design-guides/app-onboarding/cross-cluster","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/deploy-service","path":"/service-bridge/1.7.x/design-guides/app-onboarding/deploy-service","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/gateway-security","path":"/service-bridge/1.7.x/design-guides/app-onboarding/gateway-security","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/high-availability","path":"/service-bridge/1.7.x/design-guides/app-onboarding/high-availability","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/index","path":"/service-bridge/1.7.x/design-guides/app-onboarding/","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/introduction","path":"/service-bridge/1.7.x/design-guides/app-onboarding/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/monitor","path":"/service-bridge/1.7.x/design-guides/app-onboarding/monitor","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/prepare","path":"/service-bridge/1.7.x/design-guides/app-onboarding/prepare","sidebar":"defaultSidebar"},{"id":"design-guides/app-onboarding/promote-service","path":"/service-bridge/1.7.x/design-guides/app-onboarding/promote-service"},{"id":"design-guides/app-onboarding/security","path":"/service-bridge/1.7.x/design-guides/app-onboarding/security","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/dr-managementplane","path":"/service-bridge/1.7.x/design-guides/ha-dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/ha-managementplane","path":"/service-bridge/1.7.x/design-guides/ha-dr-mp/ha-managementplane","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/index","path":"/service-bridge/1.7.x/design-guides/ha-dr-mp/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/introduction","path":"/service-bridge/1.7.x/design-guides/ha-dr-mp/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-dr-mp/scenarios","path":"/service-bridge/1.7.x/design-guides/ha-dr-mp/scenarios","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/cluster-failover","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/cluster-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-1","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-1","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/demo-2","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-2","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/edge-failover","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/edge-failover","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/index","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/introduction","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/introduction","sidebar":"defaultSidebar"},{"id":"design-guides/ha-multicluster/operations","path":"/service-bridge/1.7.x/design-guides/ha-multicluster/operations","sidebar":"defaultSidebar"},{"id":"design-guides/index","path":"/service-bridge/1.7.x/design-guides/","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.7.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.7.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.7.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.7.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.7.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.7.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.7.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.7.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.7.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/egress-gateways","path":"/service-bridge/1.7.x/howto/gateway/egress-gateways","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.7.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/https-with-proxy-protocol","path":"/service-bridge/1.7.x/howto/gateway/https-with-proxy-protocol","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.7.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/shared-ingress","path":"/service-bridge/1.7.x/howto/gateway/shared-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.7.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gateway/unified-gateway","path":"/service-bridge/1.7.x/howto/gateway/unified-gateway","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.7.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.7.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.7.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.7.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/network-policies","path":"/service-bridge/1.7.x/howto/network-policies","sidebar":"defaultSidebar"},{"id":"howto/promql-using-skywalking","path":"/service-bridge/1.7.x/howto/promql-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.7.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.7.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.7.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.7.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.7.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.7.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.7.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.7.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.7.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.7.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.7.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/external-site-https","path":"/service-bridge/1.7.x/howto/traffic/external-site-https","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.7.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.7.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.7.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.7.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.7.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-proxy","path":"/service-bridge/1.7.x/howto/wasm/wasm-proxy","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.7.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.7.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.7.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.7.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.7.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.7.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.7.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.7.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.7.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.7.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/deletion-protection","path":"/service-bridge/1.7.x/operations/features/deletion-protection","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.7.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.7.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.7.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/internal-wasm-extensions","path":"/service-bridge/1.7.x/operations/features/internal-wasm-extensions","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.7.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/label-annotation","path":"/service-bridge/1.7.x/operations/features/label-annotation","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.7.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.7.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.7.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.7.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.7.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.7.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.7.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql","path":"/service-bridge/1.7.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.7.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.7.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.7.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/new-relic","path":"/service-bridge/1.7.x/operations/telemetry/new-relic","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.7.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.7.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.7.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.7.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.7.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/roles-and-permissions","path":"/service-bridge/1.7.x/operations/users/roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.7.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.7.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.7.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.7.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.7.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.7.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.7.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.7.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.7.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.7.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.7.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.7.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.7.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.7.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.7.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.7.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.7.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.7.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.7.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.7.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.7.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.7.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.7.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.7.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.7.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.7.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.7.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.7.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.7.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.7.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/whoami","path":"/service-bridge/1.7.x/reference/cli/reference/whoami","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.7.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.7.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.7.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","sidebar":"defaultSidebar"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.7.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.7.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.7.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.7.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.7.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.7.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.7.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.7.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.7.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.7.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.7.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.7.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.7.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/istio.io/api/operator/v1alpha1/operator","path":"/service-bridge/1.7.x/refs/istio.io/api/operator/v1alpha1/operator"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.7.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.7.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.7.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.7.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.7.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.7.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.7.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.7.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.7.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.7.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.7.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.7.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.7.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_common","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_common","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.7.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.7.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.7.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.7.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.7.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.7.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.7.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.7.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.7.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.7.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.7.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.7.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.7.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.7.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.7.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.7.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.7.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.7.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.7.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.7.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.7.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.7.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.7.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.7.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.7.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.7.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.7.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.7.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.7.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.7.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.7.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/toc","path":"/service-bridge/1.7.x/release-notes-announcements/","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.7.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.7.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/automated-certificate-management","path":"/service-bridge/1.7.x/setup/certificate/automated-certificate-management","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.7.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.7.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.7.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.7.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.7.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.7.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.7.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.7.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.7.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.7.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.7.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.7.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.7.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.7.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.7.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.7.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/security-context","path":"/service-bridge/1.7.x/setup/security-context","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.7.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.7.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.7.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.7.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.7.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.7.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.7.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.7.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.7.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.7.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.7.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.7.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.7.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.7.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.7.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/debug-container","path":"/service-bridge/1.7.x/troubleshooting/debug-container","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.7.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.7.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.7.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.7.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.7.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.7.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"wokingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.7.x/wokingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.7.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.7.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.7.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.7.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.7.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.7.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.7.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.7.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.7.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.7.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.7.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.7.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.7.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.7.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.7.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.7.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.7.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.7.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.7.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.7.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.7.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.7.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.7.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.7.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.7.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.7.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.7.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.7.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.7.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.7.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.7.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.7.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.7.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.7.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.7.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","path":"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.7.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.7.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.7.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.7.x/","label":"index"}}}},{"name":"1.6.x","label":"1.6.x","isLast":false,"path":"/service-bridge/1.6.x","mainDocId":"index","docs":[{"id":"cheatsheet/index","path":"/service-bridge/1.6.x/cheatsheet/","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/gateways-management","path":"/service-bridge/1.6.x/cheatsheet/sheets/gateways-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/kubectl","path":"/service-bridge/1.6.x/cheatsheet/sheets/kubectl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/security-management","path":"/service-bridge/1.6.x/cheatsheet/sheets/security-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tctl","path":"/service-bridge/1.6.x/cheatsheet/sheets/tctl","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/traffic-management","path":"/service-bridge/1.6.x/cheatsheet/sheets/traffic-management","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-concepts","path":"/service-bridge/1.6.x/cheatsheet/sheets/tsb-concepts","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-quickstart","path":"/service-bridge/1.6.x/cheatsheet/sheets/tsb-quickstart","sidebar":"defaultSidebar"},{"id":"cheatsheet/sheets/tsb-terminology","path":"/service-bridge/1.6.x/cheatsheet/sheets/tsb-terminology","sidebar":"defaultSidebar"},{"id":"concepts/architecture","path":"/service-bridge/1.6.x/concepts/architecture","sidebar":"defaultSidebar"},{"id":"concepts/configuration-dataflow","path":"/service-bridge/1.6.x/concepts/configuration-dataflow","sidebar":"defaultSidebar"},{"id":"concepts/observability","path":"/service-bridge/1.6.x/concepts/observability","sidebar":"defaultSidebar"},{"id":"concepts/operators/control-plane","path":"/service-bridge/1.6.x/concepts/operators/control-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/data-plane","path":"/service-bridge/1.6.x/concepts/operators/data-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/management-plane","path":"/service-bridge/1.6.x/concepts/operators/management-plane","sidebar":"defaultSidebar"},{"id":"concepts/operators/toc","path":"/service-bridge/1.6.x/concepts/operators/","sidebar":"defaultSidebar"},{"id":"concepts/security","path":"/service-bridge/1.6.x/concepts/security","sidebar":"defaultSidebar"},{"id":"concepts/service-mesh","path":"/service-bridge/1.6.x/concepts/service-mesh","sidebar":"defaultSidebar"},{"id":"concepts/terminology","path":"/service-bridge/1.6.x/concepts/terminology","sidebar":"defaultSidebar"},{"id":"concepts/toc","path":"/service-bridge/1.6.x/concepts/","sidebar":"defaultSidebar"},{"id":"concepts/traffic-management","path":"/service-bridge/1.6.x/concepts/traffic-management","sidebar":"defaultSidebar"},{"id":"design-guides/dr-mp/dr-managementplane","path":"/service-bridge/1.6.x/design-guides/dr-mp/dr-managementplane","sidebar":"defaultSidebar"},{"id":"howto/authorization/ingress-gateway","path":"/service-bridge/1.6.x/howto/authorization/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/sidecar","path":"/service-bridge/1.6.x/howto/authorization/sidecar","sidebar":"defaultSidebar"},{"id":"howto/authorization/tier1-gateway","path":"/service-bridge/1.6.x/howto/authorization/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/authorization/tls-verification","path":"/service-bridge/1.6.x/howto/authorization/tls-verification","sidebar":"defaultSidebar"},{"id":"howto/authorization/toc","path":"/service-bridge/1.6.x/howto/authorization/","sidebar":"defaultSidebar"},{"id":"howto/gateway/app-ingress","path":"/service-bridge/1.6.x/howto/gateway/app-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/application-gateway-with-openapi-annotations","path":"/service-bridge/1.6.x/howto/gateway/application-gateway-with-openapi-annotations","sidebar":"defaultSidebar"},{"id":"howto/gateway/configure-and-route-nonhttp-traffic","path":"/service-bridge/1.6.x/howto/gateway/configure-and-route-nonhttp-traffic","sidebar":"defaultSidebar"},{"id":"howto/gateway/distributed-ingress","path":"/service-bridge/1.6.x/howto/gateway/distributed-ingress","sidebar":"defaultSidebar"},{"id":"howto/gateway/egress-gateways","path":"/service-bridge/1.6.x/howto/gateway/egress-gateways","sidebar":"defaultSidebar"},{"id":"howto/gateway/end-user-auth-keycloak","path":"/service-bridge/1.6.x/howto/gateway/end-user-auth-keycloak","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-using-tier2gw","path":"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","path":"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","sidebar":"defaultSidebar"},{"id":"howto/gateway/multi-cluster-traffic-shifting","path":"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-shifting","sidebar":"defaultSidebar"},{"id":"howto/gateway/service-identity-propagation","path":"/service-bridge/1.6.x/howto/gateway/service-identity-propagation","sidebar":"defaultSidebar"},{"id":"howto/gateway/subset-based-routing-using-igw-and-service-route","path":"/service-bridge/1.6.x/howto/gateway/subset-based-routing-using-igw-and-service-route","sidebar":"defaultSidebar"},{"id":"howto/gitops/argo-rollouts","path":"/service-bridge/1.6.x/howto/gitops/argo-rollouts","sidebar":"defaultSidebar"},{"id":"howto/gitops/flux","path":"/service-bridge/1.6.x/howto/gitops/flux","sidebar":"defaultSidebar"},{"id":"howto/gitops/gitops","path":"/service-bridge/1.6.x/howto/gitops/gitops","sidebar":"defaultSidebar"},{"id":"howto/hpa-using-skywalking","path":"/service-bridge/1.6.x/howto/hpa-using-skywalking","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/external-rate-limiting","path":"/service-bridge/1.6.x/howto/rate-limiting/external-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/ingress-gateway","path":"/service-bridge/1.6.x/howto/rate-limiting/ingress-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/internal-rate-limiting","path":"/service-bridge/1.6.x/howto/rate-limiting/internal-rate-limiting","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/service-to-service","path":"/service-bridge/1.6.x/howto/rate-limiting/service-to-service","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tier1-gateway","path":"/service-bridge/1.6.x/howto/rate-limiting/tier1-gateway","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/tls-validation","path":"/service-bridge/1.6.x/howto/rate-limiting/tls-validation","sidebar":"defaultSidebar"},{"id":"howto/rate-limiting/toc","path":"/service-bridge/1.6.x/howto/rate-limiting/","sidebar":"defaultSidebar"},{"id":"howto/security-domains","path":"/service-bridge/1.6.x/howto/security-domains","sidebar":"defaultSidebar"},{"id":"howto/service-accounts","path":"/service-bridge/1.6.x/howto/service-accounts","sidebar":"defaultSidebar"},{"id":"howto/traffic/canary-releases","path":"/service-bridge/1.6.x/howto/traffic/canary-releases","sidebar":"defaultSidebar"},{"id":"howto/traffic/configure-multi-port-service-route","path":"/service-bridge/1.6.x/howto/traffic/configure-multi-port-service-route","sidebar":"defaultSidebar"},{"id":"howto/traffic/external-site-https","path":"/service-bridge/1.6.x/howto/traffic/external-site-https","sidebar":"defaultSidebar"},{"id":"howto/traffic/load-balance","path":"/service-bridge/1.6.x/howto/traffic/load-balance","sidebar":"defaultSidebar"},{"id":"howto/traffic/migrating-VM-monoliths","path":"/service-bridge/1.6.x/howto/traffic/migrating-VM-monoliths","sidebar":"defaultSidebar"},{"id":"howto/traffic/splitting-service-traffic-between-k8s-vms","path":"/service-bridge/1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms","sidebar":"defaultSidebar"},{"id":"howto/waf","path":"/service-bridge/1.6.x/howto/waf","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-extension","path":"/service-bridge/1.6.x/howto/wasm/wasm-extension","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-overview","path":"/service-bridge/1.6.x/howto/wasm/wasm-overview","sidebar":"defaultSidebar"},{"id":"howto/wasm/wasm-try","path":"/service-bridge/1.6.x/howto/wasm/wasm-try","sidebar":"defaultSidebar"},{"id":"index","path":"/service-bridge/1.6.x/","sidebar":"defaultSidebar"},{"id":"knowledge-base/faq","path":"/service-bridge/1.6.x/knowledge-base/faq","sidebar":"defaultSidebar"},{"id":"knowledge-base/gitops","path":"/service-bridge/1.6.x/knowledge-base/gitops","sidebar":"defaultSidebar"},{"id":"operations/configuration-promotion","path":"/service-bridge/1.6.x/operations/configuration-promotion","sidebar":"defaultSidebar"},{"id":"operations/configure-log-levels","path":"/service-bridge/1.6.x/operations/configure-log-levels","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/elasticsearch-role","path":"/service-bridge/1.6.x/operations/elasticsearch/elasticsearch-role","sidebar":"defaultSidebar"},{"id":"operations/elasticsearch/wipe-elastic","path":"/service-bridge/1.6.x/operations/elasticsearch/wipe-elastic","sidebar":"defaultSidebar"},{"id":"operations/features/configure-cluster-external-addresses","path":"/service-bridge/1.6.x/operations/features/configure-cluster-external-addresses","sidebar":"defaultSidebar"},{"id":"operations/features/configure-gitops","path":"/service-bridge/1.6.x/operations/features/configure-gitops","sidebar":"defaultSidebar"},{"id":"operations/features/eastwest-routing","path":"/service-bridge/1.6.x/operations/features/eastwest-routing","sidebar":"defaultSidebar"},{"id":"operations/features/edge-dns-resolution","path":"/service-bridge/1.6.x/operations/features/edge-dns-resolution","sidebar":"defaultSidebar"},{"id":"operations/features/enable-config-protection","path":"/service-bridge/1.6.x/operations/features/enable-config-protection","sidebar":"defaultSidebar"},{"id":"operations/features/gateway-deletion-webhook","path":"/service-bridge/1.6.x/operations/features/gateway-deletion-webhook","sidebar":"defaultSidebar"},{"id":"operations/features/istio-cni","path":"/service-bridge/1.6.x/operations/features/istio-cni","sidebar":"defaultSidebar"},{"id":"operations/features/streaming-log","path":"/service-bridge/1.6.x/operations/features/streaming-log","sidebar":"defaultSidebar"},{"id":"operations/features/tier1-in-app-cluster","path":"/service-bridge/1.6.x/operations/features/tier1-in-app-cluster","sidebar":"defaultSidebar"},{"id":"operations/graceful-connection-drain","path":"/service-bridge/1.6.x/operations/graceful-connection-drain","sidebar":"defaultSidebar"},{"id":"operations/kube-customization","path":"/service-bridge/1.6.x/operations/kube-customization","sidebar":"defaultSidebar"},{"id":"operations/lower-istio-resources","path":"/service-bridge/1.6.x/operations/lower-istio-resources","sidebar":"defaultSidebar"},{"id":"operations/migrate-organization","path":"/service-bridge/1.6.x/operations/migrate-organization","sidebar":"defaultSidebar"},{"id":"operations/multiple-iam-keys","path":"/service-bridge/1.6.x/operations/multiple-iam-keys","sidebar":"defaultSidebar"},{"id":"operations/postgresql","path":"/service-bridge/1.6.x/operations/postgresql","sidebar":"defaultSidebar"},{"id":"operations/telemetry/alerting-guidelines","path":"/service-bridge/1.6.x/operations/telemetry/alerting-guidelines","sidebar":"defaultSidebar"},{"id":"operations/telemetry/distributed-tracing","path":"/service-bridge/1.6.x/operations/telemetry/distributed-tracing","sidebar":"defaultSidebar"},{"id":"operations/telemetry/key-metrics","path":"/service-bridge/1.6.x/operations/telemetry/key-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/red-metrics","path":"/service-bridge/1.6.x/operations/telemetry/red-metrics","sidebar":"defaultSidebar"},{"id":"operations/telemetry/telemetry-architecture","path":"/service-bridge/1.6.x/operations/telemetry/telemetry-architecture","sidebar":"defaultSidebar"},{"id":"operations/users/admin-password","path":"/service-bridge/1.6.x/operations/users/admin-password","sidebar":"defaultSidebar"},{"id":"operations/users/configuring-ldap","path":"/service-bridge/1.6.x/operations/users/configuring-ldap","sidebar":"defaultSidebar"},{"id":"operations/users/oidc-azure","path":"/service-bridge/1.6.x/operations/users/oidc-azure","sidebar":"defaultSidebar"},{"id":"operations/users/roles-and-permissions","path":"/service-bridge/1.6.x/operations/users/roles-and-permissions","sidebar":"defaultSidebar"},{"id":"operations/users/user-synchronization","path":"/service-bridge/1.6.x/operations/users/user-synchronization","sidebar":"defaultSidebar"},{"id":"operations/vault/elasticsearch","path":"/service-bridge/1.6.x/operations/vault/elasticsearch","sidebar":"defaultSidebar"},{"id":"operations/vault/istiod-ca","path":"/service-bridge/1.6.x/operations/vault/istiod-ca","sidebar":"defaultSidebar"},{"id":"operations/vault/postgresql","path":"/service-bridge/1.6.x/operations/vault/postgresql","sidebar":"defaultSidebar"},{"id":"operations/xcp-to-edge-jwt-authentication","path":"/service-bridge/1.6.x/operations/xcp-to-edge-jwt-authentication","sidebar":"defaultSidebar"},{"id":"quickstart/apps","path":"/service-bridge/1.6.x/quickstart/apps","sidebar":"defaultSidebar"},{"id":"quickstart/config-groups","path":"/service-bridge/1.6.x/quickstart/config-groups","sidebar":"defaultSidebar"},{"id":"quickstart/deploy-sample-app","path":"/service-bridge/1.6.x/quickstart/deploy-sample-app","sidebar":"defaultSidebar"},{"id":"quickstart/ingress-gateway","path":"/service-bridge/1.6.x/quickstart/ingress-gateway","sidebar":"defaultSidebar"},{"id":"quickstart/introduction","path":"/service-bridge/1.6.x/quickstart/introduction","sidebar":"defaultSidebar"},{"id":"quickstart/observability","path":"/service-bridge/1.6.x/quickstart/observability","sidebar":"defaultSidebar"},{"id":"quickstart/permissions","path":"/service-bridge/1.6.x/quickstart/permissions","sidebar":"defaultSidebar"},{"id":"quickstart/security","path":"/service-bridge/1.6.x/quickstart/security","sidebar":"defaultSidebar"},{"id":"quickstart/tenant","path":"/service-bridge/1.6.x/quickstart/tenant","sidebar":"defaultSidebar"},{"id":"quickstart/traffic-shifting","path":"/service-bridge/1.6.x/quickstart/traffic-shifting","sidebar":"defaultSidebar"},{"id":"quickstart/workspace","path":"/service-bridge/1.6.x/quickstart/workspace","sidebar":"defaultSidebar"},{"id":"reference/cli/guide/index","path":"/service-bridge/1.6.x/reference/cli/guide/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/apply","path":"/service-bridge/1.6.x/reference/cli/reference/apply","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/collect","path":"/service-bridge/1.6.x/reference/cli/reference/collect","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/completion","path":"/service-bridge/1.6.x/reference/cli/reference/completion","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/config","path":"/service-bridge/1.6.x/reference/cli/reference/config","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/delete","path":"/service-bridge/1.6.x/reference/cli/reference/delete","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/edit","path":"/service-bridge/1.6.x/reference/cli/reference/edit","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/experimental","path":"/service-bridge/1.6.x/reference/cli/reference/experimental","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/get","path":"/service-bridge/1.6.x/reference/cli/reference/get","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/index","path":"/service-bridge/1.6.x/reference/cli/reference/index","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/install","path":"/service-bridge/1.6.x/reference/cli/reference/install","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/login","path":"/service-bridge/1.6.x/reference/cli/reference/login","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/ui","path":"/service-bridge/1.6.x/reference/cli/reference/ui","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/validate","path":"/service-bridge/1.6.x/reference/cli/reference/validate","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/version","path":"/service-bridge/1.6.x/reference/cli/reference/version","sidebar":"defaultSidebar"},{"id":"reference/cli/reference/workload-entry-annotations","path":"/service-bridge/1.6.x/reference/cli/reference/workload-entry-annotations","sidebar":"defaultSidebar"},{"id":"reference/grpc-api/guide","path":"/service-bridge/1.6.x/reference/grpc-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/guide","path":"/service-bridge/1.6.x/reference/k8s-api/guide","sidebar":"defaultSidebar"},{"id":"reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace"},{"id":"reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","path":"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting"},{"id":"reference/rest-api/guide","path":"/service-bridge/1.6.x/reference/rest-api/guide","sidebar":"defaultSidebar"},{"id":"reference/samples/httpbin","path":"/service-bridge/1.6.x/reference/samples/httpbin","sidebar":"defaultSidebar"},{"id":"reference/samples/opa","path":"/service-bridge/1.6.x/reference/samples/opa","sidebar":"defaultSidebar"},{"id":"reference/samples/sleep-service","path":"/service-bridge/1.6.x/reference/samples/sleep-service","sidebar":"defaultSidebar"},{"id":"reference/yaml-api/guide","path":"/service-bridge/1.6.x/reference/yaml-api/guide","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/audit","path":"/service-bridge/1.6.x/refs/audit/v1/audit","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oauth_service","path":"/service-bridge/1.6.x/refs/iam/v2/oauth_service","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/oidc_service","path":"/service-bridge/1.6.x/refs/iam/v2/oidc_service","sidebar":"defaultSidebar"},{"id":"refs/install/common/common_config","path":"/service-bridge/1.6.x/refs/install/common/common_config","sidebar":"defaultSidebar"},{"id":"refs/install/controlplane/v1alpha1/spec","path":"/service-bridge/1.6.x/refs/install/controlplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/dataplane/v1alpha1/spec","path":"/service-bridge/1.6.x/refs/install/dataplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/install/kubernetes/k8s","path":"/service-bridge/1.6.x/refs/install/kubernetes/k8s","sidebar":"defaultSidebar"},{"id":"refs/install/managementplane/v1alpha1/spec","path":"/service-bridge/1.6.x/refs/install/managementplane/v1alpha1/spec","sidebar":"defaultSidebar"},{"id":"refs/istio.io/api/operator/v1alpha1/operator","path":"/service-bridge/1.6.x/refs/istio.io/api/operator/v1alpha1/operator"},{"id":"refs/onboarding/config/agent/v1alpha1/agent_configuration","path":"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/agent/v1alpha1/onboarding_configuration","path":"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/aws/v1alpha1/aws","path":"/service-bridge/1.6.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/jwt/v1alpha1/jwt","path":"/service-bridge/1.6.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/authorization/v1alpha1/policy","path":"/service-bridge/1.6.x/refs/onboarding/config/authorization/v1alpha1/policy","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/install/v1alpha1/jwt_issuer","path":"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/jwt_issuer"},{"id":"refs/onboarding/config/install/v1alpha1/workload_configuration","path":"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/workload_configuration"},{"id":"refs/onboarding/config/runtime/v1alpha1/registration","path":"/service-bridge/1.6.x/refs/onboarding/config/runtime/v1alpha1/registration","sidebar":"defaultSidebar"},{"id":"refs/onboarding/config/types/config/v1alpha1/transport_security","path":"/service-bridge/1.6.x/refs/onboarding/config/types/config/v1alpha1/transport_security"},{"id":"refs/onboarding/config/types/core/v1alpha1/condition","path":"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/condition"},{"id":"refs/onboarding/config/types/core/v1alpha1/namespaced_name","path":"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name"},{"id":"refs/onboarding/config/types/identity/aws/v1alpha1/aws","path":"/service-bridge/1.6.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws"},{"id":"refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","path":"/service-bridge/1.6.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt"},{"id":"refs/onboarding/config/types/identity/v1alpha1/identity","path":"/service-bridge/1.6.x/refs/onboarding/config/types/identity/v1alpha1/identity"},{"id":"refs/onboarding/config/types/registration/v1alpha1/hostinfo","path":"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo"},{"id":"refs/onboarding/config/types/registration/v1alpha1/registration","path":"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/registration"},{"id":"refs/tsb/application/v2/api","path":"/service-bridge/1.6.x/refs/tsb/application/v2/api","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application","path":"/service-bridge/1.6.x/refs/tsb/application/v2/application","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/application_service","path":"/service-bridge/1.6.x/refs/tsb/application/v2/application_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/openapi_extensions","path":"/service-bridge/1.6.x/refs/tsb/application/v2/openapi_extensions","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/auth","path":"/service-bridge/1.6.x/refs/tsb/auth/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_extension","path":"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_extension","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/wasm_service","path":"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/auth","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/auth","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/eastwest_gateway","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/eastwest_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/egress_gateway","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/egress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_group","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/gateway_service","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/ingress_gateway","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/ingress_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/istio_gateway_direct","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/istio_gateway_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/tier1_gateway","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/tier1_gateway","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_internal_group","path":"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_internal_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istio_istiointernal_direct","path":"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/istiointernal_service","path":"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istiointernal_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/metric_service","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/source_service","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/approvals_service","path":"/service-bridge/1.6.x/refs/tsb/q/v2/approvals_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/permissions_service","path":"/service-bridge/1.6.x/refs/tsb/q/v2/permissions_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/api_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/api_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/application_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/application_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/binding","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/binding","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/gateway_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/gateway_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/istio_internal_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/istio_internal_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/organization_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/organization_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/permissions","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/permissions","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/policy_service","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/policy_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/role","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/role_service","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/role_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/security_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/security_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/tenant_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/tenant_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/traffic_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/traffic_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/workspace_access_bindings","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/workspace_access_bindings","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/lookup_service","path":"/service-bridge/1.6.x/refs/tsb/registry/v2/lookup_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/registration_service","path":"/service-bridge/1.6.x/refs/tsb/registry/v2/registration_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/service","path":"/service-bridge/1.6.x/refs/tsb/registry/v2/service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/istio_security_direct","path":"/service-bridge/1.6.x/refs/tsb/security/v2/istio_security_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_group","path":"/service-bridge/1.6.x/refs/tsb/security/v2/security_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_service","path":"/service-bridge/1.6.x/refs/tsb/security/v2/security_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/security_setting","path":"/service-bridge/1.6.x/refs/tsb/security/v2/security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/service_security_setting","path":"/service-bridge/1.6.x/refs/tsb/security/v2/service_security_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/waf_settings","path":"/service-bridge/1.6.x/refs/tsb/security/v2/waf_settings","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/istio_traffic_direct","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/istio_traffic_direct","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/service_route","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/service_route","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_group","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_group","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_service","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/traffic_setting","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/types","path":"/service-bridge/1.6.x/refs/tsb/types/v2/types","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster","path":"/service-bridge/1.6.x/refs/tsb/v2/cluster","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/cluster_service","path":"/service-bridge/1.6.x/refs/tsb/v2/cluster_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/info","path":"/service-bridge/1.6.x/refs/tsb/v2/info","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization","path":"/service-bridge/1.6.x/refs/tsb/v2/organization","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_service","path":"/service-bridge/1.6.x/refs/tsb/v2/organization_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/organization_setting","path":"/service-bridge/1.6.x/refs/tsb/v2/organization_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status","path":"/service-bridge/1.6.x/refs/tsb/v2/status","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/status_service","path":"/service-bridge/1.6.x/refs/tsb/v2/status_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team","path":"/service-bridge/1.6.x/refs/tsb/v2/team","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/team_service","path":"/service-bridge/1.6.x/refs/tsb/v2/team_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant","path":"/service-bridge/1.6.x/refs/tsb/v2/tenant","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_service","path":"/service-bridge/1.6.x/refs/tsb/v2/tenant_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/tenant_setting","path":"/service-bridge/1.6.x/refs/tsb/v2/tenant_setting","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace","path":"/service-bridge/1.6.x/refs/tsb/v2/workspace","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_service","path":"/service-bridge/1.6.x/refs/tsb/v2/workspace_service","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/workspace_setting","path":"/service-bridge/1.6.x/refs/tsb/v2/workspace_setting","sidebar":"defaultSidebar"},{"id":"release-notes","path":"/service-bridge/1.6.x/release-notes","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/feature-status","path":"/service-bridge/1.6.x/release-notes-announcements/feature-status","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/support-policy","path":"/service-bridge/1.6.x/release-notes-announcements/support-policy","sidebar":"defaultSidebar"},{"id":"release-notes-announcements/toc","path":"/service-bridge/1.6.x/release-notes-announcements/","sidebar":"defaultSidebar"},{"id":"setup/aws/container-marketplace","path":"/service-bridge/1.6.x/setup/aws/container-marketplace","sidebar":"defaultSidebar"},{"id":"setup/aws/vpc","path":"/service-bridge/1.6.x/setup/aws/vpc","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-requirements","path":"/service-bridge/1.6.x/setup/certificate/certificate-requirements","sidebar":"defaultSidebar"},{"id":"setup/certificate/certificate-setup","path":"/service-bridge/1.6.x/setup/certificate/certificate-setup","sidebar":"defaultSidebar"},{"id":"setup/components","path":"/service-bridge/1.6.x/setup/components","sidebar":"defaultSidebar"},{"id":"setup/firewall-information","path":"/service-bridge/1.6.x/setup/firewall-information","sidebar":"defaultSidebar"},{"id":"setup/helm/controlplane","path":"/service-bridge/1.6.x/setup/helm/controlplane","sidebar":"defaultSidebar"},{"id":"setup/helm/dataplane","path":"/service-bridge/1.6.x/setup/helm/dataplane","sidebar":"defaultSidebar"},{"id":"setup/helm/helm","path":"/service-bridge/1.6.x/setup/helm/helm","sidebar":"defaultSidebar"},{"id":"setup/helm/managementplane","path":"/service-bridge/1.6.x/setup/helm/managementplane","sidebar":"defaultSidebar"},{"id":"setup/helm/toc","path":"/service-bridge/1.6.x/setup/helm/","sidebar":"defaultSidebar"},{"id":"setup/helm/uninstallation","path":"/service-bridge/1.6.x/setup/helm/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/helm/upgrade","path":"/service-bridge/1.6.x/setup/helm/upgrade","sidebar":"defaultSidebar"},{"id":"setup/isolation-boundaries","path":"/service-bridge/1.6.x/setup/isolation-boundaries","sidebar":"defaultSidebar"},{"id":"setup/migrate-tctl-to-helm","path":"/service-bridge/1.6.x/setup/migrate-tctl-to-helm","sidebar":"defaultSidebar"},{"id":"setup/remote-registry","path":"/service-bridge/1.6.x/setup/remote-registry","sidebar":"defaultSidebar"},{"id":"setup/requirements-and-download","path":"/service-bridge/1.6.x/setup/requirements-and-download","sidebar":"defaultSidebar"},{"id":"setup/resource-planning","path":"/service-bridge/1.6.x/setup/resource-planning","sidebar":"defaultSidebar"},{"id":"setup/self-managed/demo-installation","path":"/service-bridge/1.6.x/setup/self-managed/demo-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/management-plane-installation","path":"/service-bridge/1.6.x/setup/self-managed/management-plane-installation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/onboarding-clusters","path":"/service-bridge/1.6.x/setup/self-managed/onboarding-clusters","sidebar":"defaultSidebar"},{"id":"setup/self-managed/toc","path":"/service-bridge/1.6.x/setup/self-managed/","sidebar":"defaultSidebar"},{"id":"setup/self-managed/uninstallation","path":"/service-bridge/1.6.x/setup/self-managed/uninstallation","sidebar":"defaultSidebar"},{"id":"setup/self-managed/upgrade","path":"/service-bridge/1.6.x/setup/self-managed/upgrade","sidebar":"defaultSidebar"},{"id":"setup/self-managed/zipkin-cleanup","path":"/service-bridge/1.6.x/setup/self-managed/zipkin-cleanup","sidebar":"defaultSidebar"},{"id":"setup/tctl-connect","path":"/service-bridge/1.6.x/setup/tctl-connect","sidebar":"defaultSidebar"},{"id":"setup/upgrades/cni-upgrade","path":"/service-bridge/1.6.x/setup/upgrades/cni-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/gateway-upgrade","path":"/service-bridge/1.6.x/setup/upgrades/gateway-upgrade","sidebar":"defaultSidebar"},{"id":"setup/upgrades/non-revisioned-to-revisioned","path":"/service-bridge/1.6.x/setup/upgrades/non-revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/upgrades/revisioned-to-revisioned","path":"/service-bridge/1.6.x/setup/upgrades/revisioned-to-revisioned","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/ecs-workloads","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/ecs-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/managing","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/managing","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/on-premise-workloads","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/on-premise-workloads","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/overview","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/overview","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/setup","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/setup","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/toc","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/guides/troubleshooting","path":"/service-bridge/1.6.x/setup/workload-onboarding/guides/troubleshooting","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/onboarding-vms","path":"/service-bridge/1.6.x/setup/workload-onboarding/onboarding-vms","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/bookinfo","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-vm","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ec2/toc","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/aws-ecs/toc","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-vm","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/onboard-vm","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","sidebar":"defaultSidebar"},{"id":"setup/workload-onboarding/quickstart/on-premise/toc","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/","sidebar":"defaultSidebar"},{"id":"troubleshooting/cluster-onboarding","path":"/service-bridge/1.6.x/troubleshooting/cluster-onboarding","sidebar":"defaultSidebar"},{"id":"troubleshooting/configuration-status","path":"/service-bridge/1.6.x/troubleshooting/configuration-status","sidebar":"defaultSidebar"},{"id":"troubleshooting/debug-container","path":"/service-bridge/1.6.x/troubleshooting/debug-container","sidebar":"defaultSidebar"},{"id":"troubleshooting/gateway-troubleshooting","path":"/service-bridge/1.6.x/troubleshooting/gateway-troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/identify-underperforming-services","path":"/service-bridge/1.6.x/troubleshooting/identify-underperforming-services","sidebar":"defaultSidebar"},{"id":"troubleshooting/Maximum-header-size-exceed","path":"/service-bridge/1.6.x/troubleshooting/Maximum-header-size-exceed","sidebar":"defaultSidebar"},{"id":"troubleshooting/Multiple-Transfer-encoding-chunked","path":"/service-bridge/1.6.x/troubleshooting/Multiple-Transfer-encoding-chunked","sidebar":"defaultSidebar"},{"id":"troubleshooting/troubleshooting","path":"/service-bridge/1.6.x/troubleshooting/troubleshooting","sidebar":"defaultSidebar"},{"id":"troubleshooting/tsb-ui-metrics","path":"/service-bridge/1.6.x/troubleshooting/tsb-ui-metrics","sidebar":"defaultSidebar"},{"id":"wokingwithsupport/workingWithTetrateSupport","path":"/service-bridge/1.6.x/wokingwithsupport/workingWithTetrateSupport","sidebar":"defaultSidebar"},{"id":"/setup","path":"/service-bridge/1.6.x/setup","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding","path":"/service-bridge/1.6.x/setup/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/setup/workload-onboarding/quickstart","path":"/service-bridge/1.6.x/setup/workload-onboarding/quickstart","sidebar":"defaultSidebar"},{"id":"/setup/aws","path":"/service-bridge/1.6.x/setup/aws","sidebar":"defaultSidebar"},{"id":"/setup/certificate","path":"/service-bridge/1.6.x/setup/certificate","sidebar":"defaultSidebar"},{"id":"/setup/upgrades","path":"/service-bridge/1.6.x/setup/upgrades","sidebar":"defaultSidebar"},{"id":"/quickstart","path":"/service-bridge/1.6.x/quickstart","sidebar":"defaultSidebar"},{"id":"/howto","path":"/service-bridge/1.6.x/howto","sidebar":"defaultSidebar"},{"id":"/howto/traffic","path":"/service-bridge/1.6.x/howto/traffic","sidebar":"defaultSidebar"},{"id":"/howto/gateway","path":"/service-bridge/1.6.x/howto/gateway","sidebar":"defaultSidebar"},{"id":"/howto/gitops","path":"/service-bridge/1.6.x/howto/gitops","sidebar":"defaultSidebar"},{"id":"/howto/wasm","path":"/service-bridge/1.6.x/howto/wasm","sidebar":"defaultSidebar"},{"id":"/operations","path":"/service-bridge/1.6.x/operations","sidebar":"defaultSidebar"},{"id":"/operations/features","path":"/service-bridge/1.6.x/operations/features","sidebar":"defaultSidebar"},{"id":"/operations/users","path":"/service-bridge/1.6.x/operations/users","sidebar":"defaultSidebar"},{"id":"/operations/telemetry","path":"/service-bridge/1.6.x/operations/telemetry","sidebar":"defaultSidebar"},{"id":"/operations/elasticsearch","path":"/service-bridge/1.6.x/operations/elasticsearch","sidebar":"defaultSidebar"},{"id":"/operations/vault","path":"/service-bridge/1.6.x/operations/vault","sidebar":"defaultSidebar"},{"id":"/design-guides/dr-mp","path":"/service-bridge/1.6.x/design-guides/dr-mp","sidebar":"defaultSidebar"},{"id":"/troubleshooting","path":"/service-bridge/1.6.x/troubleshooting","sidebar":"defaultSidebar"},{"id":"/reference","path":"/service-bridge/1.6.x/reference","sidebar":"defaultSidebar"},{"id":"/reference/operators","path":"/service-bridge/1.6.x/reference/operators","sidebar":"defaultSidebar"},{"id":"/refs/install","path":"/service-bridge/1.6.x/refs/install","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding","path":"/service-bridge/1.6.x/reference/workload-onboarding","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-agent","path":"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-agent","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-authorization","path":"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-authorization","sidebar":"defaultSidebar"},{"id":"/reference/workload-onboarding/onboarding-runtime","path":"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-runtime","sidebar":"defaultSidebar"},{"id":"/reference/cli","path":"/service-bridge/1.6.x/reference/cli","sidebar":"defaultSidebar"},{"id":"/reference/cli/guide/toc","path":"/service-bridge/1.6.x/reference/cli/guide/toc","sidebar":"defaultSidebar"},{"id":"/reference/cli/reference","path":"/service-bridge/1.6.x/reference/cli/reference","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api","path":"/service-bridge/1.6.x/reference/grpc-api","sidebar":"defaultSidebar"},{"id":"/reference/grpc-api/reference","path":"/service-bridge/1.6.x/reference/grpc-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/application/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/extension/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/q/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/q/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/registry/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/security/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/grpc","path":"/service-bridge/1.6.x/refs/tsb/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/iam/v2/grpc","path":"/service-bridge/1.6.x/refs/iam/v2/grpc","sidebar":"defaultSidebar"},{"id":"refs/audit/v1/grpc","path":"/service-bridge/1.6.x/refs/audit/v1/grpc","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api","path":"/service-bridge/1.6.x/reference/yaml-api","sidebar":"defaultSidebar"},{"id":"/reference/yaml-api/reference","path":"/service-bridge/1.6.x/reference/yaml-api/reference","sidebar":"defaultSidebar"},{"id":"refs/tsb/application/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/application/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/auth/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/auth/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/extension/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/extension/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/gateway/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/gateway/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/istiointernal/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/observability/telemetry/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/rbac/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/rbac/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/registry/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/registry/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/security/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/security/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/traffic/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/traffic/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/types/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/types/v2/yaml","sidebar":"defaultSidebar"},{"id":"refs/tsb/v2/yaml","path":"/service-bridge/1.6.x/refs/tsb/v2/yaml","sidebar":"defaultSidebar"},{"id":"/reference/k8s-api","path":"/service-bridge/1.6.x/reference/k8s-api","sidebar":"defaultSidebar"},{"id":"/reference/samples","path":"/service-bridge/1.6.x/reference/samples","sidebar":"defaultSidebar"},{"id":"/knowledge-base","path":"/service-bridge/1.6.x/knowledge-base","sidebar":"defaultSidebar"},{"id":"/category/working-with-tetrate-customer-support","path":"/service-bridge/1.6.x/category/working-with-tetrate-customer-support","sidebar":"defaultSidebar"}],"draftIds":[],"sidebars":{"defaultSidebar":{"link":{"path":"/service-bridge/1.6.x/","label":"index"}}}}],"breadcrumbs":true}},"docusaurus-plugin-google-tag-manager":{"default":{"containerId":"GTM-NHGMJLN","id":"default"}},"docusaurus-plugin-redoc":{"next":{"url":"service-bridge/generated/openapi/next/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"next"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards":{"get":{"tags":["DashboardService"],"summary":"Return the list of available dashboards, alongside their descriptions.\\nDashboards are identified by their names, which can be used to download them.","operationId":"DashboardService_ListDashboards","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v1ListDashboardsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards/{name}":{"get":{"tags":["DashboardService"],"summary":"Download a Grafana dashboard in JSON format by providing the dashboard\'s name.\\nThe downloaded dashboard is intended to be uploaded to a Grafana instance. Platform\\noperators can use each dashboard to monitor specific components of the TSB platform.","operationId":"DashboardService_DownloadDashboard","parameters":[{"description":"The name of the dashboard to download.","name":"name","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/tsbv2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding":{"get":{"tags":["Clusters"],"summary":"List the cluster onboarding configurations for a given cluster.","operationId":"Clusters_ListClusterOnboardingConfigs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClusterOnboardingConfigsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Clusters"],"summary":"Create the cluster onboarding configuration for a cluster.\\nOnly one onboarding configuration can be created for a cluster. This configuration is used to\\ndefine the desired state of the namespaces of the cluster.\\nThese namespaces with state DESIRED_ONBOARDED will be added to the onboarding tenant and onboarding\\nworkspace, so they can be managed by the management plane.\\nThe onboarding tenant and workspace are created automatically if they do not exist.","operationId":"Clusters_CreateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create the cluster onboarding configuration for a cluster.","type":"object","required":["name","config"],"properties":{"config":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"name":{"description":"The short name for the cluster onboarding config to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/status":{"get":{"tags":["Clusters"],"summary":"Get the onboarding status for a cluster.","operationId":"Clusters_GetClusterOnboardingStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/{onboardin}":{"get":{"tags":["Clusters"],"summary":"Get the cluster onboarding configuration for a cluster.","operationId":"Clusters_GetClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Update the cluster onboarding configuration for a cluster.","operationId":"Clusters_UpdateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Delete the cluster onboarding configuration for a cluster.","operationId":"Clusters_DeleteClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"}},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/registryv2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/tsbapplicationv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile2","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus2","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis":{"get":{"tags":["Workspaces"],"summary":"List all API objects in the workspace.","operationId":"Workspaces_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create an API object in the workspace.","operationId":"Workspaces_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/apitsbv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis/{api}":{"get":{"tags":["Workspaces"],"summary":"Get the details of the given API object.","operationId":"Workspaces_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given API object.","operationId":"Workspaces_UpdateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given API object.","operationId":"Workspaces_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/installgateways":{"get":{"tags":["Gateways"],"summary":"List all Install Gateway objects in the gateway group.","operationId":"Gateways_ListInstallGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListInstallGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Install Gateway object in the gateway group.","operationId":"Gateways_CreateInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an InstallGateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/installgateways/{installgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Install Gateway object.","operationId":"Gateways_GetInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Install Gateway object.","operationId":"Gateways_UpdateInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"GatewaySpec defines the desired installed state of a single\\ngateway for a given namespace in Service Bridge. Specifying a minimal\\nGatewaySpec with a hub will create a default gateway with sensible\\nvalues.\\n\\n","type":"object","properties":{"concurrency":{"description":"Number of Envoy worker threads to run. By default it will be set\\nautomatically based on the gateway\'s CPU resource limits.\\n\\nSet to `-1` to use the legacy behavior of all cores on the machine.","type":"integer","format":"int32"},"connectionDrainDuration":{"description":"The amount of time the gateway will wait on shutdown for connections to\\ncomplete before terminating the gateway. During this drain period, no new\\nconnections can be created but existing ones are allowed complete.","type":"string"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"type":"string","title":"Specifies the istio revision to reconcile with.\\nIf specified, TSB control plane operator will reconcile this gateway only\\nif operator\'s revision matches with it. TSB data plane operator, which\\nwould be running only when TSB control plane operator is not configured a\\nrevision, will ignore revision field and will reconcile gateway as usual.\\nInternally, this revision will guide to pick matching istio control plane\\nfor the gateway deployment\\nhttps://istio.io/latest/docs/setup/upgrade/canary/"},"targetCluster":{"description":"Cluster where the gateway will be deployed.","type":"string"},"targetNamespace":{"description":"Namespace where the gateway will be deployed.","type":"string"},"type":{"$ref":"#/components/schemas/v1alpha1GatewaySpecType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Install Gateway object.","operationId":"Gateways_DeleteInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/gatewayv2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile3","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus3","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings":{"get":{"tags":["Traffic"],"summary":"List all service traffic settings objects that have been attached to the traffic group.","operationId":"Traffic_ListServiceTrafficSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a service traffic settings object in the traffic group.","operationId":"Traffic_CreateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Traffic Setting.","type":"object","required":["name","serviceSetting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceSetting":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings/{servicesetting}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service traffic settings object.","operationId":"Traffic_GetServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given service traffic settings object.","operationId":"Traffic_UpdateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service traffic settings from the group.","operationId":"Traffic_DeleteServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Create a local User in TSB.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Modify an existing local user.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Delete an existing user.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}/kubernetes":{"get":{"tags":["RBAC"],"summary":"Get the Kubernetes ClusterRole associated with the given TSB Role.\\nReturns the ClusterRole formatted as a JSON or YAML depending on the Accept header: application/json or application/yaml.\\nIf no Accept header is provided, the response will be in YAML format.","operationId":"RBAC_GetRoleK8sMapping","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"SidecarConfigurationService"},{"name":"SidecarInfoService"},{"name":"OnboardingAuthorizationService"},{"name":"OnboardingPlaneDiscoveryService"},{"name":"WorkloadRegistrationService"},{"name":"AgentSessionService"},{"name":"Applications"},{"name":"DashboardService"},{"name":"ProxyDiagnosticService"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Profiles"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/qv2Metadata"},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Profiles_CurrentImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"resource":{"description":"Resource fqn to analyze its attached profiles impact.","type":"string"}}}}},"required":true},"ProxyDiagnosticService_SetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request to change effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"allLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestAllLoggers"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"givenLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestGivenLoggers"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"Profiles_CurrentImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"profile":{"description":"Profile fqn to analyze the impact.","type":"string"}}}}},"required":true},"Profiles_CreateProfileBody":{"content":{"application/json":{"schema":{"description":"Request to create a profile belonging to a given resource.","type":"object","required":["name","profile"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"profile":{"$ref":"#/components/schemas/v2Profile"}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true},"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"ProxyDiagnosticService_GetClusterStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the cluster stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetConfigDumpBody":{"content":{"application/json":{"schema":{"description":"Request for a config dump from a workload (Istio Proxy).","type":"object","required":["cluster","workload"],"properties":{"all":{"$ref":"#/components/schemas/v2GetConfigDumpRequestAll"},"bootstrap":{"$ref":"#/components/schemas/GetConfigDumpRequestBootstrap"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"clusters":{"$ref":"#/components/schemas/GetConfigDumpRequestClusters"},"ecds":{"$ref":"#/components/schemas/GetConfigDumpRequestEcds"},"endpoints":{"$ref":"#/components/schemas/v2GetConfigDumpRequestEndpoints"},"listeners":{"$ref":"#/components/schemas/GetConfigDumpRequestListeners"},"routes":{"$ref":"#/components/schemas/GetConfigDumpRequestRoutes"},"secrets":{"$ref":"#/components/schemas/v2GetConfigDumpRequestSecrets"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request for effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetServerStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the server stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_StreamLogsBody":{"content":{"application/json":{"schema":{"description":"Request to stream logs of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster to execute the diagnostic task in.","type":"string"},"follow":{"description":"Follow the log stream of the pod. Defaults to false.","type":"boolean"},"previous":{"description":"Return logs of the previous terminated container instead of the logs of the current container.\\nDefaults to false.","type":"boolean"},"sinceSeconds":{"description":"A relative time in seconds before the current time from which to show logs. If this value\\nprecedes the time a pod was started, only logs since the pod start will be returned.\\nIf this value is in the future, no logs will be returned.","type":"string","format":"int64"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_ListWorkloadsBody":{"content":{"application/json":{"schema":{"description":"Request to retrieve the workload names on which the diagnostic tools can be run.\\nThe returned workloads are belonging to the resource specified by the `fqn` field \\nand are running in the cluster specified by the `cluster` field.","type":"object","required":["cluster"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"filter":{"$ref":"#/components/schemas/ListWorkloadsRequestFilter"},"pageSize":{"description":"Optional. The maximum number of Workloads to return.\\nThe service may return fewer than this value.\\nRely on the `next_page_token` response field to determine if there are more workloads\\nto be retrieved.\\nIf unspecified, at most 50 Workloads will be returned.\\nThe maximum value is 1000; values above 1000 will be coerced to 1000.","type":"integer","format":"int32"},"pageToken":{"description":"Optional. A page token, received from a previous `ListWorkloadsRequest` call.\\nProvide this to retrieve the subsequent page.\\n\\nWhen paginating, all other parameters provided to `ListWorkloadsRequest` must\\nmatch the call that provided the page token.","type":"string"}}}}},"required":true},"Profiles_ImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"description":"Request to analyze the impact of modifying the attached profiles of a resource.","type":"object","title":"Request to analyze the impact of modifying the attached profiles of a resource.","properties":{"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"}}}},"modifyProfile":{"$ref":"#/components/schemas/v2ModifyProfile"}}}}},"required":true},"Profiles_UpdateProfileBody":{"content":{"application/json":{"schema":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}}}},"required":true},"Profiles_ImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","required":["profile"],"properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"$ref":"#/components/schemas/v2ModifyAttachedProfiles"},"modifyProfile":{"description":"Request to analyze the impact of modifying an existing profile.","type":"object","title":"Request to analyze the impact of modifying an existing profile.","properties":{"profile":{"$ref":"#/components/schemas/v2Profile"}}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterOnboardingConfigNamespaceConfig":{"description":"Configuration for a namespace.","type":"object","required":["name"],"properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"}}},"ClusterStateIstioRevision":{"description":"IstioRevision represents the Istio revisions in the ControlPlane Cluster.","type":"object","properties":{"revision":{"type":"string","title":"Istio revision found in the cluster","x-order":0},"version":{"description":"Istio version found in the cluster.","type":"string","x-order":1},"distribution":{"$ref":"#/components/schemas/IstioRevisionDistribution"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ConsistentHashLBMagLev":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nIt can be used as a drop in replacement for `RingHash`. It has higher speed than RingHash with faster hash table lookups.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#maglev","required":["tableSize"],"properties":{"tableSize":{"description":"The table size for Maglev hashing. This helps in controlling the\\ndisruption when the backend hosts change.\\nIncreasing the table size reduces the amount of disruption.","type":"integer","format":"int64","x-order":0}}},"ConsistentHashLBRingHash":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nEach upstream host is mapped onto a circle (ring) by hashing its address, each request is then\\nrouted using some hash property of the request.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#ring-hash","properties":{"minimumRingSize":{"description":"The minimum number of virtual nodes to use for the hash\\nring. Defaults to 1024. Larger ring sizes result in more granular\\nload distributions. If the number of hosts in the load balancing\\npool is larger than the ring size, each host will be assigned a\\nsingle virtual node.","type":"integer","format":"int64","x-order":0}}},"DownstreamResilienceSettingsMeshTimeout":{"description":"Connection and Stream timeout settings for the mesh.\\nThese apply to the inbound connections at the Sidecars\\nand Gateways.","type":"object","properties":{"maxConnectionDuration":{"description":"This specifies the duration of time after which\\na downstream and upstream connection will be drained\\nand/or closed, starting from when it was first\\nestablished. If there are no active streams,\\nthe connection will be closed. If there are any active\\nstreams, the drain sequence will kick-in, and the connection\\nwill be force-closed after the drain period. The default\\nvalue of max connection duration is 0 or unlimited,\\nwhich means that the connections will never be closed\\ndue to aging. This setting applies to the entire HTTP connection\\nand all streams (HTTP/2 and HTTP/3) the connection carries.","type":"string","x-order":0},"maxStreamDuration":{"description":"The max stream duration is the maximum time that a stream\u2019s\\nlifetime will span.","type":"string","x-order":1},"maxDownstreamConnectionDuration":{"description":"The maximum duration of a TCP connection. The duration is defined\\nas the period since a connection was established. If not set,\\nthere is no max duration. When max_downstream_connection_duration\\nis reached the connection will be closed. This can be used\\nalongside with `max_connection_duration`.","type":"string","x-order":2},"proxyType":{"$ref":"#/components/schemas/v2ProxyType"}}},"EgressAuthorizationSettingsHostDetails":{"description":"List of external hosts details.","type":"object","required":["host"],"properties":{"host":{"$ref":"#/components/schemas/v2StringMatch"},"paths":{"description":"The request paths allowed for access, e.g., [\\"/accounts\\", \\"/info*\\", \\"/user/profile/*\\"].\\nExact and prefix-based regular matches are supported.\\nIf not set, any path is allowed.","type":"array","items":{"type":"string"},"x-order":1},"methods":{"description":"The HTTP methods allowed by this rule, e.g., [\\"GET\\", \\"HEAD\\"].\\nIf not set, any method is allowed.","type":"array","items":{"type":"string"},"x-order":2}}},"FailoverSettingsTopologyChoice":{"description":"TopologyChoice specifies the topology preference for traffic priority.\\n\\n - NONE: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - CLUSTER: Prefer traffic to stay in the cluster as much as possible.\\n - LOCALITY: Prefer traffic to stay in the region/zone/subzone as much as possible irrespective of the cluster.","type":"string","default":"NONE","enum":["NONE","CLUSTER","LOCALITY"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"GetClusterStatsRequestClusterStatsFormat":{"description":"Format of the cluster stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.","type":"string","default":"JSON","enum":["JSON","TEXT"]},"GetConfigDumpRequestBootstrap":{"description":"Dump bootstrap configuration.","type":"object"},"GetConfigDumpRequestClusters":{"description":"Dump cluster configuration.","type":"object"},"GetConfigDumpRequestEcds":{"description":"Dump typed extension configuration.","type":"object"},"GetConfigDumpRequestListeners":{"description":"Dump listener configuration.","type":"object"},"GetConfigDumpRequestRoutes":{"description":"Dump route configuration.","type":"object"},"GetServerStatsRequestServerStatsFormat":{"description":"Format of the server stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.\\n - PROMETHEUS: Prometheus format.","type":"string","default":"JSON","enum":["JSON","TEXT","PROMETHEUS"]},"GitOpsPushMode":{"description":"Push mode for GitOps component. Default: SYNC.\\n\\n - SYNC: In SYNC mode TSB K8s resources are validated and pushed to Management Plane synchronously,\\nblocking on resource creation until the resource is created successfully in the Management Plane.\\nThis is the default mode.\\n - ASYNC: In ASYNC mode TSB K8s resources are pushed to Management Plane asynchronously, without blocking on resource creation.\\nTo know if the resource was created successfully, check its K8s status.","type":"string","default":"SYNC","enum":["SYNC","ASYNC"]},"HTTPDirectResponseHTTPBody":{"description":"Specifies the content of the response body.","type":"object","properties":{"string":{"type":"string","title":"response body as a string","x-order":0},"bytes":{"description":"response body as base64 encoded bytes.","type":"string","format":"byte","x-order":1}}},"HTTPFaultInjectionAbort":{"description":"Abort specification is used to prematurely abort a request with a\\npre-specified error code.\\nThe _httpStatus_ field is used to indicate the HTTP status code to\\nreturn to the caller. The optional _percentage_ field can be used to only\\nabort a certain percentage of requests. If not specified, no request will be\\naborted.","type":"object","properties":{"percentage":{"description":"Percentage of requests to be aborted with the error code provided.\\nIf not specified, no request will be aborted.","type":"number","format":"double","x-order":0},"httpStatus":{"description":"HTTP status code to use to abort the HTTP request.","type":"integer","format":"int32","x-order":1},"grpcStatus":{"type":"string","title":"GRPC status code to use to abort the request. The supported\\ncodes are documented in https://github.com/grpc/grpc/blob/master/doc/statuscodes.md","x-order":2}}},"HTTPFaultInjectionDelay":{"description":"Delay specification is used to inject latency into the request\\nforwarding path.\\n\\nThe _fixedDelay_ field is used to indicate the amount of delay in seconds.\\nThe optional _percentage_ field can be used to only delay a certain\\npercentage of requests. If left unspecified, no request will be delayed.","type":"object","properties":{"percentage":{"description":"Percentage of requests on which the delay will be injected.\\nIf left unspecified, no request will be delayed.","type":"number","format":"double","x-order":0},"fixedDelay":{"description":"Add a fixed delay before forwarding the request. Format:\\n1h/1m/1s/1ms. MUST be &gt;=1ms.","type":"string","x-order":1}}},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"HostManagementRepository":{"description":"Configure `Tetrate Host Management Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"ImpactImpactType":{"description":"Enum representing the different types of impact a profile can have on a field.\\n\\n - UNKNOWN: The impact type is unknown or unspecified.\\n - EFFECTIVE: The profile is effective on the field, meaning the profile directly sets\\nthe field\'s value.\\n - OVERRIDE: The field\'s value is overridden by another profile or configuration, but was\\npreviously set by the profile being analyzed.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","EFFECTIVE","OVERRIDE"]},"ImpactSourceType":{"description":"The type of the impact source.\\n\\n - INVALID: The impact source is unknown or unspecified.\\n - DEFAULT: The impact source is a profile default.\\n - MANDATE: The impact source is a profile mandate.\\n - SETTINGS: The impact source is configuration setting.","type":"string","default":"INVALID","enum":["INVALID","DEFAULT","MANDATE","SETTINGS"]},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"IstioAmbient":{"type":"object","title":"Ambient-related configuration","properties":{"enable":{"type":"boolean","title":"Enable or disable Ambient mode","x-order":0},"waypoints":{"$ref":"#/components/schemas/v1alpha1WaypointsConfig"}}},"IstioRevisionDistribution":{"description":"- UNKNOWN: Unknown Istio distribution\\n - TSB: TSB istio distribution\\n - TID: TID istio distribution","type":"string","title":"Type of distribution for the Istio version","default":"UNKNOWN","enum":["UNKNOWN","TSB","TID"]},"IstioStatusIstioInjection":{"description":"Istio injection status for the namespace.\\n\\n - ISTIO_INJECTION_UNDEFINED: The TSB CP is not able to determine the Istio injection status of the namespace.\\n - ISTIO_INJECTION_ENABLED: The namespace is configured with Istio injection.\\n - ISTIO_INJECTION_DISABLED: The namespace is not configured with Istio injection.","type":"string","default":"ISTIO_INJECTION_UNDEFINED","enum":["ISTIO_INJECTION_UNDEFINED","ISTIO_INJECTION_ENABLED","ISTIO_INJECTION_DISABLED"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"ListWorkloadsRequestFilter":{"description":"Workloads filter.","type":"object","properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"serviceName":{"description":"Name of a Service.","type":"string","x-order":1}}},"LoadBalancerSettingsConsistentHashLB":{"description":"Consistent Hash-based load balancing can be used to provide soft\\nsession affinity based on HTTP headers, cookies or other\\nproperties. The affinity to a particular destination host may be\\nlost when one or more hosts are added/removed from the destination\\nservice.\\n\\nNote: consistent hashing is less reliable at maintaining affinity than common\\n\\"sticky sessions\\" implementations, which often encode a specific destination in\\na cookie, ensuring affinity is maintained as long as the backend remains.\\nWith consistent hash, the guarantees are weaker; any host addition or removal can\\nbreak affinity for `1/backends` requests.\\n\\nWarning: consistent hashing depends on each proxy having a consistent view of endpoints.\\nThis is not the case when locality load balancing is enabled. Locality load balancing\\nand consistent hash will only work together when all proxies are in the same locality,\\nor a high level load balancer handles locality affinity.","type":"object","properties":{"httpHeaderName":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"httpCookie":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLBHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.\\nThis is applicable for both TCP and HTTP connections.","type":"boolean","x-order":2},"httpQueryParameterName":{"description":"Hash based on a specific HTTP query parameter.","type":"string","x-order":3},"ringHash":{"$ref":"#/components/schemas/ConsistentHashLBRingHash"},"maglev":{"$ref":"#/components/schemas/ConsistentHashLBMagLev"}}},"LoadBalancerSettingsConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"LoadBalancerSettingsSimpleLB":{"description":"Standard load balancing algorithms that require no tuning.\\n\\n - UNSPECIFIED: No load balancing algorithm has been specified by the user.\\nAn appropriate default will be used.\\n - RANDOM: The random load balancer selects a random healthy host. The random\\nload balancer generally performs better than round robin if no health\\nchecking policy is configured.\\n - PASSTHROUGH: This option will forward the connection to the original IP address\\nrequested by the caller without doing any form of load\\nbalancing. This option must be used with care. It is meant for\\nadvanced use cases. Refer to Original Destination load balancer in\\nEnvoy for further details.\\n - ROUND_ROBIN: A basic round robin load balancing policy. This is generally unsafe\\nfor many scenarios (e.g. when enpoint weighting is used) as it can\\noverburden endpoints. In general, prefer to use LEAST_REQUEST as a\\ndrop-in replacement for ROUND_ROBIN.\\n - LEAST_REQUEST: The least request load balancer spreads load across endpoints, favoring\\nendpoints with the least outstanding requests. This is generally safer\\nand outperforms ROUND_ROBIN in nearly all cases. Prefer to use\\nLEAST_REQUEST as a drop-in replacement for ROUND_ROBIN.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","RANDOM","PASSTHROUGH","ROUND_ROBIN","LEAST_REQUEST"]},"MeshExpansionSettingsHostManagement":{"description":"EXPERIMENTAL: Settings for the `Tetrate Host Management` component.","type":"object","required":["endpoint"],"properties":{"enabled":{"description":"To install the component,  set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementEndpoint"},"plane":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementPlane"},"repository":{"$ref":"#/components/schemas/HostManagementRepository"},"agent":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementAgent"}}},"MeshExpansionSettingsHostManagementAgent":{"description":"Settings for the `Tetrate Host Management Agent`.","type":"object","properties":{"version":{"description":"Version of the `Tetrate Host Management Agent` to use.\\n\\nDefaults to the version of the `Tetrate Host Management Agent` included into a given TSB release.","type":"string","x-order":0}}},"MeshExpansionSettingsHostManagementEndpoint":{"description":"Configuration of the endpoint exposing `Host Management API` to\\n`Host Management Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.\\n\\nThe secret can be either a TLS secret or a generic one.\\nKeys `tls.crt` and `tls.key` are mandatory.\\nAdditionally, the secret may also have a `ca.crt` key to provide\\nthe certificate of a custom CA that issued given TLS cert.","type":"string","x-order":1},"hasNoDnsRecord":{"description":"To configure `Agents` to connect to the `Host Management Endpoint`\\nusing an address of the k8s Service rather than host name, set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":2}}},"MeshExpansionSettingsHostManagementPlane":{"description":"Configure `Tetrate Host Management Plane` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\n\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"MeshExpansionSettingsOnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer"}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"MeshExpansionSettingsServiceObservability":{"description":"EXPERIMENTAL: Settings for the `Tetrate Service Observability` component.","type":"object","properties":{"enabled":{"description":"To install the component,  set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":0},"agent":{"$ref":"#/components/schemas/MeshExpansionSettingsServiceObservabilityAgent"},"serviceDiscovery":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscovery"},"domains":{"description":"List of domains to consider when discovering services.\\nServices outside of domains specified here will NOT be added to the registry of services known to TSB\\nand will NOT appear on TSB UI.\\n\\nEmpty list means that discovered services may belong to any domain.\\n\\nDefaults to an empty list.","type":"array","items":{"type":"string"},"x-order":3}}},"MeshExpansionSettingsServiceObservabilityAgent":{"description":"Settings for the `SPM Agent`.","type":"object","properties":{"version":{"description":"Version of the `SPM Agent` to use.\\n\\nDefaults to the version of the `SPM Agent` included into a given TSB release.","type":"string","x-order":0}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OpenAPIValidation":{"description":"Validation options for the OpenAPI document.","type":"object","properties":{"enabled":{"description":"If set to true, the OpenAPI document is enabled for validation.\\nDefaults to false.","type":"boolean","x-order":0},"pathPrefix":{"description":"Prefix to add to the paths in the OpenAPI doc before matching against incoming requests.","type":"string","x-order":1}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1},"scopedAt":{"description":"The list of parent types where the defined kinds will be scoped under.\\nIf omitted, no scope limitation is applied.","type":"array","items":{"$ref":"#/components/schemas/v2RoleScopeType"},"x-order":2}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/ServiceMetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServiceMetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"ServiceObservabilityServiceDiscovery":{"description":"Configure `Tetrate Service Discovery` component.","type":"object","properties":{"plane":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscoveryPlane"},"agent":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscoveryAgent"}}},"ServiceObservabilityServiceDiscoveryAgent":{"description":"Settings for the `Tetrate Service Discovery Agent`.","type":"object","properties":{"version":{"description":"Version of the `Tetrate Service Discovery Agent` to use.\\n\\nDefaults to the version of the `Tetrate Service Discovery Agent` included into a given TSB release.","type":"string","x-order":0}}},"ServiceObservabilityServiceDiscoveryPlane":{"description":"Configure `Tetrate Service Discovery Plane` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\n\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/ServiceRouteStickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteStickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SetLoggerLevelsRequestAllLoggers":{"description":"Desired level for all loggers.","type":"object","required":["level"],"properties":{"level":{"description":"Desired level for all loggers.","type":"string","x-order":0}}},"SetLoggerLevelsRequestGivenLoggers":{"description":"Desired levels for given loggers.\\nAvailable log levels are: trace, debug, info, warning/warn, error, critical, off.\\nExamples: {\\"config\\": \\"trace\\", \\"grpc\\": \\"debug\\", \\"http\\": \\"debug\\", \\"http2\\": \\"debug\\"}\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#post--logging\\nfor more details about loggers\' naming.","type":"object","required":["loggerLevels"],"properties":{"loggerLevels":{"description":"Desired levels for given loggers.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"UpstreamResilienceSettingsConnectionPoolSettingsHTTP":{"description":"HTTP Settings for outbound requests.","type":"object","properties":{"requestTimeout":{"description":"Timeout for HTTP requests. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Disabled if not set.","type":"string","x-order":0},"retries":{"$ref":"#/components/schemas/v2HTTPRetry"},"maxRequests":{"description":"Maximum number of active requests to the service.\\nApplicable to both HTTP/1.1 and HTTP2.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":2},"maxRequestsPerConnection":{"description":"Maximum number of requests per connection to the service.\\nIf set to 1, it disables keep alive. Default 0, meaning \\"unlimited\\", up to 2^29.","type":"integer","format":"int64","x-order":3}}},"UpstreamResilienceSettingsOutlierDetection":{"description":"Outlier detection settings for the upstream host.","type":"object","properties":{"consecutiveGatewayFailure":{"description":"The number of consecutive gateway failures (502, 503, 504 status codes)\\nbefore a consecutive gateway failure ejection occurs. Defaults to circuitBreakerSensitivity\\nof MEDIUM(5) in TSB.","type":"integer","format":"int64","x-order":0},"enforcingConsecutiveGatewayFailure":{"description":"The percentage of a host to be ejected when an outlier status\\nis detected through consecutive gateway failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100 in TSB.","type":"integer","format":"int64","x-order":1},"consecutive5xx":{"description":"The number of consecutive server-side error responses (for HTTP traffic,\\n5xx responses; for TCP traffic, connection failures; for Redis, failure to\\nrespond PONG; etc.) before a consecutive 5xx ejection occurs. Defaults to 5.","type":"integer","format":"int64","x-order":2},"enforcingConsecutive5xx":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive 5xx. This setting can be used to disable\\nejection or to ramp it up slowly. Defaults to 0 in TSB.","type":"integer","format":"int64","x-order":3},"splitExternalLocalOriginErrors":{"description":"Determines whether to distinguish local origin failures from external errors.\\nLocal Origin Failures are errors that occur within the Envoy process itself, \\nbefore the request is actually sent to the upstream host.\\nexample of these are connection timeout, TCP reset etc.\\nExternal errors are errors that occur after the request is sent to the upstream host.\\nexample of these are 5xx errors, connection refused etc.\\nIf set to true, consecutiveLocalOriginFailure and enforcingConsecutiveLocalOriginFailure will be taken into account.\\nDefaults to false.\\n\\nThe number of consecutive locally originated failures before ejection\\n occurs. Defaults to 5. Parameter takes effect only when splitExternalLocalOriginErrors\\n is set to true.","type":"boolean","x-order":4},"consecutiveLocalOriginFailure":{"type":"integer","format":"int64","x-order":5},"enforcingConsecutiveLocalOriginFailure":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive locally originated failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100.\\nParameter takes effect only when splitExternalLocalOriginErrors is set to true.","type":"integer","format":"int64","x-order":6},"interval":{"description":"The time interval between ejection analysis sweeps. This can result in\\nboth new ejections as well as hosts being returned to service. Defaults\\nto 10000ms or 10s.","type":"string","x-order":7},"baseEjectionTime":{"description":"The base time that a host is ejected for. The real time is equal to the\\nbase time multiplied by the number of times the host has been ejected.\\nDefaults to 30000ms or 30s.","type":"string","x-order":8}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WaypointsConfigCommonWaypointConfig":{"description":"Common waypoint configuration shared at the cluster or namespace level.","type":"object","properties":{"enable":{"description":"Enable or disable default waypoint deployment (default is true)\\nThis configuration can be made at both the cluster level and also at namespace level.\\nCluster level configs will be applied in all the onboarded application namespaces which are\\nin the ambient mode and do not have namespace level configs.\\nExample, if user wants waypoint to be deployed in selected few namespaces, then user can disable\\nthe cluster level config and enable the namespace level config for those namespaces.\\nIf both cluster level and namespace level configs are enabled, then namespace level configs will take precedence.\\nIf both cluster level and namespace level configs are disabled, then waypoint will not be deployed in any of the namespaces.\\nIf cluster level config is enabled and namespace level config is not configured, then waypoint will be deployed in all\\nthe onboarded application namespaces which are in the ambient mode.","type":"boolean","x-order":0},"labels":{"type":"object","title":"Labels to apply to the waypoint","additionalProperties":{"type":"string"},"x-order":1},"annotations":{"type":"object","title":"Annotations to apply to the waypoint","additionalProperties":{"type":"string"},"x-order":2},"tolerations":{"type":"object","title":"Tolerations for the waypoint pod","additionalProperties":{"type":"string"},"x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"}}},"WaypointsConfigNamespaceLevelCommonConfig":{"description":"Namespace-level waypoint configuration, including a namespace selector and specific\\nwaypoint settings for that namespace.","type":"object","properties":{"name":{"type":"string","title":"Namespace name","x-order":0},"selector":{"$ref":"#/components/schemas/WaypointsConfigNamespaceLevelCommonConfigNamespaceSelector"},"config":{"$ref":"#/components/schemas/WaypointsConfigCommonWaypointConfig"}}},"WaypointsConfigNamespaceLevelCommonConfigNamespaceSelector":{"type":"object","properties":{"labels":{"type":"object","title":"Key-value pairs for selecting namespaces","additionalProperties":{"type":"string"},"x-order":0}}},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"apiHttpBody":{"description":"Message that represents an arbitrary HTTP body. It should only be used for\\npayload formats that can\'t be represented as JSON, such as raw binary or\\nan HTML page.\\n\\n\\nThis message can be used both in streaming and non-streaming API methods in\\nthe request as well as the response.\\n\\nIt can be used as a top-level request field, which is convenient if one\\nwants to extract parameters from either the URL or HTTP template into the\\nrequest fields and also want access to the raw HTTP body.\\n\\nExample:\\n\\n    message GetResourceRequest {\\n      // A unique request id.\\n      string request_id = 1;\\n\\n      // The raw HTTP body is bound to this field.\\n      google.api.HttpBody http_body = 2;\\n\\n    }\\n\\n    service ResourceService {\\n      rpc GetResource(GetResourceRequest)\\n        returns (google.api.HttpBody);\\n      rpc UpdateResource(google.api.HttpBody)\\n        returns (google.protobuf.Empty);\\n\\n    }\\n\\nExample with streaming methods:\\n\\n    service CaldavService {\\n      rpc GetCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n      rpc UpdateCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n\\n    }\\n\\nUse of this type only changes how the request and response bodies are\\nhandled, all other features will continue to work unchanged.","type":"object","properties":{"contentType":{"description":"The HTTP Content-Type header value specifying the content type of the body.","type":"string","x-order":0},"data":{"description":"The HTTP request/response body as raw binary.","type":"string","format":"byte","x-order":1},"extensions":{"description":"Application specific response metadata. Must be set in the first response\\nfor streaming APIs.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"apitsbv2API":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4}}},"apitsbv2ListAPIsResponse":{"description":"List of all API objects in the workspace.","type":"object","properties":{"apis":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2API"},"x-order":0}}},"apitsbv2ResourceStatus":{"description":"`ResourceStatus` provides the current status of any TSB resource.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"User friendly message adding details of the status.","type":"string","x-order":1},"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"aggregatedStatus":{"$ref":"#/components/schemas/v2AggregatedStatus"}}},"apitsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/apitsbv2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17},"state":{"$ref":"#/components/schemas/v2ServiceState"}}},"apitsbv2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Periodical interval at which the objects will be reconciled after they are successfully synchronized (created,\\nupdated, deleted) with the Management Plane.\\nThis parameter does not affect retry on unsuccessful operation which are retried with exponential backoff strategy\\n(staring with 3s and max delay 120s).\\nFormat: 1h/1m/1s/1ms. A value of 0 disables per-object reconciliation and uses the operator\'s global interval of 10h.\\nDefault: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5},"pushMode":{"$ref":"#/components/schemas/GitOpsPushMode"}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate.\\nTSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"},"tsbManaged":{"$ref":"#/components/schemas/commonTSBManaged"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonTSBManaged":{"description":"TSBManaged represents the self-signed TSB managed internal certificate provider.","type":"object"},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"commonv1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"controlplanev1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be\\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"controlplanev1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"corev3Address":{"description":"Addresses specify either a logical or physical address and port, which are\\nused to tell Envoy where to bind/listen, connect to upstream and find\\nmanagement servers.","type":"object","properties":{"socketAddress":{"$ref":"#/components/schemas/v3SocketAddress"},"pipe":{"$ref":"#/components/schemas/v3Pipe"},"envoyInternalAddress":{"$ref":"#/components/schemas/v3EnvoyInternalAddress"}}},"corev3Locality":{"description":"Identifies location of where either Envoy runs or where upstream hosts run.","type":"object","properties":{"region":{"description":"Region this :ref:`zone &lt;envoy_v3_api_field_config.core.v3.Locality.zone&gt;` belongs to.","type":"string","x-order":0},"zone":{"description":"Defines the local service zone where Envoy is running. Though optional, it\\nshould be set if discovery service routing is used and the discovery\\nservice exposes :ref:`zone data &lt;envoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality&gt;`,\\neither in this message or via :option:`--service-zone`. The meaning of zone\\nis context dependent, e.g. `Availability Zone (AZ)\\n&lt;https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html&gt;`_\\non AWS, `Zone &lt;https://cloud.google.com/compute/docs/regions-zones/&gt;`_ on\\nGCP, etc.","type":"string","x-order":1},"subZone":{"description":"When used for locality of upstream hosts, this field further splits zone\\ninto smaller chunks of sub-zones so they can be load balanced\\nindependently.","type":"string","x-order":2}}},"corev3Node":{"type":"object","title":"Identifies a specific Envoy instance. The node identifier is presented to the\\nmanagement server, which may use this identifier to distinguish per Envoy\\nconfiguration for serving.\\n[#next-free-field: 13]","properties":{"id":{"description":"An opaque node identifier for the Envoy node. This also provides the local\\nservice node name. It should be set if any of the following features are\\nused: :ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`CDS\\n&lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-node`.","type":"string","x-order":0},"cluster":{"description":"Defines the local service cluster name where Envoy is running. Though\\noptional, it should be set if any of the following features are used:\\n:ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`health check cluster\\nverification\\n&lt;envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher&gt;`,\\n:ref:`runtime override directory &lt;envoy_v3_api_msg_config.bootstrap.v3.Runtime&gt;`,\\n:ref:`user agent addition\\n&lt;envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent&gt;`,\\n:ref:`HTTP global rate limiting &lt;config_http_filters_rate_limit&gt;`,\\n:ref:`CDS &lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-cluster`.","type":"string","x-order":1},"metadata":{"description":"Opaque metadata extending the node identifier. Envoy will pass this\\ndirectly to the management server.","type":"object","x-order":2},"dynamicParameters":{"description":"Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike\\nother fields in this message). For example, the xDS client may have a shard identifier that\\nchanges during the lifetime of the xDS client. In Envoy, this would be achieved by updating the\\ndynamic context on the Server::Instance\'s LocalInfo context provider. The shard ID dynamic\\nparameter then appears in this field during future discovery requests.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v3ContextParams"},"x-order":3},"locality":{"$ref":"#/components/schemas/corev3Locality"},"userAgentName":{"type":"string","title":"Free-form string that identifies the entity requesting config.\\nE.g. \\"envoy\\" or \\"grpc\\"","x-order":5},"userAgentVersion":{"type":"string","title":"Free-form string that identifies the version of the entity requesting config.\\nE.g. \\"1.12.2\\" or \\"abcd1234\\", or \\"SpecialEnvoyBuild\\"","x-order":6},"userAgentBuildVersion":{"$ref":"#/components/schemas/v3BuildVersion"},"extensions":{"description":"List of extensions and their versions supported by the node.","type":"array","items":{"$ref":"#/components/schemas/v3Extension"},"x-order":8},"clientFeatures":{"description":"Client feature support list. These are well known features described\\nin the Envoy API repository for a given major version of an API. Client features\\nuse reverse DNS naming scheme, for example ``com.acme.feature``.\\nSee :ref:`the list of features &lt;client_features&gt;` that xDS client may\\nsupport.","type":"array","items":{"type":"string"},"x-order":9},"listeningAddresses":{"description":"Known listening ports on the node as a generic hint to the management server\\nfor filtering :ref:`listeners &lt;config_listeners&gt;` to be returned. For example,\\nif there is a listener bound to port 80, the list can optionally contain the\\nSocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint.","type":"array","items":{"$ref":"#/components/schemas/corev3Address"},"x-order":10}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"},"x-order":10},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\npopulating the port will result in an error, as the server is considered only for egress.\\nTSB will automatically configure the mTLS port (15443) on the gateway to receive the mesh traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":8},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"openapi":{"$ref":"#/components/schemas/v2OpenAPI"},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"}}},"gatewayv2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":5},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"gatewayv2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"googlerpcStatus":{"description":"The `Status` type defines a logical error model that is suitable for\\ndifferent programming environments, including REST APIs and RPC APIs. It is\\nused by [gRPC](https://github.com/grpc). Each `Status` message contains\\nthree pieces of data: error code, error message, and error details.\\n\\nYou can find out more about this error model and how to work with it in the\\n[API Design Guide](https://cloud.google.com/apis/design/errors).","type":"object","properties":{"code":{"description":"The status code, which should be an enum value of\\n[google.rpc.Code][google.rpc.Code].","type":"integer","format":"int32","x-order":0},"message":{"description":"A developer-facing error message, which should be in English. Any\\nuser-facing error message should be localized and sent in the\\n[google.rpc.Status.details][google.rpc.Status.details] field, or localized\\nby the client.","type":"string","x-order":1},"details":{"description":"A list of messages that carry the error details.  There is a common set of\\nmessage types for APIs to use.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installcontrolplanev1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installcontrolplanev1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"installcontrolplanev1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4},"indexPrefix":{"description":"The prefix of the ElasticSearch indices and templates.\\nDefaults to `skywalking`.","type":"string","x-order":5}}},"installcontrolplanev1alpha1ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"installcontrolplanev1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"installcontrolplanev1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"installcontrolplanev1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"installcontrolplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"installcontrolplanev1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"installcontrolplanev1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/installcontrolplanev1alpha1LatticeSettings"}}},"installcontrolplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7},"remoteDiagnostic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCPRemoteDiagnosticSettings"}}},"installcontrolplanev1alpha1XCPRemoteDiagnosticSettings":{"description":"Remote Diagnostic settings on the Control Plane side.","type":"object","properties":{"enabled":{"description":"Enable Remote Diagnostic on the Control Plane side.\\n\\nOnce Remote Diagnostic is enabled on the Control Plane side, it will become possible to\\nlaunch from the TSB UI a range of predefined diagnostic tasks for execution in the context\\nof that cluster.\\n\\nIn particular, it will be possible to take config dumps, view low-level metrics,\\nview and change log levels and stream logs from any Istio Gateway and Istio Sidecar\\ndeployed to that cluster.\\n\\nNotice that Remote Diagnostic has to be enabled on both sides, i.e. the Control Plane side\\nand the Management Plane side, which is the default configuration.\\n\\nDefaults to `true`.","type":"boolean","x-order":0}}},"installdataplanev1alpha1GatewaySpec":{"description":"GatewaySpec defines the desired installed state of a single\\ngateway for a given namespace in Service Bridge. Specifying a minimal\\nGatewaySpec with a hub will create a default gateway with sensible\\nvalues.\\n\\n","type":"object","properties":{"connectionDrainDuration":{"description":"The amount of time the gateway will wait on shutdown for connections to\\ncomplete before terminating the gateway. During this drain period, no new\\nconnections can be created but existing ones are allowed complete.","type":"string","x-order":0},"revision":{"type":"string","title":"Specifies the istio revision to reconcile with.\\nIf specified, TSB control plane operator will reconcile this gateway only\\nif operator\'s revision matches with it. TSB data plane operator, which\\nwould be running only when TSB control plane operator is not configured a\\nrevision, will ignore revision field and will reconcile gateway as usual.\\nInternally, this revision will guide to pick matching istio control plane\\nfor the gateway deployment\\nhttps://istio.io/latest/docs/setup/upgrade/canary/","x-order":1},"type":{"$ref":"#/components/schemas/v1alpha1GatewaySpecType"},"concurrency":{"description":"Number of Envoy worker threads to run. By default it will be set\\nautomatically based on the gateway\'s CPU resource limits.\\n\\nSet to `-1` to use the legacy behavior of all cores on the machine.","type":"integer","format":"int32","x-order":3},"targetNamespace":{"description":"Namespace where the gateway will be deployed.","type":"string","x-order":4},"targetCluster":{"description":"Cluster where the gateway will be deployed.","type":"string","x-order":5},"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":6,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":7},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":8},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":9},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key-value map stored with the Deployment\'s Pod template.\\nThese annotations will be added to the Pod template within the Deployment.\\nFor more details: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"},"labels":{"type":"object","title":"Labels are an unstructured key-value map stored with the Deployment.\\nFor Gateway deployments, these labels are propagated to the Pod, Service, etc.\\nFor more details: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/","additionalProperties":{"type":"string"},"x-order":10}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports configuring the operator and istiod deployments separately and CNI\\nconfiguration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"operatorDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"istiodDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":6}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"description":"`Any` contains an arbitrary serialized protocol buffer message along with a\\nURL that describes the type of the serialized message.\\n\\nProtobuf library provides support to pack/unpack Any values in the form\\nof utility functions or additional generated methods of the Any type.\\n\\nExample 1: Pack and unpack a message in C++.\\n\\n    Foo foo = ...;\\n    Any any;\\n    any.PackFrom(foo);\\n    ...\\n    if (any.UnpackTo(&amp;foo)) {\\n      ...\\n    }\\n\\nExample 2: Pack and unpack a message in Java.\\n\\n    Foo foo = ...;\\n    Any any = Any.pack(foo);\\n    ...\\n    if (any.is(Foo.class)) {\\n      foo = any.unpack(Foo.class);\\n    }\\n    // or ...\\n    if (any.isSameTypeAs(Foo.getDefaultInstance())) {\\n      foo = any.unpack(Foo.getDefaultInstance());\\n    }\\n\\n Example 3: Pack and unpack a message in Python.\\n\\n    foo = Foo(...)\\n    any = Any()\\n    any.Pack(foo)\\n    ...\\n    if any.Is(Foo.DESCRIPTOR):\\n      any.Unpack(foo)\\n      ...\\n\\n Example 4: Pack and unpack a message in Go\\n\\n     foo := &amp;pb.Foo{...}\\n     any, err := anypb.New(foo)\\n     if err != nil {\\n       ...\\n     }\\n     ...\\n     foo := &amp;pb.Foo{}\\n     if err := any.UnmarshalTo(foo); err != nil {\\n       ...\\n     }\\n\\nThe pack methods provided by protobuf library will by default use\\n\'type.googleapis.com/full.type.name\' as the type URL and the unpack\\nmethods only use the fully qualified type name after the last \'/\'\\nin the type URL, for example \\"foo.bar.com/x/y.z\\" will yield type\\nname \\"y.z\\".\\n\\nJSON\\n====\\nThe JSON representation of an `Any` value uses the regular\\nrepresentation of the deserialized, embedded message, with an\\nadditional field `@type` which contains the type URL. Example:\\n\\n    package google.profile;\\n    message Person {\\n      string first_name = 1;\\n      string last_name = 2;\\n    }\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.profile.Person\\",\\n      \\"firstName\\": &lt;string&gt;,\\n      \\"lastName\\": &lt;string&gt;\\n    }\\n\\nIf the embedded message type is well-known and has a custom JSON\\nrepresentation, that representation will be embedded adding a field\\n`value` which holds the custom JSON in addition to the `@type`\\nfield. Example (for message [google.protobuf.Duration][]):\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.protobuf.Duration\\",\\n      \\"value\\": \\"1.212s\\"\\n    }","type":"object","properties":{"@type":{"description":"A URL/resource name that uniquely identifies the type of the serialized\\nprotocol buffer message. This string must contain at least\\none \\"/\\" character. The last segment of the URL\'s path must represent\\nthe fully qualified name of the type (as in\\n`path/google.protobuf.Duration`). The name should be in a canonical form\\n(e.g., leading \\".\\" is not accepted).\\n\\nIn practice, teams usually precompile into the binary all types that they\\nexpect it to use in the context of Any. However, for URLs which use the\\nscheme `http`, `https`, or no scheme, one can optionally set up a type\\nserver that maps type URLs to message definitions as follows:\\n\\n* If no scheme is provided, `https` is assumed.\\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\\n  value in binary format, or produce an error.\\n* Applications are allowed to cache lookup results based on the\\n  URL, or have them precompiled into a binary to avoid any\\n  lookup. Therefore, binary compatibility needs to be preserved\\n  on changes to types. (Use versioned type names to manage\\n  breaking changes.)\\n\\nNote: this functionality is not currently available in the official\\nprotobuf release, and it is not used for type URLs beginning with\\ntype.googleapis.com. As of May 2023, there are no widely used type server\\nimplementations and no plans to implement one.\\n\\nSchemes other than `http`, `https` (or the empty scheme) might be\\nused with implementation specific semantics.","type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\nThe JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"qv2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"rbacv2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/tsbrbacv2Subject"},"x-order":1}}},"registrationv1alpha1Address":{"description":"Address specifies network address.","type":"object","required":["ip","type"],"properties":{"ip":{"description":"IP address.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"registryv2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"registryv2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"registryv2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"securityv2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"telemetryv2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"telemetryv2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"tsbapplicationv2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":9,"readOnly":true}}},"tsbapplicationv2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/tsbapplicationv2API"},"x-order":0}}},"tsbapplicationv2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6},"fromCookies":{"description":"fromCookies:\\n - auth-token\\n\\nThen JWT will be extracted from auth-token cookie in the request.\\n\\nNote: Requests with multiple tokens (at different locations) are not supported.\\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"List of cookie names from which JWT is expected.\\nFor example, if config is:","items":{"type":"string"},"x-order":7}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbdiagnosticv2Workload":{"description":"Name and namespace of a workload.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace of a workload.","type":"string","x-order":0},"name":{"description":"Name of a workload.","type":"string","x-order":1}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"`serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid Kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid Kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"resources":{"description":"`resources` specify the allowed set of resources using TSB FQNs.\\n\\n- `organizations/myorg/tenants/mycompany-a/workspaces/w2` - allow access from workspace w2.\\n- `organizations/myorg/tenants/mycompany/workspaces/w1/securitygroups/s1` - allow access from security group s1.","type":"array","items":{"type":"string"},"x-order":2}}},"tsbgatewayv2AuthorizationSettingsMode":{"description":"A shortcut for defining the common authorization patterns.\\n\\n - UNSET: Represents an unset or default mode.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - SERVICE_ACCOUNT: The workload allows traffic from service accounts defined explicitly.","type":"string","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","SERVICE_ACCOUNT"]},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbrbacv2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"tsbregistryv2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/registryv2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/registryv2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"description":"The canonical name of the service defined by user.","type":"string","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"},"x-order":16}}},"tsbsecurityv2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/tsbauthv2Authentication"}}},"tsbsecurityv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"tsbsecurityv2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2AuthenticationSettings":{"description":"Configuration for connection authentication parameters.\\nThis allows the enforcement of mutual TLS connections to upstream services\\nthat do not have a sidecar.\\nThis ensures that gateways or mesh workloads do not communicate in plain text with services outside the mesh.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2AuthenticationSettingsAuthenticationMode"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"tsbv2IstioStatus":{"description":"IstioStatus provides information about the Istio injection status of the namespace.","type":"object","properties":{"istioInjection":{"$ref":"#/components/schemas/IstioStatusIstioInjection"},"istioRevision":{"description":"Istio revision of the namespace.","type":"string","x-order":1}}},"tsbv2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2Service"},"x-order":1},"istio":{"$ref":"#/components/schemas/tsbv2IstioStatus"}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesregistrationv1alpha1Settings":{"description":"Settings specifies registration settings.","type":"object","properties":{"connectedOver":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"typessidecarv1alpha1EnvVar":{"description":"EnvVar specifies a single environment variable.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the environment variable.","type":"string","x-order":0},"value":{"description":"Value of the environment variable.","type":"string","x-order":1},"valueEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1Dashboard":{"description":"Message containing some metadata of a dashboard.","type":"object","properties":{"name":{"description":"The name of the dashboard.","type":"string","x-order":0},"title":{"description":"The title of the dashboard.","type":"string","x-order":1},"description":{"description":"The description of the dashboard.","type":"string","x-order":2}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1ListDashboardsResponse":{"description":"Response providing a list of available Grafana dashboards.","type":"object","properties":{"dashboards":{"description":"List of available dashboards.","type":"array","items":{"$ref":"#/components/schemas/v1Dashboard"},"x-order":0}}},"v1alpha1AddressType":{"description":"AddressType specifies type of a network address associated with the workload.\\n\\n - UNSPECIFIED: Not specified.\\n - VPC: IP address from the `VPC` range. Commonly referred to as `Private IP` or\\n`Internal IP`.\\n - INTERNET: IP address from the `Internet` range. Commonly referred to as `Public IP` or\\n`External IP`.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","VPC","INTERNET"]},"v1alpha1AgentInfo":{"description":"AgentInfo specifies information about the `Workload Onboarding Agent`\\ninstalled alongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Workload Onboarding Agent`.","type":"string","x-order":0}}},"v1alpha1ApplyConfigurationResponse":{"description":"Message of the apply sidecar configuration response.","type":"object"},"v1alpha1AuthorizeOnboardingResponse":{"description":"Response to the authorization request.","type":"object","required":["token","expiresAt"],"properties":{"token":{"description":"Bearer token that should be used to authenticate any subsequent requests\\nto the `Workload Onboarding Plane`.\\nAlso known as a `Workload Onboarding Token`.","type":"string","x-order":0},"expiresAt":{"description":"Expiration time of the returned token.","type":"string","format":"date-time","x-order":1}}},"v1alpha1BanyanDBSettings":{"description":"Configure a BanyanDB connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    banyandb:\\n      host: banyandb\\n      port: 5678\\n```\\n$hide_from_docs","type":"object","required":["host","port"],"properties":{"host":{"description":"BanyanDB host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port BanyanDB is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1ContentEquality":{"description":"ContentEquality specifies a strategy to compare two text-like values\\nfor equality, e.g. old and new values of a certain configuration property.\\n\\n - BYTES: Compares two values as opaque byte arrays.\\n - JSON: Compares two values as JSON values.","type":"string","default":"BYTES","enum":["BYTES","JSON"]},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/installcontrolplanev1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/installcontrolplanev1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"awsController":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSController"},"spmAgent":{"$ref":"#/components/schemas/v1alpha1SPMAgent"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"}}},"v1alpha1ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"v1alpha1ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettings"},"banyandb":{"$ref":"#/components/schemas/v1alpha1BanyanDBSettings"},"retentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain metrics for. Defaults to 7 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":2},"tracesRetentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain traces for. Defaults to 3 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":3}}},"v1alpha1DeleteConfigurationResponse":{"description":"Message of the delete sidecar configuration response.","type":"object"},"v1alpha1DescribeConfigurationResponse":{"description":"Message of the describe sidecar configuration response.","type":"object","properties":{"version":{"description":"Version of the desired sidecar configuration.","type":"string","x-order":0}}},"v1alpha1Dir":{"description":"Dir specifies a directory.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1}}},"v1alpha1DiscoveryInfo":{"description":"DiscoveryInfo specifies response schema of the `Workload Onboarding Plane`\\nauto-discovery endpoint.","type":"object","required":["uid"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the\\n`Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.","type":"string","x-order":0}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1File":{"description":"File specifies a configuration file.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1},"content":{"description":"File content.","type":"string","format":"byte","x-order":2},"contentEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"},"reloadable":{"description":"Reloadable file.","type":"boolean","x-order":4}}},"v1alpha1GatewaySpecType":{"description":"Type defines the different type of use cases and functionalities supported by gateway install.\\nEach type configures the gateway workloads specific to a particular use case represented by the type.\\nIf not set, UNIFIED is set as default.\\n\\n - UNIFIED: UNIFIED represents the gateway type supporting all functionalities: INGRESS, EGRESS, and EASTWEST.\\nGateway workloads are configured with default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.\\n - INGRESS: INGRESS represents the gateway type configured for Ingress use cases.\\nGateway workloads are configured with default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.\\n - EGRESS: EGRESS represents the gateway type configured for Egress use cases.\\nGateway workloads are configured with the default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a ClusterIP type service by default.\\n - EASTWEST: EASTWEST represents the gateway type configured for East-West use cases.\\nGateway workloads are configured with the default port 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.","type":"string","default":"UNIFIED","enum":["UNIFIED","INGRESS","EGRESS","EASTWEST"]},"v1alpha1GetDiscoveryInfoResponse":{"description":"Message of the discovery response.","type":"object","required":["discoveryInfo"],"properties":{"discoveryInfo":{"$ref":"#/components/schemas/v1alpha1DiscoveryInfo"}}},"v1alpha1GetSidecarInfoResponse":{"description":"Message of the sidecar info response.","type":"object","required":["sidecar"],"properties":{"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"}}},"v1alpha1HostInfo":{"description":"HostInfo specifies information about the host the workload is running on.","type":"object","required":["addresses"],"properties":{"addresses":{"description":"Network addresses of the host the workload is running on.","type":"array","items":{"$ref":"#/components/schemas/registrationv1alpha1Address"},"x-order":0}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"enabled":{"description":"Enable the OAP (SkyWalking) HPA adapter component that allows pods to be\\nscaled based on Skywalking metrics.\\nThis is disabled by default.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across\\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version.\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/controlplanev1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio\\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10},"ambient":{"$ref":"#/components/schemas/IstioAmbient"}}},"v1alpha1IstioSidecarInfo":{"description":"IstioInfo specifies information about the `Istio Sidecar` installed\\nalongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Istio Sidecar`.","type":"string","x-order":0},"revision":{"description":"Istio revision the pre-installed `Istio Sidecar` corresponds to.\\n\\nE.g., `canary`, `alpha`, etc.\\n\\nIf omitted, it is assumed that the pre-installed `Istio Sidecar`\\ncorresponds to the `default` Istio revision.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":1}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing Kubernetes resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"},"hostManagement":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagement"},"serviceObservability":{"$ref":"#/components/schemas/MeshExpansionSettingsServiceObservability"}}},"v1alpha1MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1NamespacedName":{"description":"NamespacedName specifies a namespace-scoped name.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"name":{"description":"Resource name.","type":"string","x-order":1}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1RegisterWorkloadResponse":{"description":"Response to the registration request.","type":"object"},"v1alpha1Registration":{"description":"Registration specifies information sent by the `Workload Onboarding Agent`\\nto the `Workload Onboarding Plane` to register the workload in the mesh.","type":"object","required":["agent","sidecar","host"],"properties":{"agent":{"$ref":"#/components/schemas/v1alpha1AgentInfo"},"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"},"host":{"$ref":"#/components/schemas/v1alpha1HostInfo"},"workload":{"$ref":"#/components/schemas/v1alpha1WorkloadInfo"},"settings":{"$ref":"#/components/schemas/typesregistrationv1alpha1Settings"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1SPMAgent":{"description":"Kubernetes settings for the SPM Agent component.","type":"object","properties":{"enabled":{"description":"SPM Agent is an optional component. If enabled is true, this component will be installed.","type":"boolean","x-order":0},"hostPath":{"description":"The root directory of each host for SPM agent use.\\nBy default, the value is \\"/\\".\\nIn the case of container-in-container, it is necessary to specify the path of the current host directory within the current container.","type":"string","x-order":1},"disableMultiProtocolAnalysis":{"description":"Set to true to disable multiple protocol analysis. Default is false.\\nWhen disabled, if the detected protocol is HTTP, the TCP protocol data won\'t be analyzed.\\nWhen enabled, if the detected protocol is HTTP, both the TCP and HTTP protocols will be analyzed together.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"The log level configuration by scopes.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":4}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1SessionResponse":{"description":"SessionResponse specifies response messages sent by the `Workload Onboarding Plane`\\nback to the `Workload Onboarding Agent` as part of a single session.","type":"object","properties":{"discoveryResponse":{"$ref":"#/components/schemas/v3DiscoveryResponse"}}},"v1alpha1SidecarConfiguration":{"description":"SidecarConfiguration represents boot configuration of a sidecar, e.g.\\n`Istio Sidecar`.","type":"object","properties":{"seed":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationSeed"},"update":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationUpdate"}}},"v1alpha1SidecarConfigurationSeed":{"description":"SidecarConfigurationSeed represents seed configuration required to start\\na sidecar, e.g. `Istio Sidecar`.","type":"object","required":["command"],"properties":{"command":{"description":"Path to the sidecar executable, i.e. `pilot-agent` binary of the\\n`Istio Sidecar`.\\n\\nNotice that `Workload Onboarding Agent` is not expected to run this command\\n\\"as is\\". Instead, `Workload Onboarding Agent` should use this value to identify\\nwhich of (potentially many) executables comprising a sidecar it needs to\\nrun.\\n\\nE.g., `Istio Sidecar` comes with `pilot-agent`, `envoy` and `istio-start.sh`\\nexecutables. To clarify that `Workload Onboarding Agent` must use `pilot-agent`\\nbinary to start the sidecar, `Workload Onboarding Plane` will use a command value\\n`/usr/local/bin/pilot-agent`.","type":"string","x-order":0},"args":{"description":"Arguments to the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"type":"string"},"x-order":1},"env":{"description":"Environment variables of the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/typessidecarv1alpha1EnvVar"},"x-order":2},"files":{"description":"Configuration files of the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":3},"dirs":{"description":"Directories required by the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1Dir"},"x-order":4}}},"v1alpha1SidecarConfigurationUpdate":{"description":"SidecarConfigurationUpdate represents an update to the already known\\nseed configuration that can be applied without full restart of the sidecar.","type":"object","properties":{"files":{"description":"Reloadable configuration files of the sidecar, e.g. `Istio token` file\\nreloadable by the Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":0}}},"v1alpha1SidecarInfo":{"description":"SidecarInfo specifies information about the sidecar installed alongside\\nthe workload.","type":"object","properties":{"istio":{"$ref":"#/components/schemas/v1alpha1IstioSidecarInfo"}}},"v1alpha1UnregisterWorkloadResponse":{"description":"Response to the unregistration request.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it will take to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.","type":"string","x-order":0}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/controlplanev1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/commonv1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WaypointsConfig":{"type":"object","properties":{"clusterLevel":{"$ref":"#/components/schemas/WaypointsConfigCommonWaypointConfig"},"namespaceLevel":{"description":"List of namespace-level waypoint configurations. Each entry specifies waypoint\\nsettings for a specific namespace or set of namespaces.","type":"array","items":{"$ref":"#/components/schemas/WaypointsConfigNamespaceLevelCommonConfig"},"x-order":1}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v1alpha1WorkloadInfo":{"description":"WorkloadInfo specifies information about the workload.","type":"object","properties":{"labels":{"description":"Labels associated with the workload.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"v2AuthenticationSettingsAuthenticationMode":{"description":"AuthenticationMode configures whether to initiate only mutual TLS\\nconnections or to allow plaintext traffic as well.\\n\\n - UNSET: Default is UNSET.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Always initiate mutual TLS authenticated connections, and fail if the upstream does not support it.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":2}}},"v2AutomaticLoadBalancing":{"type":"object","title":"Settings for configuring automatic load balancing between clusters based on observed metrics.\\n$hide_from_docs","properties":{"enabled":{"description":"Whether to enable automatic load balancing.","type":"boolean","x-order":0}}},"v2BlameResponse":{"description":"```yaml\\neffectiveProfileConfig:\\n  trafficSettings:\\n    reachability:\\n      mode: GROUP\\n    resilience:\\n      circuitBreakerSensitivity: MEDIUM\\n  authenticationSettings:\\n    trafficMode: REQUIRED\\neffectiveProfilePaths:\\n  authenticationSettings: organizations/my-org/profiles/profile1\\n  authenticationSettings.trafficMode: organizations/my-org/profiles/profile1\\n  trafficSettings: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability.mode: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience.circuitBreakerSensitivity: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\neffectiveProfileMandatedPaths:\\n  - authenticationSettings\\n  - authenticationSettings.trafficMode\\n```","type":"object","title":"Blame data for a given resource.\\nExample:","properties":{"effectiveProfileConfig":{"$ref":"#/components/schemas/v2ProfileConfig"},"effectiveProfilePaths":{"description":"Map of profile config field paths to the resource FQNs that set the value at that path.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"effectiveProfileMandatedPaths":{"description":"Subset of the effective paths which values are set by mandates.","type":"array","items":{"type":"string"},"x-order":2},"effectiveProfileAttachmentPaths":{"description":"Like effective_profile_paths, but the FQNs are from the resources that attach the profiles.","type":"object","additionalProperties":{"type":"string"},"x-order":3}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2},"spmAgentReceiverEnabled":{"description":"Whether the SPM Agent is enabled or disabled in MP.\\nIf the SPM Agent is disabled in MP, then it should also be turned off in CP to prevent the OAP crash in CP.","type":"boolean","x-order":3}}},"v2ClusterOnboardingConfig":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the cluster onboarding configuration.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"},"x-order":2}}},"v2ClusterOnboardingStatus":{"description":"The onboarding status for a cluster.","type":"object","properties":{"namespaces":{"description":"The status of the namespaces in the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingStatusNamespaceStatus"},"x-order":0}}},"v2ClusterOnboardingStatusNamespaceStatus":{"description":"The status of the namespaces in the cluster.","type":"object","properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"},"currentState":{"$ref":"#/components/schemas/v2NamespaceCurrentState"},"currentStateDetails":{"description":"Details about the actual state of the namespace.","type":"string","x-order":3}}},"v2ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/tsbv2Locality"},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"},"istioRevisions":{"description":"Metadata of different Istio revision found in the cluster.\\nAn empty istio revisions field represents there was no Istio\\ndiscovered in the cluster.\\nField should not be empty in ControlMode as TSB will install\\nand depend on Istio.\\nIn Observe mode, an empty field represents that a vanilla kubernetes\\ncluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterStateIstioRevision"},"x-order":7}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2Composer":{"type":"object","title":"Composer extension configuration.\\n$hide_from_docs","properties":{"plugins":{"description":"List of plugins.","type":"array","items":{"$ref":"#/components/schemas/v2ComposerPlugins"},"x-order":0}}},"v2ComposerPlugins":{"description":"Plugin definition.","type":"object","required":["name"],"properties":{"name":{"description":"Plugin name.\\n\\nThis can be one of the [Tetrate built in\\nplugins](https://docs.tetrate.io/service-bridge/) or a\\ncustom plugin.\\n\\nTetrate built in plugins are bundled with TSB and can run directly.\\nHowever providing `pluginSource` is required if this is a custom plugin.","type":"string","x-order":0},"priority":{"description":"Priority to be given to this plugin (Optional).\\n\\nPriority decides the order of execution of plugins.\\nFor example. Plugin P1(priority=10) will be executed\\nbefore Plugin P2(priority=100).","type":"integer","format":"int64","x-order":1},"config":{"$ref":"#/components/schemas/v2ComposerPluginsPluginConfig"},"pluginSource":{"$ref":"#/components/schemas/v2ComposerPluginsPluginSource"}}},"v2ComposerPluginsPluginConfig":{"description":"Configuration for plugin.","type":"object","properties":{"inline":{"description":"Provide plugin config inline in the `yaml` format.\\n\\nThe following is an example of a valid config for tetrate\'s\\nresponse-transformer plugin.\\n\\n```yaml\\ninline:\\n  headersToAdd:\\n  - key: \\"example-header\\"\\n    value: \\"example-value\\"\\n  headersToRemove:\\n  - \\"example-header-to-remove\\"\\n  bodyToSet: \\"the response is mutated!\\"\\n```\\n\\nIf the config fails plugin\'s schema validation, the\\n`tetrate-composer` sidecar will reject it.","type":"object","x-order":0},"secret":{"description":"Obtain plugin config from the specified kubernetes secret.\\nPlease ensure the secret has a key \\"config\\" having values in the\\n`yaml` format. The secret must be present in the same namespace as\\nthe gateway install.\\n\\nThe following is an example of a secret which contains a valid config\\nfor tetrate\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: YWRkOgogIGpzb246CiAgLSBleGFtcGxl\\nkind: Secret\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the secret cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-composer` sidecar.","type":"string","x-order":1},"configMap":{"description":"Obtain plugin config from the specified kubernetes configMap.\\nEnsure the configMap has a key \\"config\\" having values in the\\n`yaml` format. The configMap must be present in the same namespace\\nas the gateway install.\\n\\nThe following is an example of a configMap which contains a valid config\\nfor tetrate\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: |\\n    headersToAdd:\\n    - key: \\"example-header\\"\\n      value: \\"example-value\\"\\n    headersToRemove:\\n    - \\"example-header-to-remove\\"\\n    bodyToSet: \\"the response is mutated!\\"\\nkind: ConfigMap\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the configMap cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-composer` sidecar.","type":"string","x-order":2}}},"v2ComposerPluginsPluginSource":{"description":"Reference to custom plugin files.","type":"object","required":["configMap"],"properties":{"configMap":{"description":"Kubernetes ConfigMap containing the plugin files.\\nThe configMap must be present in same namespace as the gateway install.\\n\\nTo create this configmap in the gateway install namespace, run:\\n\\n```yaml\\nkubectl create configmap my-plugin --from-file=./my-plugin-dir` -n\\n{gw-install-namespace}\\n```\\n\\nand use the name `my-plugin` here.\\n\\nIn case the configMap cannot be loaded (not found, bad format or any\\nother issue reading it), the custom plugin will not be initialised and\\nthe config will be rejected by the `tetrate-composer` sidecar.","type":"string","x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2ControlPlaneMode":{"description":"Available Control Plane modes for the Control Plane deployment.\\n\\n - UNSET: Default mode will be used.\\n - CONTROL: Default mode installed in Control plane clusters.\\nThe Control Plane will be deployed with the entire TSB feature set\\nenabled for this cluster.\\n - OBSERVE: The Control Plane will be deployed with only service\\ndiscovery and observability features enabled.\\nOther features of TSB like configuration propagation,\\ncross-cluster discovery, etc, will not be available in this cluster.","type":"string","default":"UNSET","enum":["UNSET","CONTROL","OBSERVE"]},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2DownstreamResilienceSettings":{"description":"DownstreamResilienceSettings control the reliability knobs in Envoy when accepting\\ninbound connections.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettings"},"meshTimeout":{"$ref":"#/components/schemas/DownstreamResilienceSettingsMeshTimeout"}}},"v2DownstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for downstream connections.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2DownstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for inbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressAuthorizationSettings":{"description":"EgressAuthorizationSettings define rules for allowing specific service accounts to access external hosts.\\nBy default, when a host is configured for egress access on the Gateway, access is denied.","type":"object","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettings"},"to":{"description":"The set of hostnames exposed on the Gateway through which external hosts\\ncan be accessed.","type":"array","items":{"$ref":"#/components/schemas/EgressAuthorizationSettingsHostDetails"},"x-order":1},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2Extensions":{"description":"Extensions extend TSB functionality.","type":"object","properties":{"kong":{"$ref":"#/components/schemas/v2Kong"},"composer":{"$ref":"#/components/schemas/v2Composer"}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2FailoverSettings":{"description":"Failover settings for all proxies connecting to a host exposed in this workspace/organization\\nbased on the settings definition scope. Note that this is a server side setting.","type":"object","properties":{"topologyChoice":{"$ref":"#/components/schemas/FailoverSettingsTopologyChoice"},"failoverPriority":{"description":"FailoverPriority specifies the failover priority for traffic. FailoverPriority is an ordered list of labels \\nused to sort endpoints to do priority based load balancing. \\nThis is to support traffic failover across different groups of endpoints.\\nInternally these labels will be matched on both the client and endpoints to determine the priorities for\\nthe respective endpoints based on clients.\\nNote: For a label to be considered for match, the previous labels must match, i.e. \\nnth label would be considered matched only if first n-1 labels match.\\nIf for a particular client-endpoint pair, all the n labels match, the endpoint will be considered P(0).bool\\nIf first n-1 labels match, the endpoint will be considered P(1) and so on.\\n\\nFor getting the labels to be populated on the endpoints generated by the TSB for multicluster and eastwest scenario, \\nyou will need to label the kubernetes service of your gateway or east-west exposed service\\nusing a label with prefix `failover.tetrate.io/`. \\nFor example `failover.tetrate.io/version=v1` should be the label present\\non the kubernetes service of remote gateway or exposed service for east west traffic.\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"failover.tetrate.io/version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```\\n\\nAnother way to label the endpoints for eastwest scenario is to create a ServiceRoute object for the service and\\nspecify the labels in the ServiceRoute object. If there is any pod with such label present in the remote cluster,\\nthe endpoints for it will have these labels and thus it could be used in failoverPriority API.\\n\\nFor example:\\nSuppose if one of your clusters has service reviews only with version v1 and a second cluster with reviews only with version v2,\\nThen use the below serviceroute object to populate service labels to the endpoints dynamically: \\n```yaml\\napiVersion: traffic.tsb.tetrate.io/v2\\nkind: ServiceRoute\\nmetadata:\\n  name: reviews\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  service: ns1/reviews.ns1.svc.cluster.local\\n  subsets:\\n  - name: v1\\n    labels:\\n      version: v1\\n  - name: v2\\n    labels:\\n      version: v2\\n```\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```","type":"array","items":{"type":"string"},"x-order":1},"regionalFailover":{"description":"Locality routing settings for all gateways in the Workspace/Organization for which\\nthis is defined.\\n\\nExplicitly specify the region traffic will land on when endpoints in the local region become unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":2},"automaticLoadBalancing":{"$ref":"#/components/schemas/v2AutomaticLoadBalancing"}}},"v2FlaggerDestination":{"description":"FlaggerDestination will route traffic based on a Flagger Canary resource.\\nThe Canary resource must exist in the control plane cluster and have service delegation set to true.","type":"object","required":["canary","namespace"],"properties":{"canary":{"description":"Name of the Canary resource that will manage the deployment.","type":"string","x-order":0},"namespace":{"description":"Namespace of the Canary resource that will manage the deployment.","type":"string","x-order":1}}},"v2GetClusterStatsResponse":{"type":"object","title":"Response to the request for the cluster stats of an Istio Proxy.\\nReturns the output of the `/clusters` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--clusters","properties":{"output":{"description":"Output of the cluster stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"}}},"v2GetConfigDumpRequestAll":{"description":"Dump all configuration.","type":"object","properties":{"includeEds":{"description":"Include EDS into config dump.","type":"boolean","x-order":0}}},"v2GetConfigDumpRequestEndpoints":{"description":"Dump endpoint configuration.","type":"object"},"v2GetConfigDumpRequestSecrets":{"description":"Dump secret configuration.","type":"object"},"v2GetConfigDumpResponse":{"type":"object","title":"Response to the request for a config dump from an Istio Proxy.\\nReturns the output of the `/config_dump` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--config_dump","properties":{"output":{"description":"Config in JSON format.","type":"string","x-order":0}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":0}}},"v2GetServerStatsResponse":{"type":"object","title":"Response to the request for the server stats of an Istio Proxy.\\nReturns the output of the `/stats` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--stats","properties":{"output":{"description":"Output of the server stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTPDirectResponse":{"description":"Configures an HTTP response to be generated. This can be used to implement\\nhealth check paths where the gateways will directly reply with a preconfigured\\nresponse when traffic hits certain exposed paths.","type":"object","required":["status"],"properties":{"status":{"description":"Specifies the HTTP response status to be returned.","type":"integer","format":"int64","x-order":0},"body":{"$ref":"#/components/schemas/HTTPDirectResponseHTTPBody"}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPFaultInjection":{"description":"HTTPFaultInjection can be used to specify one or more faults to inject\\nwhile forwarding HTTP requests to the destination specified in a route.\\nFaults include aborting the HTTP request from downstream service, and/or\\ndelaying proxying of requests. A fault rule MUST HAVE delay or abort or\\nboth.\\nNote that delay and abort faults are independent of one another, even if\\nboth are specified simultaneously.","type":"object","properties":{"delay":{"$ref":"#/components/schemas/HTTPFaultInjectionDelay"},"abort":{"$ref":"#/components/schemas/HTTPFaultInjectionAbort"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPMirror":{"description":"HTTPMirror can be used to specify the destinations to mirror HTTP traffic in addition to the original destination.\\nMirrored traffic is on a best effort basis where the sidecar/gateway will not wait for the mirrored destinations\\nto respond before returning the response from the original destination.","type":"object","required":["port"],"properties":{"host":{"description":"The host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":0},"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"percentage":{"description":"Percentage of the traffic to be mirrored.\\nIf this field is absent, the max value 100% will be mirrored.","type":"number","format":"double","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute describes match conditions and actions for HTTP traffic routing to service destinations.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the route.","type":"string","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"description":"Destination host:port and subset where HTTP traffic should be directed.\\n**Note**: Only one of `destination` and `flagger` must be configured per route.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2},"flagger":{"$ref":"#/components/schemas/v2FlaggerDestination"},"fault":{"$ref":"#/components/schemas/v2HTTPFaultInjection"},"mirrors":{"description":"Mirror HTTP traffic to multiple destinations in addition to forwarding the\\nrequests to the intended destination. Mirrored traffic is on a best effort\\nbasis, so it won\'t wait for the mirrored destinations response to respond\\nto the intended destination.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPMirror"},"x-order":5}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":5},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IdentityMatch":{"description":"IdentityMatch defines the strategy for utilizing service identities during the evaluation of authorization (authz) rules.\\nIt specifies how the identity of a service or workload is verified and used in the context of authz policies.\\nThe strictness of identity verification progresses in the following order:\\nUNKNOWN &lt; PERMISSIVE &lt; PEER_CERTIFICATE &lt; SOURCE_IDENTITY.\\n\\n - UNKNOWN: UNKNOWN represents the default state when identityMatch is not explicitly set.\\nIn practice, it behaves identically to the PERMISSIVE mode, allowing for a flexible approach to\\nidentity verification. This mode is typically used as a fallback or when the specific identity verification\\nstrategy is undecided.\\n - PEER_CERTIFICATE: PEER_CERTIFICATE mode mandates the use of Mutual TLS (mTLS) certificates for identity verification.\\nSpecifically, it utilizes the SPIFFE(Secure Production Identity Framework For Everyone) IDs presented in\\npeer certificates as the basis for authz decision-making. This mode aligns with Istio\'s Principal match\\nauthorization policies, offering a secure method of asserting service identities through cryptographic certificates.\\nIt is suitable for environments where strong, certificate-based identity validation is required.\\n - PERMISSIVE: PERMISSIVE mode offers a flexible, transitional approach to identity verification, allowing the evaluation of authz\\nrules based on either SOURCE_IDENTITY or PEER_CERTIFICATE identities. This mode is designed to facilitate\\ngradual adoption of identity verification practices or to ease system upgrades. It is particularly useful\\nin mixed environments where some services use SPIFFE IDs and others use a different form of service identity.\\n\\nIn ALLOW rules contexts, PERMISSIVE mode authorizes workloads if either their SOURCE_IDENTITY or PEER_CERTIFICATE\\nmatches the allowed principals. This approach broadens the range of clients that can be permitted,\\noffering more flexibility during policy enforcement.\\n\\nConversely, in DENY rules contexts, PERMISSIVE mode restricts access to workloads if either their\\nSOURCE_IDENTITY or PEER_CERTIFICATE matches the denied principals. This results in a more conservative\\nset of clients being allowed, enhancing security by restricting access more broadly.\\n - SOURCE_IDENTITY: SOURCE_IDENTITY mode strictly uses the service identity for authz rules evaluation. This identity is propagated\\nfrom the originating client to the target service workload, which then assesses authz rules based on this received\\nidentity. The mode ensures that authz decisions are made based on the explicit identity of the requesting service,\\nfacilitating fine-grained access control and enhancing security by strictly adhering to the principle of least privilege.\\n\\nThis mode is optimal in environments that require strict enforcement of service identities,\\nwhere the assurance of the caller\'s identity is paramount for secure access control.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","PEER_CERTIFICATE","PERMISSIVE","SOURCE_IDENTITY"]},"v2Impact":{"description":"Impact represents a single impact on a field. It specifies how a profile\\naffects a field and the type of the impact (e.g., effective or overridden).","type":"object","properties":{"fieldPath":{"description":"The path to the field that is impacted by the profile. This path uniquely\\nidentifies the field within the resource.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactImpactType"},"source":{"$ref":"#/components/schemas/v2ImpactSource"},"stringValue":{"description":"The value of the field that is impacted by the profile.","type":"string","x-order":3}}},"v2ImpactAnalysis":{"description":"ImpactAnalysis represents the impact of a profile on a resource.","type":"object","properties":{"effectiveImpactsCount":{"description":"The number of effective impacts, which refers to the number of fields\\nthat are directly impacted by the profile being analyzed.","type":"integer","format":"int32","x-order":0},"overriddenImpactsCount":{"description":"The number of overridden impacts, which refers to fields that have been\\nimpacted by another configuration, such as another profile or settings like\\norganization default setting, tenant default settings, workspace default settings,\\ntraffic settings, etc.","type":"integer","format":"int32","x-order":1},"impacts":{"description":"The list of individual impacts that were detected during the analysis.\\nEach impact corresponds to a field that is affected by the profile.","type":"array","items":{"$ref":"#/components/schemas/v2Impact"},"x-order":2}}},"v2ImpactAnalysisResponse":{"description":"ImpactAnalysisResponse represents the response to the ImpactAnalysisRequest.\\nIt contains detailed information about the impacts of the analyzed profiles.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource impacted.","type":"string","x-order":0},"current":{"$ref":"#/components/schemas/v2ImpactAnalysis"},"modified":{"$ref":"#/components/schemas/v2ImpactAnalysis"}}},"v2ImpactSource":{"description":"The source of the impact. This specifies where the impact originated from,\\nsuch as a profile default, a profile mandate, or a configuration setting.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource that impacts the field.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactSourceType"}}},"v2InboundTrafficSetting":{"description":"Configuration for inbound traffic.","type":"object","properties":{"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"resilience":{"$ref":"#/components/schemas/v2DownstreamResilienceSettings"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2TcpKeepAliveSettings"}}},"v2Kong":{"description":"Kong extension configuration.","type":"object","properties":{"plugins":{"description":"List of plugins.","type":"array","items":{"$ref":"#/components/schemas/v2KongPlugins"},"x-order":0}}},"v2KongPlugins":{"description":"Plugin definition.\\n\\nOnly plugins mutating request and response are supported currently.\\nAdvanced plugins may not work. Please contact Tetrate to check if a plugin\\nis supported.","type":"object","required":["name"],"properties":{"name":{"description":"Plugin name.\\n\\nThis can be one of the [Kong open source\\nplugins](https://github.com/Kong/kong/tree/master/kong/plugins) or a\\ncustom plugin.\\n\\nKong open source plugins are bundled with TSB and can run in the same\\nfashion as Kong. However providing `pluginSource` is required if this is\\na custom plugin.","type":"string","x-order":0},"priority":{"description":"Priority to be given to this plugin (Optional).\\n\\nPriority is a concept of kong which decides the order of execution of\\nplugins. Most of the bundled plugins come with a priority defined as per\\n[kong\'s plugin execution\\norder](https://docs.konghq.com/konnect/reference/plugins/#plugin-execution-order)\\n\\nTSB allows you to run both bundled and custom plugins in a different\\norder by reassigning priorities.","type":"integer","format":"int64","x-order":1},"config":{"$ref":"#/components/schemas/v2KongPluginsPluginConfig"},"pluginSource":{"$ref":"#/components/schemas/v2KongPluginsPluginSource"}}},"v2KongPluginsPluginConfig":{"description":"Configuration for Kong plugin.","type":"object","properties":{"inline":{"description":"Provide plugin config inline in the `yaml` format.\\n\\nThe following is an example of a valid config for Kong\'s\\nresponse-transformer plugin.\\n\\n```yaml\\ninline:\\n  add:\\n    json:\\n    - example\\n```\\n\\nIf the config fails plugin\'s schema vaildation, the\\n`tetrate-kong-extender` sidecar will reject it.","type":"object","x-order":0},"secret":{"description":"Obtain plugin config from the specified kubernetes secret.\\nPlease ensure the secret has a key \\"config\\" having values in the\\n`yaml` format. The secret must be present in the same namespace as\\nthe gateway install.\\n\\nThe following is an example of a secret which contains a valid config\\nfor Kong\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: YWRkOgogIGpzb246CiAgLSBleGFtcGxl\\nkind: Secret\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the secret cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-kong-extender` sidecar.\\n\\nNOT IMPLEMENTED.\\n$hide_from_docs","type":"string","x-order":1}}},"v2KongPluginsPluginSource":{"description":"Reference to custom plugin files.","type":"object","required":["configMap"],"properties":{"configMap":{"description":"Kubernetes ConfigMap containing the plugin files.\\nThe configMap must be present in same namespace as the gateway install.\\n\\nTo create this configmap in the gateway install namespace, run:\\n\\n```yaml\\nkubectl create configmap my-plugin --from-file=./my-plugin-dir` -n\\n{gw-install-namespace}\\n```\\n\\nand use the name `my-plugin` here.\\n\\nIn case the configMap cannot be loaded (not found, bad format or any\\nother issue reading it), the custom plugin will not be initialised and\\nthe config will be rejected by the `tetrate-kong-extender` sidecar.","type":"string","x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListAvailableProfilesResponse":{"description":"List of profiles that can be attached to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListClusterOnboardingConfigsResponse":{"description":"List of onboarding configurations for a cluster.","type":"object","properties":{"configs":{"description":"The list of onboarding configurations for the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/tsbv2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListInstallGatewaysResponse":{"description":"List of all Install Gateway objects in the gateway group.","type":"object","properties":{"installGateways":{"type":"array","items":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListProfilesResponse":{"description":"List of profiles belonging to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServiceTrafficSettingsResponse":{"description":"List of all Service Traffic Settings objects attached to the group.","type":"object","properties":{"serviceSettings":{"description":"List of Service Traffic Setting objects.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/telemetryv2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkloadsResponse":{"description":"Response to the request for a list of Workloads.","type":"object","properties":{"workloads":{"description":"List of workloads.","type":"array","items":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"},"x-order":0},"nextPageToken":{"description":"A token, which can be sent as `page_token` to retrieve the next page.\\nIf this field is omitted, there are no subsequent pages.","type":"string","x-order":1},"totalSize":{"description":"Total number of Workloads.\\nIf a filter was included in the request, this reflects the total number\\nafter the filtering is applied.","type":"integer","format":"int32","x-order":2}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LoadBalancerSettings":{"description":"Defines Load Balancing policies to be applied on the client requests.","type":"object","properties":{"simple":{"$ref":"#/components/schemas/LoadBalancerSettingsSimpleLB"},"consistentHash":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLB"}}},"v2LoggerLevelsResponse":{"description":"Response to the request for effective logger levels of an Istio Proxy.\\nReturns the output of the `/logging` endpoint of the Envoy Admin interface.","type":"object","properties":{"supportedLevels":{"description":"Supported logging levels.","type":"array","items":{"type":"string"},"x-order":0},"loggerLevels":{"description":"Effective logger levels.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/telemetryv2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2ModifyAttachedProfiles":{"description":"ModifyAttachedProfiles represents a request to analyze the impact of modifying\\nthe attached profiles of a resource.","type":"object","required":["fqn"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource to which profiles are attached.","type":"string","x-order":0},"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ModifyProfile":{"description":"ModifyProfile represents a request to analyze the impact of modifying a profile.","type":"object","required":["fqn","profile"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the profile to analyze. This should refer to a specific profile in the system.","type":"string","x-order":0},"profile":{"$ref":"#/components/schemas/v2Profile"}}},"v2NamespaceCurrentState":{"description":"The current state of a namespace.\\n\\n - CURRENT_UNDEFINED: Undefined state.\\n - CURRENT_UNKNOWN: The TSB CP is not able to determine the state of the namespace.\\n - CURRENT_SYSTEM: The namespace has been detected as TSB system namespace, as cloud provider system namespace, or\\nas a namespace with system components specified in the Cluster Onboarding Config as\\n`DESIRED_SYSTEM`.\\nIt should not have sidecars injected and should not be configured with Istio injection.\\n - CURRENT_DISABLED: The namespace has been detected with no sidecars injected and is not configured with Istio injection.\\nCheck the `current_state_details` field for more information.\\n - CURRENT_ENABLED: The namespace has been detected with sidecars injected and is configured with Istio injection.","type":"string","default":"CURRENT_UNDEFINED","enum":["CURRENT_UNDEFINED","CURRENT_UNKNOWN","CURRENT_SYSTEM","CURRENT_DISABLED","CURRENT_ENABLED"]},"v2NamespaceDesiredState":{"description":"The desired state of a namespace.\\n\\n - DESIRED_UNDEFINED: Undefined state.\\n - DESIRED_UNASSIGNED: The user did not specify a desired state for the namespace.\\n - DESIRED_DISABLED: The namespace should have no sidecars injected and don\'t be configured with Istio injection.\\n - DESIRED_IGNORED: TSB should not modify the Istio injection.\\n - DESIRED_ONBOARDED: The namespace should have a sidecars injected and be configured with Istio injection.\\n - DESIRED_SYSTEM: The namespace should be considered as a system namespace. Which means that the namespace\\ncontain system components and should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nIt is similar in terms of sidecar injection to `DESIRED_DISABLED` but it\\nis used to mark the namespace as a system namespace as well.","type":"string","default":"DESIRED_UNDEFINED","enum":["DESIRED_UNDEFINED","DESIRED_UNASSIGNED","DESIRED_DISABLED","DESIRED_IGNORED","DESIRED_ONBOARDED","DESIRED_SYSTEM"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/v2NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8},"useRefreshToken":{"description":"Enable automatic access token refresh using associated refresh token\\n[(see RFC 6749 section 6)](https://datatracker.ietf.org/doc/html/rfc6749#section-6)\\nprovided that the OAuth server supports that.\\n\\nIf not set defaults to `true`.","type":"boolean","x-order":9}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2OpenAPI":{"description":"OpenAPI configuration for the HTTP server.","type":"object","properties":{"fqn":{"description":"The fqn of the API that holds the OpenAPI spec document.","type":"string","x-order":0},"validation":{"$ref":"#/components/schemas/OpenAPIValidation"}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"},"x-order":7}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2OutboundTrafficSetting":{"description":"Configuration for outbound traffic.","type":"object","properties":{"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"egress":{"$ref":"#/components/schemas/v2OutboundTrafficSettingEgressGateway"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients sending traffic to them.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":2}}},"v2OutboundTrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2Profile":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}},"v2ProfileConfig":{"description":"ProfileConfig holds the configuration objects that can be used as defaults or mandates.","type":"object","properties":{"trafficSettings":{"$ref":"#/components/schemas/v2TrafficSetting"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"wafSettings":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmExtensions":{"description":"Wasm Extensions specifies all the WasmExtensions assigned to this profile\\nwith the specific configuration for each extension.\\nThe WASM extensions configured here only apply to workloads, not gateways.\\nThis will be moved under a `security` section in the future.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":3},"unsetFields":{"type":"array","title":"Unset fields specify fields that must not have any value.\\nIn Mandates, fields in this list must remain unset, even if subsequent evaluated Profile Mandates define them.\\nIn Defaults, fields in this list are removed if defined in previously evaluated Profile Defaults.\\nItems in this list are dot-separated paths to the fields, relative to the root of ProfileConfig.\\nField names are in camelCase, as in JSON/YAML.\\nPaths that navigate lists or maps unset the sub-path for all elements.\\nFor example:\\n- \\"traffic.outbound.reachability.hosts\\"\\n- \\"traffic.inbound.resilience.meshTimeout.maxConnectionDuration\\"","items":{"type":"string"},"x-order":4},"traffic":{"$ref":"#/components/schemas/v2TrafficSettings"}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2ProxyType":{"description":"ProxyType defines the type of a proxy within the service mesh.\\n\\nThis enum is used to apply configurations based on the type of\\nthe proxy.\\n\\n - ANY: ANY is the default proxy type that represents both sidecar,\\nand gateway proxies. Use this value to apply configurations\\nto both sidecars and gateways.\\n - SIDECAR: SIDECAR represents a sidecar proxy that runs alongside an\\napplication. Use this value to apply configurations only\\nto the sidecars.\\n - GATEWAY: GATEWAY represents a gateway proxy that runs standalone\\nand, acts as an entry/exit point into/out of the service\\nmesh. Use this value to apply configurations only to the\\ngateways.","type":"string","default":"ANY","enum":["ANY","SIDECAR","GATEWAY"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"This field is DEPRECATED in favor of `upstreamTrafficSettings.resilience.connectionPool.http.requestTimeout`.\\nTimeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2ResilienceSettingsSensitivity"}}},"v2ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2ResourceStatusWithDetails":{"description":"Contains the ResourceStatus with metadata about the resource.","type":"object","properties":{"fqn":{"description":"The status of the resource.","type":"string","x-order":0,"readOnly":true},"apiVersion":{"description":"API version of the resource.","type":"string","x-order":1,"readOnly":true},"name":{"description":"Resource name.","type":"string","x-order":2,"readOnly":true},"status":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":4}}},"v2RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"v2RoleScopeType":{"type":"object","required":["apiGroup","kind"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kind":{"description":"Specific kind of API under the API group.","type":"string","x-order":1}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\nthe gateway routes traffic to an external service through a user-created service entry.\\nThe service entry should only be created in the gateway deployment namespace with the location set to MESH_EXTERNAL.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2SearchStatusResponse":{"description":"Response of the search query for the status of resources related to specified search criteria.","type":"object","properties":{"statuses":{"description":"Collections of status of resources related to the specified search criteria.","type":"array","items":{"$ref":"#/components/schemas/v2ResourceStatusWithDetails"},"x-order":0}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"description":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceState":{"description":"State denotes the interactions the service can have with the mesh. A service can exist in one of the states\\nwhich represents the set of interactions(Observability and Control) the mesh can have with these services.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2ServiceTrafficSetting":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2StreamLogsResponse":{"description":"Response to the request to stream logs of an Istio Proxy.","type":"object","properties":{"output":{"description":"Logs of an Istio Proxy.","type":"string","x-order":0}}},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"v2TcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficMode":{"description":"Traffic mode defines the type of configuration that has been configured on a Gateway server.\\n\\n - AUTO: AUTO mode indicates that the type of configuration is automatically detected from the underlying Gateway deployment.\\n - INGRESS: INGRESS mode specifies the configuration for managing incoming traffic into the mesh.\\nIn this mode, the Gateway server is responsible for handling incoming requests from external sources\\nand routing them to appropriate services within the mesh.\\n - EGRESS: EGRESS mode specifies the configuration for managing outgoing traffic from the mesh to external destinations.\\nIn this mode, the Gateway server controls traffic leaving the mesh and enforces policies and security measures\\nfor accessing external services.\\n - TRANSIT: TRANSIT mode specifies that the Gateway is configured to facilitate transit traffic between different clusters\\nwithin the mesh that are not directly reachable. This mode enables forwarding of traffic between clusters\\nvia the Gateway, allowing communication between services deployed in separate clusters.","type":"string","default":"AUTO","enum":["AUTO","INGRESS","EGRESS","TRANSIT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":8},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"v2TrafficSettings":{"description":"Traffic settings is used to configure inbound and outbound traffic of proxy workloads\\nbelonging to traffic groups or workspaces via profiles. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.","type":"object","properties":{"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"}}},"v2UpstreamResilienceSettings":{"description":"UpstreamResilienceSettings controls the reliability knobs for client connections\\nto the upstream hosts.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsSensitivity"},"outlierDetection":{"$ref":"#/components/schemas/UpstreamResilienceSettingsOutlierDetection"}}},"v2UpstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for the upstream host.","type":"object","properties":{"http":{"$ref":"#/components/schemas/UpstreamResilienceSettingsConnectionPoolSettingsHTTP"},"tcp":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2UpstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for outbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"maxConnections":{"description":"Maximum number of HTTP1 /TCP connections to the service.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":1},"connectTimeout":{"description":"TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Default is 10s.","type":"string","x-order":2}}},"v2UpstreamResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - CUSTOM: When selected, the outlier detection settings must be specified \\nin the resilience.outlierDetection field.\\nIf that field is set but the mode is not CUSTOM, those settings will be ignored.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH","CUSTOM"]},"v2UpstreamTrafficSettings":{"description":"Traffic settings for the clients that are downstreams to the defined\\nupstream hosts.","type":"object","properties":{"hosts":{"description":"List of hosts for which the settings will be created. Can contain wildcard hosts.\\nThe host should be a service from the service registry or a host declared by ServiceEntries.","type":"array","items":{"type":"string"},"x-order":0},"settings":{"$ref":"#/components/schemas/v2UpstreamTrafficSettingsSettings"}}},"v2UpstreamTrafficSettingsSettings":{"description":"Traffic settings to be applied to the clients of the upstream hosts.","type":"object","properties":{"resilience":{"$ref":"#/components/schemas/v2UpstreamResilienceSettings"},"loadBalancer":{"$ref":"#/components/schemas/v2LoadBalancerSettings"},"authentication":{"$ref":"#/components/schemas/tsbtrafficv2AuthenticationSettings"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/extensionv2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v3BuildVersion":{"description":"BuildVersion combines SemVer version of extension with free-form build information\\n(i.e. \'alpha\', \'private-build\') as a set of strings.","type":"object","properties":{"version":{"$ref":"#/components/schemas/v3SemanticVersion"},"metadata":{"type":"object","title":"Free-form build information.\\nEnvoy defines several well known keys in the source/common/version/version.h file","x-order":1}}},"v3ContextParams":{"description":"`xds.resource.listening_address`: The value is \\"IP:port\\" (e.g. \\"10.1.1.3:8080\\") which is\\n  the listening address of a Listener. Used in a Listener resource query.","type":"object","title":"Additional parameters that can be used to select resource variants. These include any\\nglobal context parameters, per-resource type client feature capabilities and per-resource\\ntype functional attributes. All per-resource type attributes will be `xds.resource.`\\nprefixed and some of these are documented below:","properties":{"params":{"type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v3ControlPlane":{"description":"Identifies a specific ControlPlane instance that Envoy is connected to.","type":"object","properties":{"identifier":{"description":"An opaque control plane identifier that uniquely identifies an instance\\nof control plane. This can be used to identify which control plane instance,\\nthe Envoy is connected to.","type":"string","x-order":0}}},"v3DiscoveryRequest":{"type":"object","title":"A DiscoveryRequest requests a set of versioned resources of the same type for\\na given Envoy node on some API.\\n[#next-free-field: 8]","properties":{"versionInfo":{"description":"The version_info provided in the request messages will be the version_info\\nreceived with the most recent successfully processed response or empty on\\nthe first request. It is expected that no new request is sent after a\\nresponse is received until the Envoy instance is ready to ACK/NACK the new\\nconfiguration. ACK/NACK takes place by returning the new API config version\\nas applied or the previous API config version respectively. Each type_url\\n(see below) has an independent version associated with it.","type":"string","x-order":0},"node":{"$ref":"#/components/schemas/corev3Node"},"resourceNames":{"description":"List of resources to subscribe to, e.g. list of cluster names or a route\\nconfiguration name. If this is empty, all resources for the API are\\nreturned. LDS/CDS may have empty resource_names, which will cause all\\nresources for the Envoy instance to be returned. The LDS and CDS responses\\nwill then imply a number of resources that need to be fetched via EDS/RDS,\\nwhich will be explicitly enumerated in resource_names.","type":"array","items":{"type":"string"},"x-order":2},"resourceLocators":{"description":"[#not-implemented-hide:]\\nAlternative to ``resource_names`` field that allows specifying dynamic\\nparameters along with each resource name. Clients that populate this\\nfield must be able to handle responses from the server where resources\\nare wrapped in a Resource message.\\nNote that it is legal for a request to have some resources listed\\nin ``resource_names`` and others in ``resource_locators``.","type":"array","items":{"$ref":"#/components/schemas/v3ResourceLocator"},"x-order":3},"typeUrl":{"description":"Type of the resource that is being requested, e.g.\\n\\"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\\". This is implicit\\nin requests made via singleton xDS APIs such as CDS, LDS, etc. but is\\nrequired for ADS.","type":"string","x-order":4},"responseNonce":{"description":"nonce corresponding to DiscoveryResponse being ACK/NACKed. See above\\ndiscussion on version_info and the DiscoveryResponse nonce comment. This\\nmay be empty only if 1) this is a non-persistent-stream xDS such as HTTP,\\nor 2) the client has not yet accepted an update in this xDS stream (unlike\\ndelta, where it is populated only for new explicit ACKs).","type":"string","x-order":5},"errorDetail":{"$ref":"#/components/schemas/googlerpcStatus"}}},"v3DiscoveryResponse":{"type":"object","title":"[#next-free-field: 7]","properties":{"versionInfo":{"description":"The version of the response data.","type":"string","x-order":0},"resources":{"description":"The response resources. These resources are typed and depend on the API being called.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":1},"canary":{"description":"* --terminate-on-canary-transition-failure. When set, Envoy is able to\\n  terminate if it detects that configuration is stuck at canary. Consider\\n  this example sequence of updates:\\n  - Management server applies a canary config successfully.\\n  - Management server rolls back to a production config.\\n  - Envoy rejects the new production config.\\n  Since there is no sensible way to continue receiving configuration\\n  updates, Envoy will then terminate and apply production config from a\\n  clean slate.\\n* --dry-run-canary. When set, a canary response will never be applied, only\\n  validated via a dry run.","type":"boolean","title":"[#not-implemented-hide:]\\nCanary is used to support two Envoy command line flags:","x-order":2},"typeUrl":{"description":"Type URL for resources. Identifies the xDS API when muxing over ADS.\\nMust be consistent with the type_url in the \'resources\' repeated Any (if non-empty).","type":"string","x-order":3},"nonce":{"description":"For gRPC based subscriptions, the nonce provides a way to explicitly ack a\\nspecific DiscoveryResponse in a following DiscoveryRequest. Additional\\nmessages may have been sent by Envoy to the management server for the\\nprevious version on the stream prior to this DiscoveryResponse, that were\\nunprocessed at response send time. The nonce allows the management server\\nto ignore any further DiscoveryRequests for the previous version until a\\nDiscoveryRequest bearing the nonce. The nonce is optional and is not\\nrequired for non-stream based xDS implementations.","type":"string","x-order":4},"controlPlane":{"$ref":"#/components/schemas/v3ControlPlane"}}},"v3EnvoyInternalAddress":{"type":"object","title":"The address represents an envoy internal listener.\\n[#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]","properties":{"serverListenerName":{"description":"Specifies the :ref:`name &lt;envoy_v3_api_field_config.listener.v3.Listener.name&gt;` of the\\ninternal listener.","type":"string","x-order":0},"endpointId":{"description":"Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a\\nsingle upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for\\nexample, may be set to the final destination IP for the target internal listener.","type":"string","x-order":1}}},"v3Extension":{"type":"object","title":"Version and identification for an Envoy extension.\\n[#next-free-field: 7]","properties":{"name":{"description":"This is the name of the Envoy filter as specified in the Envoy\\nconfiguration, e.g. envoy.filters.http.router, com.acme.widget.","type":"string","x-order":0},"category":{"type":"string","title":"Category of the extension.\\nExtension category names use reverse DNS notation. For instance \\"envoy.filters.listener\\"\\nfor Envoy\'s built-in listener filters or \\"com.acme.filters.http\\" for HTTP filters from\\nacme.com vendor.\\n[#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]","x-order":1},"typeDescriptor":{"type":"string","title":"[#not-implemented-hide:] Type descriptor of extension configuration proto.\\n[#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]\\n[#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]","x-order":2},"version":{"$ref":"#/components/schemas/v3BuildVersion"},"disabled":{"description":"Indicates that the extension is present but was disabled via dynamic configuration.","type":"boolean","x-order":4},"typeUrls":{"description":"Type URLs of extension configuration protos.","type":"array","items":{"type":"string"},"x-order":5}}},"v3Pipe":{"type":"object","properties":{"path":{"description":"Unix Domain Socket path. On Linux, paths starting with \'@\' will use the\\nabstract namespace. The starting \'@\' is replaced by a null byte by Envoy.\\nPaths starting with \'@\' will result in an error in environments other than\\nLinux.","type":"string","x-order":0},"mode":{"description":"The mode for the Pipe. Not applicable for abstract sockets.","type":"integer","format":"int64","x-order":1}}},"v3ResourceLocator":{"description":"Specifies a resource to be subscribed to.","type":"object","properties":{"name":{"description":"The resource name to subscribe to.","type":"string","x-order":0},"dynamicParameters":{"description":"A set of dynamic parameters used to match against the dynamic parameter\\nconstraints on the resource. This allows clients to select between\\nmultiple variants of the same resource.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v3SemanticVersion":{"description":"Envoy uses SemVer (https://semver.org/). Major/minor versions indicate\\nexpected behaviors and APIs, the patch version field is used only\\nfor security fixes and can be generally ignored.","type":"object","properties":{"majorNumber":{"type":"integer","format":"int64","x-order":0},"minorNumber":{"type":"integer","format":"int64","x-order":1},"patch":{"type":"integer","format":"int64","x-order":2}}},"v3SocketAddress":{"type":"object","title":"[#next-free-field: 7]","properties":{"protocol":{"$ref":"#/components/schemas/v3SocketAddressProtocol"},"address":{"description":"The address for this socket. :ref:`Listeners &lt;config_listeners&gt;` will bind\\nto the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``\\nto bind to any address. [#comment:TODO(zuercher) reinstate when implemented:\\nIt is possible to distinguish a Listener address via the prefix/suffix matching\\nin :ref:`FilterChainMatch &lt;envoy_v3_api_msg_config.listener.v3.FilterChainMatch&gt;`.] When used\\nwithin an upstream :ref:`BindConfig &lt;envoy_v3_api_msg_config.core.v3.BindConfig&gt;`, the address\\ncontrols the source address of outbound connections. For :ref:`clusters\\n&lt;envoy_v3_api_msg_config.cluster.v3.Cluster&gt;`, the cluster type determines whether the\\naddress must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS\\n(``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized\\nvia :ref:`resolver_name &lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;`.","type":"string","x-order":1},"portValue":{"type":"integer","format":"int64","x-order":2},"namedPort":{"description":"This is only valid if :ref:`resolver_name\\n&lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;` is specified below and the\\nnamed resolver is capable of named port resolution.","type":"string","x-order":3},"resolverName":{"description":"The name of the custom resolver. This must have been registered with Envoy. If\\nthis is empty, a context dependent default applies. If the address is a concrete\\nIP address, no resolution will occur. If address is a hostname this\\nshould be set for resolution other than DNS. Specifying a custom resolver with\\n``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime.","type":"string","x-order":4},"ipv4Compat":{"description":"When binding to an IPv6 address above, this enables `IPv4 compatibility\\n&lt;https://tools.ietf.org/html/rfc3493#page-11&gt;`_. Binding to ``::`` will\\nallow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into\\nIPv6 space as ``::FFFF:&lt;IPv4-address&gt;``.","type":"boolean","x-order":5}}},"v3SocketAddressProtocol":{"type":"string","default":"TCP","enum":["TCP","UDP"]}}}}},"1_12_x":{"url":"service-bridge/generated/openapi/1.12.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.12.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards":{"get":{"tags":["DashboardService"],"summary":"Return the list of available dashboards, alongside their descriptions.\\nDashboards are identified by their names, which can be used to download them.","operationId":"DashboardService_ListDashboards","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v1ListDashboardsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards/{name}":{"get":{"tags":["DashboardService"],"summary":"Download a Grafana dashboard in JSON format by providing the dashboard\'s name.\\nThe downloaded dashboard is intended to be uploaded to a Grafana instance. Platform\\noperators can use each dashboard to monitor specific components of the TSB platform.","operationId":"DashboardService_DownloadDashboard","parameters":[{"description":"The name of the dashboard to download.","name":"name","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/tsbv2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding":{"get":{"tags":["Clusters"],"summary":"List the cluster onboarding configurations for a given cluster.","operationId":"Clusters_ListClusterOnboardingConfigs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClusterOnboardingConfigsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Clusters"],"summary":"Create the cluster onboarding configuration for a cluster.\\nOnly one onboarding configuration can be created for a cluster. This configuration is used to\\ndefine the desired state of the namespaces of the cluster.\\nThese namespaces with state DESIRED_ONBOARDED will be added to the onboarding tenant and onboarding\\nworkspace, so they can be managed by the management plane.\\nThe onboarding tenant and workspace are created automatically if they do not exist.","operationId":"Clusters_CreateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create the cluster onboarding configuration for a cluster.","type":"object","required":["name","config"],"properties":{"config":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"name":{"description":"The short name for the cluster onboarding config to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/status":{"get":{"tags":["Clusters"],"summary":"Get the onboarding status for a cluster.","operationId":"Clusters_GetClusterOnboardingStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/{onboardin}":{"get":{"tags":["Clusters"],"summary":"Get the cluster onboarding configuration for a cluster.","operationId":"Clusters_GetClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Update the cluster onboarding configuration for a cluster.","operationId":"Clusters_UpdateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Delete the cluster onboarding configuration for a cluster.","operationId":"Clusters_DeleteClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"}},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/registryv2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/tsbapplicationv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile2","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus2","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis":{"get":{"tags":["Workspaces"],"summary":"List all API objects in the workspace.","operationId":"Workspaces_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create an API object in the workspace.","operationId":"Workspaces_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/apitsbv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis/{api}":{"get":{"tags":["Workspaces"],"summary":"Get the details of the given API object.","operationId":"Workspaces_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given API object.","operationId":"Workspaces_UpdateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given API object.","operationId":"Workspaces_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/installgateways":{"get":{"tags":["Gateways"],"summary":"List all Install Gateway objects in the gateway group.","operationId":"Gateways_ListInstallGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListInstallGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Install Gateway object in the gateway group.","operationId":"Gateways_CreateInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an InstallGateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/installgateways/{installgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Install Gateway object.","operationId":"Gateways_GetInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Install Gateway object.","operationId":"Gateways_UpdateInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"GatewaySpec defines the desired installed state of a single\\ngateway for a given namespace in Service Bridge. Specifying a minimal\\nGatewaySpec with a hub will create a default gateway with sensible\\nvalues.\\n\\n","type":"object","properties":{"concurrency":{"description":"Number of Envoy worker threads to run. By default it will be set\\nautomatically based on the gateway\'s CPU resource limits.\\n\\nSet to `-1` to use the legacy behavior of all cores on the machine.","type":"integer","format":"int32"},"connectionDrainDuration":{"description":"The amount of time the gateway will wait on shutdown for connections to\\ncomplete before terminating the gateway. During this drain period, no new\\nconnections can be created but existing ones are allowed complete.","type":"string"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"type":"string","title":"Specifies the istio revision to reconcile with.\\nIf specified, TSB control plane operator will reconcile this gateway only\\nif operator\'s revision matches with it. TSB data plane operator, which\\nwould be running only when TSB control plane operator is not configured a\\nrevision, will ignore revision field and will reconcile gateway as usual.\\nInternally, this revision will guide to pick matching istio control plane\\nfor the gateway deployment\\nhttps://istio.io/latest/docs/setup/upgrade/canary/"},"targetCluster":{"description":"Cluster where the gateway will be deployed.","type":"string"},"targetNamespace":{"description":"Namespace where the gateway will be deployed.","type":"string"},"type":{"$ref":"#/components/schemas/v1alpha1GatewaySpecType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Install Gateway object.","operationId":"Gateways_DeleteInstallGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Installgateway name.","name":"installgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/gatewayv2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile3","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status/search":{"get":{"tags":["Status"],"summary":"Search the status of resources related to the specified search criteria.\\nIt will descend in the hierarchy starting with the resource identified by the given FQN.\\nThis method is available for organizations, tenant or workspace resources.\\nIn the case of configuration sharing between multiple workspaces (such as common t1 and t2 scenarios),\\nit\u2019s recommended to use the tenant FQN instead of the workspace FQN.\\nThis ensures that the search is not limited to a specific workspace and considers configurations from other workspaces.","operationId":"Status_SearchStatus3","parameters":[{"description":"Fully-qualified domain name to search in the mesh that exposes a service. Example: \\"test.tetrate.io\\"","name":"fqdn","in":"query","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SearchStatusResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings":{"get":{"tags":["Traffic"],"summary":"List all service traffic settings objects that have been attached to the traffic group.","operationId":"Traffic_ListServiceTrafficSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a service traffic settings object in the traffic group.","operationId":"Traffic_CreateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Traffic Setting.","type":"object","required":["name","serviceSetting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceSetting":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings/{servicesetting}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service traffic settings object.","operationId":"Traffic_GetServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given service traffic settings object.","operationId":"Traffic_UpdateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service traffic settings from the group.","operationId":"Traffic_DeleteServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Create a local User in TSB.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Modify an existing local user.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Delete an existing user.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}/kubernetes":{"get":{"tags":["RBAC"],"summary":"Get the Kubernetes ClusterRole associated with the given TSB Role.\\nReturns the ClusterRole formatted as a JSON or YAML depending on the Accept header: application/json or application/yaml.\\nIf no Accept header is provided, the response will be in YAML format.","operationId":"RBAC_GetRoleK8sMapping","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"SidecarConfigurationService"},{"name":"SidecarInfoService"},{"name":"OnboardingAuthorizationService"},{"name":"OnboardingPlaneDiscoveryService"},{"name":"WorkloadRegistrationService"},{"name":"AgentSessionService"},{"name":"Applications"},{"name":"DashboardService"},{"name":"ProxyDiagnosticService"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Profiles"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/qv2Metadata"},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Profiles_CurrentImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"resource":{"description":"Resource fqn to analyze its attached profiles impact.","type":"string"}}}}},"required":true},"ProxyDiagnosticService_SetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request to change effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"allLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestAllLoggers"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"givenLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestGivenLoggers"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"Profiles_CurrentImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"profile":{"description":"Profile fqn to analyze the impact.","type":"string"}}}}},"required":true},"Profiles_CreateProfileBody":{"content":{"application/json":{"schema":{"description":"Request to create a profile belonging to a given resource.","type":"object","required":["name","profile"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"profile":{"$ref":"#/components/schemas/v2Profile"}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true},"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"ProxyDiagnosticService_GetClusterStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the cluster stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetConfigDumpBody":{"content":{"application/json":{"schema":{"description":"Request for a config dump from a workload (Istio Proxy).","type":"object","required":["cluster","workload"],"properties":{"all":{"$ref":"#/components/schemas/v2GetConfigDumpRequestAll"},"bootstrap":{"$ref":"#/components/schemas/GetConfigDumpRequestBootstrap"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"clusters":{"$ref":"#/components/schemas/GetConfigDumpRequestClusters"},"ecds":{"$ref":"#/components/schemas/GetConfigDumpRequestEcds"},"endpoints":{"$ref":"#/components/schemas/v2GetConfigDumpRequestEndpoints"},"listeners":{"$ref":"#/components/schemas/GetConfigDumpRequestListeners"},"routes":{"$ref":"#/components/schemas/GetConfigDumpRequestRoutes"},"secrets":{"$ref":"#/components/schemas/v2GetConfigDumpRequestSecrets"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request for effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetServerStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the server stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_StreamLogsBody":{"content":{"application/json":{"schema":{"description":"Request to stream logs of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster to execute the diagnostic task in.","type":"string"},"follow":{"description":"Follow the log stream of the pod. Defaults to false.","type":"boolean"},"previous":{"description":"Return logs of the previous terminated container instead of the logs of the current container.\\nDefaults to false.","type":"boolean"},"sinceSeconds":{"description":"A relative time in seconds before the current time from which to show logs. If this value\\nprecedes the time a pod was started, only logs since the pod start will be returned.\\nIf this value is in the future, no logs will be returned.","type":"string","format":"int64"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_ListWorkloadsBody":{"content":{"application/json":{"schema":{"description":"Request to retrieve the workload names on which the diagnostic tools can be run.\\nThe returned workloads are belonging to the resource specified by the `fqn` field \\nand are running in the cluster specified by the `cluster` field.","type":"object","required":["cluster"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"filter":{"$ref":"#/components/schemas/ListWorkloadsRequestFilter"},"pageSize":{"description":"Optional. The maximum number of Workloads to return.\\nThe service may return fewer than this value.\\nRely on the `next_page_token` response field to determine if there are more workloads\\nto be retrieved.\\nIf unspecified, at most 50 Workloads will be returned.\\nThe maximum value is 1000; values above 1000 will be coerced to 1000.","type":"integer","format":"int32"},"pageToken":{"description":"Optional. A page token, received from a previous `ListWorkloadsRequest` call.\\nProvide this to retrieve the subsequent page.\\n\\nWhen paginating, all other parameters provided to `ListWorkloadsRequest` must\\nmatch the call that provided the page token.","type":"string"}}}}},"required":true},"Profiles_ImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"description":"Request to analyze the impact of modifying the attached profiles of a resource.","type":"object","title":"Request to analyze the impact of modifying the attached profiles of a resource.","properties":{"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"}}}},"modifyProfile":{"$ref":"#/components/schemas/v2ModifyProfile"}}}}},"required":true},"Profiles_UpdateProfileBody":{"content":{"application/json":{"schema":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}}}},"required":true},"Profiles_ImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","required":["profile"],"properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"$ref":"#/components/schemas/v2ModifyAttachedProfiles"},"modifyProfile":{"description":"Request to analyze the impact of modifying an existing profile.","type":"object","title":"Request to analyze the impact of modifying an existing profile.","properties":{"profile":{"$ref":"#/components/schemas/v2Profile"}}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterOnboardingConfigNamespaceConfig":{"description":"Configuration for a namespace.","type":"object","required":["name"],"properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"}}},"ClusterStateIstioRevision":{"description":"IstioRevision represents the Istio revisions in the ControlPlane Cluster.","type":"object","properties":{"revision":{"type":"string","title":"Istio revision found in the cluster","x-order":0},"version":{"description":"Istio version found in the cluster.","type":"string","x-order":1},"distribution":{"$ref":"#/components/schemas/IstioRevisionDistribution"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ConsistentHashLBMagLev":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nIt can be used as a drop in replacement for `RingHash`. It has higher speed than RingHash with faster hash table lookups.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#maglev","required":["tableSize"],"properties":{"tableSize":{"description":"The table size for Maglev hashing. This helps in controlling the\\ndisruption when the backend hosts change.\\nIncreasing the table size reduces the amount of disruption.","type":"integer","format":"int64","x-order":0}}},"ConsistentHashLBRingHash":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nEach upstream host is mapped onto a circle (ring) by hashing its address, each request is then\\nrouted using some hash property of the request.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#ring-hash","properties":{"minimumRingSize":{"description":"The minimum number of virtual nodes to use for the hash\\nring. Defaults to 1024. Larger ring sizes result in more granular\\nload distributions. If the number of hosts in the load balancing\\npool is larger than the ring size, each host will be assigned a\\nsingle virtual node.","type":"integer","format":"int64","x-order":0}}},"DownstreamResilienceSettingsMeshTimeout":{"description":"Connection and Stream timeout settings for the mesh.\\nThese apply to the inbound connections at the Sidecars\\nand Gateways.","type":"object","properties":{"maxConnectionDuration":{"description":"This specifies the duration of time after which\\na downstream and upstream connection will be drained\\nand/or closed, starting from when it was first\\nestablished. If there are no active streams,\\nthe connection will be closed. If there are any active\\nstreams, the drain sequence will kick-in, and the connection\\nwill be force-closed after the drain period. The default\\nvalue of max connection duration is 0 or unlimited,\\nwhich means that the connections will never be closed\\ndue to aging. This setting applies to the entire HTTP connection\\nand all streams (HTTP/2 and HTTP/3) the connection carries.","type":"string","x-order":0},"maxStreamDuration":{"description":"The max stream duration is the maximum time that a stream\u2019s\\nlifetime will span.","type":"string","x-order":1},"maxDownstreamConnectionDuration":{"description":"The maximum duration of a TCP connection. The duration is defined\\nas the period since a connection was established. If not set,\\nthere is no max duration. When max_downstream_connection_duration\\nis reached the connection will be closed. This can be used\\nalongside with `max_connection_duration`.","type":"string","x-order":2},"proxyType":{"$ref":"#/components/schemas/v2ProxyType"}}},"EgressAuthorizationSettingsHostDetails":{"description":"List of external hosts details.","type":"object","required":["host"],"properties":{"host":{"$ref":"#/components/schemas/v2StringMatch"},"paths":{"description":"The request paths allowed for access, e.g., [\\"/accounts\\", \\"/info*\\", \\"/user/profile/*\\"].\\nExact and prefix-based regular matches are supported.\\nIf not set, any path is allowed.","type":"array","items":{"type":"string"},"x-order":1},"methods":{"description":"The HTTP methods allowed by this rule, e.g., [\\"GET\\", \\"HEAD\\"].\\nIf not set, any method is allowed.","type":"array","items":{"type":"string"},"x-order":2}}},"FailoverSettingsTopologyChoice":{"description":"TopologyChoice specifies the topology preference for traffic priority.\\n\\n - NONE: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - CLUSTER: Prefer traffic to stay in the cluster as much as possible.\\n - LOCALITY: Prefer traffic to stay in the region/zone/subzone as much as possible irrespective of the cluster.","type":"string","default":"NONE","enum":["NONE","CLUSTER","LOCALITY"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"GetClusterStatsRequestClusterStatsFormat":{"description":"Format of the cluster stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.","type":"string","default":"JSON","enum":["JSON","TEXT"]},"GetConfigDumpRequestBootstrap":{"description":"Dump bootstrap configuration.","type":"object"},"GetConfigDumpRequestClusters":{"description":"Dump cluster configuration.","type":"object"},"GetConfigDumpRequestEcds":{"description":"Dump typed extension configuration.","type":"object"},"GetConfigDumpRequestListeners":{"description":"Dump listener configuration.","type":"object"},"GetConfigDumpRequestRoutes":{"description":"Dump route configuration.","type":"object"},"GetServerStatsRequestServerStatsFormat":{"description":"Format of the server stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.\\n - PROMETHEUS: Prometheus format.","type":"string","default":"JSON","enum":["JSON","TEXT","PROMETHEUS"]},"GitOpsPushMode":{"description":"Push mode for GitOps component. Default: SYNC.\\n\\n - SYNC: In SYNC mode TSB K8s resources are validated and pushed to Management Plane synchronously,\\nblocking on resource creation until the resource is created successfully in the Management Plane.\\nThis is the default mode.\\n - ASYNC: In ASYNC mode TSB K8s resources are pushed to Management Plane asynchronously, without blocking on resource creation.\\nTo know if the resource was created successfully, check its K8s status.","type":"string","default":"SYNC","enum":["SYNC","ASYNC"]},"HTTPDirectResponseHTTPBody":{"description":"Specifies the content of the response body.","type":"object","properties":{"string":{"type":"string","title":"response body as a string","x-order":0},"bytes":{"description":"response body as base64 encoded bytes.","type":"string","format":"byte","x-order":1}}},"HTTPFaultInjectionAbort":{"description":"Abort specification is used to prematurely abort a request with a\\npre-specified error code.\\nThe _httpStatus_ field is used to indicate the HTTP status code to\\nreturn to the caller. The optional _percentage_ field can be used to only\\nabort a certain percentage of requests. If not specified, no request will be\\naborted.","type":"object","properties":{"percentage":{"description":"Percentage of requests to be aborted with the error code provided.\\nIf not specified, no request will be aborted.","type":"number","format":"double","x-order":0},"httpStatus":{"description":"HTTP status code to use to abort the HTTP request.","type":"integer","format":"int32","x-order":1},"grpcStatus":{"type":"string","title":"GRPC status code to use to abort the request. The supported\\ncodes are documented in https://github.com/grpc/grpc/blob/master/doc/statuscodes.md","x-order":2}}},"HTTPFaultInjectionDelay":{"description":"Delay specification is used to inject latency into the request\\nforwarding path.\\n\\nThe _fixedDelay_ field is used to indicate the amount of delay in seconds.\\nThe optional _percentage_ field can be used to only delay a certain\\npercentage of requests. If left unspecified, no request will be delayed.","type":"object","properties":{"percentage":{"description":"Percentage of requests on which the delay will be injected.\\nIf left unspecified, no request will be delayed.","type":"number","format":"double","x-order":0},"fixedDelay":{"description":"Add a fixed delay before forwarding the request. Format:\\n1h/1m/1s/1ms. MUST be &gt;=1ms.","type":"string","x-order":1}}},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"HostManagementRepository":{"description":"Configure `Tetrate Host Management Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"ImpactImpactType":{"description":"Enum representing the different types of impact a profile can have on a field.\\n\\n - UNKNOWN: The impact type is unknown or unspecified.\\n - EFFECTIVE: The profile is effective on the field, meaning the profile directly sets\\nthe field\'s value.\\n - OVERRIDE: The field\'s value is overridden by another profile or configuration, but was\\npreviously set by the profile being analyzed.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","EFFECTIVE","OVERRIDE"]},"ImpactSourceType":{"description":"The type of the impact source.\\n\\n - INVALID: The impact source is unknown or unspecified.\\n - DEFAULT: The impact source is a profile default.\\n - MANDATE: The impact source is a profile mandate.\\n - SETTINGS: The impact source is configuration setting.","type":"string","default":"INVALID","enum":["INVALID","DEFAULT","MANDATE","SETTINGS"]},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"IstioAmbient":{"type":"object","title":"Ambient-related configuration","properties":{"enable":{"type":"boolean","title":"Enable or disable Ambient mode","x-order":0},"waypoints":{"$ref":"#/components/schemas/v1alpha1WaypointsConfig"}}},"IstioRevisionDistribution":{"description":"- UNKNOWN: Unknown Istio distribution\\n - TSB: TSB istio distribution\\n - TID: TID istio distribution","type":"string","title":"Type of distribution for the Istio version","default":"UNKNOWN","enum":["UNKNOWN","TSB","TID"]},"IstioStatusIstioInjection":{"description":"Istio injection status for the namespace.\\n\\n - ISTIO_INJECTION_UNDEFINED: The TSB CP is not able to determine the Istio injection status of the namespace.\\n - ISTIO_INJECTION_ENABLED: The namespace is configured with Istio injection.\\n - ISTIO_INJECTION_DISABLED: The namespace is not configured with Istio injection.","type":"string","default":"ISTIO_INJECTION_UNDEFINED","enum":["ISTIO_INJECTION_UNDEFINED","ISTIO_INJECTION_ENABLED","ISTIO_INJECTION_DISABLED"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"ListWorkloadsRequestFilter":{"description":"Workloads filter.","type":"object","properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"serviceName":{"description":"Name of a Service.","type":"string","x-order":1}}},"LoadBalancerSettingsConsistentHashLB":{"description":"Consistent Hash-based load balancing can be used to provide soft\\nsession affinity based on HTTP headers, cookies or other\\nproperties. The affinity to a particular destination host may be\\nlost when one or more hosts are added/removed from the destination\\nservice.\\n\\nNote: consistent hashing is less reliable at maintaining affinity than common\\n\\"sticky sessions\\" implementations, which often encode a specific destination in\\na cookie, ensuring affinity is maintained as long as the backend remains.\\nWith consistent hash, the guarantees are weaker; any host addition or removal can\\nbreak affinity for `1/backends` requests.\\n\\nWarning: consistent hashing depends on each proxy having a consistent view of endpoints.\\nThis is not the case when locality load balancing is enabled. Locality load balancing\\nand consistent hash will only work together when all proxies are in the same locality,\\nor a high level load balancer handles locality affinity.","type":"object","properties":{"httpHeaderName":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"httpCookie":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLBHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.\\nThis is applicable for both TCP and HTTP connections.","type":"boolean","x-order":2},"httpQueryParameterName":{"description":"Hash based on a specific HTTP query parameter.","type":"string","x-order":3},"ringHash":{"$ref":"#/components/schemas/ConsistentHashLBRingHash"},"maglev":{"$ref":"#/components/schemas/ConsistentHashLBMagLev"}}},"LoadBalancerSettingsConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"LoadBalancerSettingsSimpleLB":{"description":"Standard load balancing algorithms that require no tuning.\\n\\n - UNSPECIFIED: No load balancing algorithm has been specified by the user.\\nAn appropriate default will be used.\\n - RANDOM: The random load balancer selects a random healthy host. The random\\nload balancer generally performs better than round robin if no health\\nchecking policy is configured.\\n - PASSTHROUGH: This option will forward the connection to the original IP address\\nrequested by the caller without doing any form of load\\nbalancing. This option must be used with care. It is meant for\\nadvanced use cases. Refer to Original Destination load balancer in\\nEnvoy for further details.\\n - ROUND_ROBIN: A basic round robin load balancing policy. This is generally unsafe\\nfor many scenarios (e.g. when enpoint weighting is used) as it can\\noverburden endpoints. In general, prefer to use LEAST_REQUEST as a\\ndrop-in replacement for ROUND_ROBIN.\\n - LEAST_REQUEST: The least request load balancer spreads load across endpoints, favoring\\nendpoints with the least outstanding requests. This is generally safer\\nand outperforms ROUND_ROBIN in nearly all cases. Prefer to use\\nLEAST_REQUEST as a drop-in replacement for ROUND_ROBIN.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","RANDOM","PASSTHROUGH","ROUND_ROBIN","LEAST_REQUEST"]},"MeshExpansionSettingsHostManagement":{"description":"EXPERIMENTAL: Settings for the `Tetrate Host Management` component.","type":"object","required":["endpoint"],"properties":{"enabled":{"description":"To install the component,  set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementEndpoint"},"plane":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementPlane"},"repository":{"$ref":"#/components/schemas/HostManagementRepository"},"agent":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagementAgent"}}},"MeshExpansionSettingsHostManagementAgent":{"description":"Settings for the `Tetrate Host Management Agent`.","type":"object","properties":{"version":{"description":"Version of the `Tetrate Host Management Agent` to use.\\n\\nDefaults to the version of the `Tetrate Host Management Agent` included into a given TSB release.","type":"string","x-order":0}}},"MeshExpansionSettingsHostManagementEndpoint":{"description":"Configuration of the endpoint exposing `Host Management API` to\\n`Host Management Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.\\n\\nThe secret can be either a TLS secret or a generic one.\\nKeys `tls.crt` and `tls.key` are mandatory.\\nAdditionally, the secret may also have a `ca.crt` key to provide\\nthe certificate of a custom CA that issued given TLS cert.","type":"string","x-order":1},"hasNoDnsRecord":{"description":"To configure `Agents` to connect to the `Host Management Endpoint`\\nusing an address of the k8s Service rather than host name, set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":2}}},"MeshExpansionSettingsHostManagementPlane":{"description":"Configure `Tetrate Host Management Plane` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\n\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"MeshExpansionSettingsOnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer"}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"MeshExpansionSettingsServiceObservability":{"description":"EXPERIMENTAL: Settings for the `Tetrate Service Observability` component.","type":"object","properties":{"enabled":{"description":"To install the component,  set the value to `true`.\\n\\nDefaults to `false`.","type":"boolean","x-order":0},"agent":{"$ref":"#/components/schemas/MeshExpansionSettingsServiceObservabilityAgent"},"serviceDiscovery":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscovery"},"domains":{"description":"List of domains to consider when discovering services.\\nServices outside of domains specified here will NOT be added to the registry of services known to TSB\\nand will NOT appear on TSB UI.\\n\\nEmpty list means that discovered services may belong to any domain.\\n\\nDefaults to an empty list.","type":"array","items":{"type":"string"},"x-order":3}}},"MeshExpansionSettingsServiceObservabilityAgent":{"description":"Settings for the `SPM Agent`.","type":"object","properties":{"version":{"description":"Version of the `SPM Agent` to use.\\n\\nDefaults to the version of the `SPM Agent` included into a given TSB release.","type":"string","x-order":0}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OpenAPIValidation":{"description":"Validation options for the OpenAPI document.","type":"object","properties":{"enabled":{"description":"If set to true, the OpenAPI document is enabled for validation.\\nDefaults to false.","type":"boolean","x-order":0},"pathPrefix":{"description":"Prefix to add to the paths in the OpenAPI doc before matching against incoming requests.","type":"string","x-order":1}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1},"scopedAt":{"description":"The list of parent types where the defined kinds will be scoped under.\\nIf omitted, no scope limitation is applied.","type":"array","items":{"$ref":"#/components/schemas/v2RoleScopeType"},"x-order":2}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/ServiceMetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServiceMetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"ServiceObservabilityServiceDiscovery":{"description":"Configure `Tetrate Service Discovery` component.","type":"object","properties":{"plane":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscoveryPlane"},"agent":{"$ref":"#/components/schemas/ServiceObservabilityServiceDiscoveryAgent"}}},"ServiceObservabilityServiceDiscoveryAgent":{"description":"Settings for the `Tetrate Service Discovery Agent`.","type":"object","properties":{"version":{"description":"Version of the `Tetrate Service Discovery Agent` to use.\\n\\nDefaults to the version of the `Tetrate Service Discovery Agent` included into a given TSB release.","type":"string","x-order":0}}},"ServiceObservabilityServiceDiscoveryPlane":{"description":"Configure `Tetrate Service Discovery Plane` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\n\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/ServiceRouteStickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteStickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SetLoggerLevelsRequestAllLoggers":{"description":"Desired level for all loggers.","type":"object","required":["level"],"properties":{"level":{"description":"Desired level for all loggers.","type":"string","x-order":0}}},"SetLoggerLevelsRequestGivenLoggers":{"description":"Desired levels for given loggers.\\nAvailable log levels are: trace, debug, info, warning/warn, error, critical, off.\\nExamples: {\\"config\\": \\"trace\\", \\"grpc\\": \\"debug\\", \\"http\\": \\"debug\\", \\"http2\\": \\"debug\\"}\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#post--logging\\nfor more details about loggers\' naming.","type":"object","required":["loggerLevels"],"properties":{"loggerLevels":{"description":"Desired levels for given loggers.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"UpstreamResilienceSettingsConnectionPoolSettingsHTTP":{"description":"HTTP Settings for outbound requests.","type":"object","properties":{"requestTimeout":{"description":"Timeout for HTTP requests. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Disabled if not set.","type":"string","x-order":0},"retries":{"$ref":"#/components/schemas/v2HTTPRetry"},"maxRequests":{"description":"Maximum number of active requests to the service.\\nApplicable to both HTTP/1.1 and HTTP2.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":2},"maxRequestsPerConnection":{"description":"Maximum number of requests per connection to the service.\\nIf set to 1, it disables keep alive. Default 0, meaning \\"unlimited\\", up to 2^29.","type":"integer","format":"int64","x-order":3}}},"UpstreamResilienceSettingsOutlierDetection":{"description":"Outlier detection settings for the upstream host.","type":"object","properties":{"consecutiveGatewayFailure":{"description":"The number of consecutive gateway failures (502, 503, 504 status codes)\\nbefore a consecutive gateway failure ejection occurs. Defaults to circuitBreakerSensitivity\\nof MEDIUM(5) in TSB.","type":"integer","format":"int64","x-order":0},"enforcingConsecutiveGatewayFailure":{"description":"The percentage of a host to be ejected when an outlier status\\nis detected through consecutive gateway failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100 in TSB.","type":"integer","format":"int64","x-order":1},"consecutive5xx":{"description":"The number of consecutive server-side error responses (for HTTP traffic,\\n5xx responses; for TCP traffic, connection failures; for Redis, failure to\\nrespond PONG; etc.) before a consecutive 5xx ejection occurs. Defaults to 5.","type":"integer","format":"int64","x-order":2},"enforcingConsecutive5xx":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive 5xx. This setting can be used to disable\\nejection or to ramp it up slowly. Defaults to 0 in TSB.","type":"integer","format":"int64","x-order":3},"splitExternalLocalOriginErrors":{"description":"Determines whether to distinguish local origin failures from external errors.\\nLocal Origin Failures are errors that occur within the Envoy process itself, \\nbefore the request is actually sent to the upstream host.\\nexample of these are connection timeout, TCP reset etc.\\nExternal errors are errors that occur after the request is sent to the upstream host.\\nexample of these are 5xx errors, connection refused etc.\\nIf set to true, consecutiveLocalOriginFailure and enforcingConsecutiveLocalOriginFailure will be taken into account.\\nDefaults to false.\\n\\nThe number of consecutive locally originated failures before ejection\\n occurs. Defaults to 5. Parameter takes effect only when splitExternalLocalOriginErrors\\n is set to true.","type":"boolean","x-order":4},"consecutiveLocalOriginFailure":{"type":"integer","format":"int64","x-order":5},"enforcingConsecutiveLocalOriginFailure":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive locally originated failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100.\\nParameter takes effect only when splitExternalLocalOriginErrors is set to true.","type":"integer","format":"int64","x-order":6},"interval":{"description":"The time interval between ejection analysis sweeps. This can result in\\nboth new ejections as well as hosts being returned to service. Defaults\\nto 10000ms or 10s.","type":"string","x-order":7},"baseEjectionTime":{"description":"The base time that a host is ejected for. The real time is equal to the\\nbase time multiplied by the number of times the host has been ejected.\\nDefaults to 30000ms or 30s.","type":"string","x-order":8}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WaypointsConfigCommonWaypointConfig":{"description":"Common waypoint configuration shared at the cluster or namespace level.","type":"object","properties":{"enable":{"description":"Enable or disable default waypoint deployment (default is true)\\nThis configuration can be made at both the cluster level and also at namespace level.\\nCluster level configs will be applied in all the onboarded application namespaces which are\\nin the ambient mode and do not have namespace level configs.\\nExample, if user wants waypoint to be deployed in selected few namespaces, then user can disable\\nthe cluster level config and enable the namespace level config for those namespaces.\\nIf both cluster level and namespace level configs are enabled, then namespace level configs will take precedence.\\nIf both cluster level and namespace level configs are disabled, then waypoint will not be deployed in any of the namespaces.\\nIf cluster level config is enabled and namespace level config is not configured, then waypoint will be deployed in all\\nthe onboarded application namespaces which are in the ambient mode.","type":"boolean","x-order":0},"labels":{"type":"object","title":"Labels to apply to the waypoint","additionalProperties":{"type":"string"},"x-order":1},"annotations":{"type":"object","title":"Annotations to apply to the waypoint","additionalProperties":{"type":"string"},"x-order":2},"tolerations":{"type":"object","title":"Tolerations for the waypoint pod","additionalProperties":{"type":"string"},"x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"}}},"WaypointsConfigNamespaceLevelCommonConfig":{"description":"Namespace-level waypoint configuration, including a namespace selector and specific\\nwaypoint settings for that namespace.","type":"object","properties":{"name":{"type":"string","title":"Namespace name","x-order":0},"selector":{"$ref":"#/components/schemas/WaypointsConfigNamespaceLevelCommonConfigNamespaceSelector"},"config":{"$ref":"#/components/schemas/WaypointsConfigCommonWaypointConfig"}}},"WaypointsConfigNamespaceLevelCommonConfigNamespaceSelector":{"type":"object","properties":{"labels":{"type":"object","title":"Key-value pairs for selecting namespaces","additionalProperties":{"type":"string"},"x-order":0}}},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"apiHttpBody":{"description":"Message that represents an arbitrary HTTP body. It should only be used for\\npayload formats that can\'t be represented as JSON, such as raw binary or\\nan HTML page.\\n\\n\\nThis message can be used both in streaming and non-streaming API methods in\\nthe request as well as the response.\\n\\nIt can be used as a top-level request field, which is convenient if one\\nwants to extract parameters from either the URL or HTTP template into the\\nrequest fields and also want access to the raw HTTP body.\\n\\nExample:\\n\\n    message GetResourceRequest {\\n      // A unique request id.\\n      string request_id = 1;\\n\\n      // The raw HTTP body is bound to this field.\\n      google.api.HttpBody http_body = 2;\\n\\n    }\\n\\n    service ResourceService {\\n      rpc GetResource(GetResourceRequest)\\n        returns (google.api.HttpBody);\\n      rpc UpdateResource(google.api.HttpBody)\\n        returns (google.protobuf.Empty);\\n\\n    }\\n\\nExample with streaming methods:\\n\\n    service CaldavService {\\n      rpc GetCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n      rpc UpdateCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n\\n    }\\n\\nUse of this type only changes how the request and response bodies are\\nhandled, all other features will continue to work unchanged.","type":"object","properties":{"contentType":{"description":"The HTTP Content-Type header value specifying the content type of the body.","type":"string","x-order":0},"data":{"description":"The HTTP request/response body as raw binary.","type":"string","format":"byte","x-order":1},"extensions":{"description":"Application specific response metadata. Must be set in the first response\\nfor streaming APIs.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"apitsbv2API":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4}}},"apitsbv2ListAPIsResponse":{"description":"List of all API objects in the workspace.","type":"object","properties":{"apis":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2API"},"x-order":0}}},"apitsbv2ResourceStatus":{"description":"`ResourceStatus` provides the current status of any TSB resource.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"User friendly message adding details of the status.","type":"string","x-order":1},"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"aggregatedStatus":{"$ref":"#/components/schemas/v2AggregatedStatus"}}},"apitsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/apitsbv2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17},"state":{"$ref":"#/components/schemas/v2ServiceState"}}},"apitsbv2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Periodical interval at which the objects will be reconciled after they are successfully synchronized (created,\\nupdated, deleted) with the Management Plane.\\nThis parameter does not affect retry on unsuccessful operation which are retried with exponential backoff strategy\\n(staring with 3s and max delay 120s).\\nFormat: 1h/1m/1s/1ms. A value of 0 disables per-object reconciliation and uses the operator\'s global interval of 10h.\\nDefault: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5},"pushMode":{"$ref":"#/components/schemas/GitOpsPushMode"}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate.\\nTSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"},"tsbManaged":{"$ref":"#/components/schemas/commonTSBManaged"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonTSBManaged":{"description":"TSBManaged represents the self-signed TSB managed internal certificate provider.","type":"object"},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"commonv1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"controlplanev1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be\\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"controlplanev1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"corev3Address":{"description":"Addresses specify either a logical or physical address and port, which are\\nused to tell Envoy where to bind/listen, connect to upstream and find\\nmanagement servers.","type":"object","properties":{"socketAddress":{"$ref":"#/components/schemas/v3SocketAddress"},"pipe":{"$ref":"#/components/schemas/v3Pipe"},"envoyInternalAddress":{"$ref":"#/components/schemas/v3EnvoyInternalAddress"}}},"corev3Locality":{"description":"Identifies location of where either Envoy runs or where upstream hosts run.","type":"object","properties":{"region":{"description":"Region this :ref:`zone &lt;envoy_v3_api_field_config.core.v3.Locality.zone&gt;` belongs to.","type":"string","x-order":0},"zone":{"description":"Defines the local service zone where Envoy is running. Though optional, it\\nshould be set if discovery service routing is used and the discovery\\nservice exposes :ref:`zone data &lt;envoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality&gt;`,\\neither in this message or via :option:`--service-zone`. The meaning of zone\\nis context dependent, e.g. `Availability Zone (AZ)\\n&lt;https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html&gt;`_\\non AWS, `Zone &lt;https://cloud.google.com/compute/docs/regions-zones/&gt;`_ on\\nGCP, etc.","type":"string","x-order":1},"subZone":{"description":"When used for locality of upstream hosts, this field further splits zone\\ninto smaller chunks of sub-zones so they can be load balanced\\nindependently.","type":"string","x-order":2}}},"corev3Node":{"type":"object","title":"Identifies a specific Envoy instance. The node identifier is presented to the\\nmanagement server, which may use this identifier to distinguish per Envoy\\nconfiguration for serving.\\n[#next-free-field: 13]","properties":{"id":{"description":"An opaque node identifier for the Envoy node. This also provides the local\\nservice node name. It should be set if any of the following features are\\nused: :ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`CDS\\n&lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-node`.","type":"string","x-order":0},"cluster":{"description":"Defines the local service cluster name where Envoy is running. Though\\noptional, it should be set if any of the following features are used:\\n:ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`health check cluster\\nverification\\n&lt;envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher&gt;`,\\n:ref:`runtime override directory &lt;envoy_v3_api_msg_config.bootstrap.v3.Runtime&gt;`,\\n:ref:`user agent addition\\n&lt;envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent&gt;`,\\n:ref:`HTTP global rate limiting &lt;config_http_filters_rate_limit&gt;`,\\n:ref:`CDS &lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-cluster`.","type":"string","x-order":1},"metadata":{"description":"Opaque metadata extending the node identifier. Envoy will pass this\\ndirectly to the management server.","type":"object","x-order":2},"dynamicParameters":{"description":"Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike\\nother fields in this message). For example, the xDS client may have a shard identifier that\\nchanges during the lifetime of the xDS client. In Envoy, this would be achieved by updating the\\ndynamic context on the Server::Instance\'s LocalInfo context provider. The shard ID dynamic\\nparameter then appears in this field during future discovery requests.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v3ContextParams"},"x-order":3},"locality":{"$ref":"#/components/schemas/corev3Locality"},"userAgentName":{"type":"string","title":"Free-form string that identifies the entity requesting config.\\nE.g. \\"envoy\\" or \\"grpc\\"","x-order":5},"userAgentVersion":{"type":"string","title":"Free-form string that identifies the version of the entity requesting config.\\nE.g. \\"1.12.2\\" or \\"abcd1234\\", or \\"SpecialEnvoyBuild\\"","x-order":6},"userAgentBuildVersion":{"$ref":"#/components/schemas/v3BuildVersion"},"extensions":{"description":"List of extensions and their versions supported by the node.","type":"array","items":{"$ref":"#/components/schemas/v3Extension"},"x-order":8},"clientFeatures":{"description":"Client feature support list. These are well known features described\\nin the Envoy API repository for a given major version of an API. Client features\\nuse reverse DNS naming scheme, for example ``com.acme.feature``.\\nSee :ref:`the list of features &lt;client_features&gt;` that xDS client may\\nsupport.","type":"array","items":{"type":"string"},"x-order":9},"listeningAddresses":{"description":"Known listening ports on the node as a generic hint to the management server\\nfor filtering :ref:`listeners &lt;config_listeners&gt;` to be returned. For example,\\nif there is a listener bound to port 80, the list can optionally contain the\\nSocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint.","type":"array","items":{"$ref":"#/components/schemas/corev3Address"},"x-order":10}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"},"x-order":10},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\npopulating the port will result in an error, as the server is considered only for egress.\\nTSB will automatically configure the mTLS port (15443) on the gateway to receive the mesh traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":8},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"openapi":{"$ref":"#/components/schemas/v2OpenAPI"},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"}}},"gatewayv2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":5},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"gatewayv2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"googlerpcStatus":{"description":"The `Status` type defines a logical error model that is suitable for\\ndifferent programming environments, including REST APIs and RPC APIs. It is\\nused by [gRPC](https://github.com/grpc). Each `Status` message contains\\nthree pieces of data: error code, error message, and error details.\\n\\nYou can find out more about this error model and how to work with it in the\\n[API Design Guide](https://cloud.google.com/apis/design/errors).","type":"object","properties":{"code":{"description":"The status code, which should be an enum value of\\n[google.rpc.Code][google.rpc.Code].","type":"integer","format":"int32","x-order":0},"message":{"description":"A developer-facing error message, which should be in English. Any\\nuser-facing error message should be localized and sent in the\\n[google.rpc.Status.details][google.rpc.Status.details] field, or localized\\nby the client.","type":"string","x-order":1},"details":{"description":"A list of messages that carry the error details.  There is a common set of\\nmessage types for APIs to use.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installcontrolplanev1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installcontrolplanev1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"installcontrolplanev1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4},"indexPrefix":{"description":"The prefix of the ElasticSearch indices and templates.\\nDefaults to `skywalking`.","type":"string","x-order":5}}},"installcontrolplanev1alpha1ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"installcontrolplanev1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"installcontrolplanev1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"installcontrolplanev1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"installcontrolplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"installcontrolplanev1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"installcontrolplanev1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/installcontrolplanev1alpha1LatticeSettings"}}},"installcontrolplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7},"remoteDiagnostic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCPRemoteDiagnosticSettings"}}},"installcontrolplanev1alpha1XCPRemoteDiagnosticSettings":{"description":"Remote Diagnostic settings on the Control Plane side.","type":"object","properties":{"enabled":{"description":"Enable Remote Diagnostic on the Control Plane side.\\n\\nOnce Remote Diagnostic is enabled on the Control Plane side, it will become possible to\\nlaunch from the TSB UI a range of predefined diagnostic tasks for execution in the context\\nof that cluster.\\n\\nIn particular, it will be possible to take config dumps, view low-level metrics,\\nview and change log levels and stream logs from any Istio Gateway and Istio Sidecar\\ndeployed to that cluster.\\n\\nNotice that Remote Diagnostic has to be enabled on both sides, i.e. the Control Plane side\\nand the Management Plane side, which is the default configuration.\\n\\nDefaults to `true`.","type":"boolean","x-order":0}}},"installdataplanev1alpha1GatewaySpec":{"description":"GatewaySpec defines the desired installed state of a single\\ngateway for a given namespace in Service Bridge. Specifying a minimal\\nGatewaySpec with a hub will create a default gateway with sensible\\nvalues.\\n\\n","type":"object","properties":{"connectionDrainDuration":{"description":"The amount of time the gateway will wait on shutdown for connections to\\ncomplete before terminating the gateway. During this drain period, no new\\nconnections can be created but existing ones are allowed complete.","type":"string","x-order":0},"revision":{"type":"string","title":"Specifies the istio revision to reconcile with.\\nIf specified, TSB control plane operator will reconcile this gateway only\\nif operator\'s revision matches with it. TSB data plane operator, which\\nwould be running only when TSB control plane operator is not configured a\\nrevision, will ignore revision field and will reconcile gateway as usual.\\nInternally, this revision will guide to pick matching istio control plane\\nfor the gateway deployment\\nhttps://istio.io/latest/docs/setup/upgrade/canary/","x-order":1},"type":{"$ref":"#/components/schemas/v1alpha1GatewaySpecType"},"concurrency":{"description":"Number of Envoy worker threads to run. By default it will be set\\nautomatically based on the gateway\'s CPU resource limits.\\n\\nSet to `-1` to use the legacy behavior of all cores on the machine.","type":"integer","format":"int32","x-order":3},"targetNamespace":{"description":"Namespace where the gateway will be deployed.","type":"string","x-order":4},"targetCluster":{"description":"Cluster where the gateway will be deployed.","type":"string","x-order":5},"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":6,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":7},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":8},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":9},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key-value map stored with the Deployment\'s Pod template.\\nThese annotations will be added to the Pod template within the Deployment.\\nFor more details: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"},"labels":{"type":"object","title":"Labels are an unstructured key-value map stored with the Deployment.\\nFor Gateway deployments, these labels are propagated to the Pod, Service, etc.\\nFor more details: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/","additionalProperties":{"type":"string"},"x-order":10}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports configuring the operator and istiod deployments separately and CNI\\nconfiguration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"operatorDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"istiodDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":6}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"description":"`Any` contains an arbitrary serialized protocol buffer message along with a\\nURL that describes the type of the serialized message.\\n\\nProtobuf library provides support to pack/unpack Any values in the form\\nof utility functions or additional generated methods of the Any type.\\n\\nExample 1: Pack and unpack a message in C++.\\n\\n    Foo foo = ...;\\n    Any any;\\n    any.PackFrom(foo);\\n    ...\\n    if (any.UnpackTo(&amp;foo)) {\\n      ...\\n    }\\n\\nExample 2: Pack and unpack a message in Java.\\n\\n    Foo foo = ...;\\n    Any any = Any.pack(foo);\\n    ...\\n    if (any.is(Foo.class)) {\\n      foo = any.unpack(Foo.class);\\n    }\\n    // or ...\\n    if (any.isSameTypeAs(Foo.getDefaultInstance())) {\\n      foo = any.unpack(Foo.getDefaultInstance());\\n    }\\n\\n Example 3: Pack and unpack a message in Python.\\n\\n    foo = Foo(...)\\n    any = Any()\\n    any.Pack(foo)\\n    ...\\n    if any.Is(Foo.DESCRIPTOR):\\n      any.Unpack(foo)\\n      ...\\n\\n Example 4: Pack and unpack a message in Go\\n\\n     foo := &amp;pb.Foo{...}\\n     any, err := anypb.New(foo)\\n     if err != nil {\\n       ...\\n     }\\n     ...\\n     foo := &amp;pb.Foo{}\\n     if err := any.UnmarshalTo(foo); err != nil {\\n       ...\\n     }\\n\\nThe pack methods provided by protobuf library will by default use\\n\'type.googleapis.com/full.type.name\' as the type URL and the unpack\\nmethods only use the fully qualified type name after the last \'/\'\\nin the type URL, for example \\"foo.bar.com/x/y.z\\" will yield type\\nname \\"y.z\\".\\n\\nJSON\\n====\\nThe JSON representation of an `Any` value uses the regular\\nrepresentation of the deserialized, embedded message, with an\\nadditional field `@type` which contains the type URL. Example:\\n\\n    package google.profile;\\n    message Person {\\n      string first_name = 1;\\n      string last_name = 2;\\n    }\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.profile.Person\\",\\n      \\"firstName\\": &lt;string&gt;,\\n      \\"lastName\\": &lt;string&gt;\\n    }\\n\\nIf the embedded message type is well-known and has a custom JSON\\nrepresentation, that representation will be embedded adding a field\\n`value` which holds the custom JSON in addition to the `@type`\\nfield. Example (for message [google.protobuf.Duration][]):\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.protobuf.Duration\\",\\n      \\"value\\": \\"1.212s\\"\\n    }","type":"object","properties":{"@type":{"description":"A URL/resource name that uniquely identifies the type of the serialized\\nprotocol buffer message. This string must contain at least\\none \\"/\\" character. The last segment of the URL\'s path must represent\\nthe fully qualified name of the type (as in\\n`path/google.protobuf.Duration`). The name should be in a canonical form\\n(e.g., leading \\".\\" is not accepted).\\n\\nIn practice, teams usually precompile into the binary all types that they\\nexpect it to use in the context of Any. However, for URLs which use the\\nscheme `http`, `https`, or no scheme, one can optionally set up a type\\nserver that maps type URLs to message definitions as follows:\\n\\n* If no scheme is provided, `https` is assumed.\\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\\n  value in binary format, or produce an error.\\n* Applications are allowed to cache lookup results based on the\\n  URL, or have them precompiled into a binary to avoid any\\n  lookup. Therefore, binary compatibility needs to be preserved\\n  on changes to types. (Use versioned type names to manage\\n  breaking changes.)\\n\\nNote: this functionality is not currently available in the official\\nprotobuf release, and it is not used for type URLs beginning with\\ntype.googleapis.com. As of May 2023, there are no widely used type server\\nimplementations and no plans to implement one.\\n\\nSchemes other than `http`, `https` (or the empty scheme) might be\\nused with implementation specific semantics.","type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\nThe JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"qv2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"rbacv2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/tsbrbacv2Subject"},"x-order":1}}},"registrationv1alpha1Address":{"description":"Address specifies network address.","type":"object","required":["ip","type"],"properties":{"ip":{"description":"IP address.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"registryv2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"registryv2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"registryv2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"securityv2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"telemetryv2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"telemetryv2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"tsbapplicationv2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":9,"readOnly":true}}},"tsbapplicationv2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/tsbapplicationv2API"},"x-order":0}}},"tsbapplicationv2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6},"fromCookies":{"description":"fromCookies:\\n - auth-token\\n\\nThen JWT will be extracted from auth-token cookie in the request.\\n\\nNote: Requests with multiple tokens (at different locations) are not supported.\\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"List of cookie names from which JWT is expected.\\nFor example, if config is:","items":{"type":"string"},"x-order":7}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbdiagnosticv2Workload":{"description":"Name and namespace of a workload.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace of a workload.","type":"string","x-order":0},"name":{"description":"Name of a workload.","type":"string","x-order":1}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"`serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid Kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid Kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"resources":{"description":"`resources` specify the allowed set of resources using TSB FQNs.\\n\\n- `organizations/myorg/tenants/mycompany-a/workspaces/w2` - allow access from workspace w2.\\n- `organizations/myorg/tenants/mycompany/workspaces/w1/securitygroups/s1` - allow access from security group s1.","type":"array","items":{"type":"string"},"x-order":2}}},"tsbgatewayv2AuthorizationSettingsMode":{"description":"A shortcut for defining the common authorization patterns.\\n\\n - UNSET: Represents an unset or default mode.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - SERVICE_ACCOUNT: The workload allows traffic from service accounts defined explicitly.","type":"string","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","SERVICE_ACCOUNT"]},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbrbacv2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"tsbregistryv2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/registryv2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/registryv2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"description":"The canonical name of the service defined by user.","type":"string","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"},"x-order":16}}},"tsbsecurityv2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/tsbauthv2Authentication"}}},"tsbsecurityv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"tsbsecurityv2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2AuthenticationSettings":{"description":"Configuration for connection authentication parameters.\\nThis allows the enforcement of mutual TLS connections to upstream services\\nthat do not have a sidecar.\\nThis ensures that gateways or mesh workloads do not communicate in plain text with services outside the mesh.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2AuthenticationSettingsAuthenticationMode"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"tsbv2IstioStatus":{"description":"IstioStatus provides information about the Istio injection status of the namespace.","type":"object","properties":{"istioInjection":{"$ref":"#/components/schemas/IstioStatusIstioInjection"},"istioRevision":{"description":"Istio revision of the namespace.","type":"string","x-order":1}}},"tsbv2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2Service"},"x-order":1},"istio":{"$ref":"#/components/schemas/tsbv2IstioStatus"}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesregistrationv1alpha1Settings":{"description":"Settings specifies registration settings.","type":"object","properties":{"connectedOver":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"typessidecarv1alpha1EnvVar":{"description":"EnvVar specifies a single environment variable.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the environment variable.","type":"string","x-order":0},"value":{"description":"Value of the environment variable.","type":"string","x-order":1},"valueEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1Dashboard":{"description":"Message containing some metadata of a dashboard.","type":"object","properties":{"name":{"description":"The name of the dashboard.","type":"string","x-order":0},"title":{"description":"The title of the dashboard.","type":"string","x-order":1},"description":{"description":"The description of the dashboard.","type":"string","x-order":2}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1ListDashboardsResponse":{"description":"Response providing a list of available Grafana dashboards.","type":"object","properties":{"dashboards":{"description":"List of available dashboards.","type":"array","items":{"$ref":"#/components/schemas/v1Dashboard"},"x-order":0}}},"v1alpha1AddressType":{"description":"AddressType specifies type of a network address associated with the workload.\\n\\n - UNSPECIFIED: Not specified.\\n - VPC: IP address from the `VPC` range. Commonly referred to as `Private IP` or\\n`Internal IP`.\\n - INTERNET: IP address from the `Internet` range. Commonly referred to as `Public IP` or\\n`External IP`.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","VPC","INTERNET"]},"v1alpha1AgentInfo":{"description":"AgentInfo specifies information about the `Workload Onboarding Agent`\\ninstalled alongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Workload Onboarding Agent`.","type":"string","x-order":0}}},"v1alpha1ApplyConfigurationResponse":{"description":"Message of the apply sidecar configuration response.","type":"object"},"v1alpha1AuthorizeOnboardingResponse":{"description":"Response to the authorization request.","type":"object","required":["token","expiresAt"],"properties":{"token":{"description":"Bearer token that should be used to authenticate any subsequent requests\\nto the `Workload Onboarding Plane`.\\nAlso known as a `Workload Onboarding Token`.","type":"string","x-order":0},"expiresAt":{"description":"Expiration time of the returned token.","type":"string","format":"date-time","x-order":1}}},"v1alpha1BanyanDBSettings":{"description":"Configure a BanyanDB connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    banyandb:\\n      host: banyandb\\n      port: 5678\\n```\\n$hide_from_docs","type":"object","required":["host","port"],"properties":{"host":{"description":"BanyanDB host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port BanyanDB is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1ContentEquality":{"description":"ContentEquality specifies a strategy to compare two text-like values\\nfor equality, e.g. old and new values of a certain configuration property.\\n\\n - BYTES: Compares two values as opaque byte arrays.\\n - JSON: Compares two values as JSON values.","type":"string","default":"BYTES","enum":["BYTES","JSON"]},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/installcontrolplanev1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/installcontrolplanev1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"awsController":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSController"},"spmAgent":{"$ref":"#/components/schemas/v1alpha1SPMAgent"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"}}},"v1alpha1ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"v1alpha1ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettings"},"banyandb":{"$ref":"#/components/schemas/v1alpha1BanyanDBSettings"},"retentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain metrics for. Defaults to 7 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":2},"tracesRetentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain traces for. Defaults to 3 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":3}}},"v1alpha1DeleteConfigurationResponse":{"description":"Message of the delete sidecar configuration response.","type":"object"},"v1alpha1DescribeConfigurationResponse":{"description":"Message of the describe sidecar configuration response.","type":"object","properties":{"version":{"description":"Version of the desired sidecar configuration.","type":"string","x-order":0}}},"v1alpha1Dir":{"description":"Dir specifies a directory.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1}}},"v1alpha1DiscoveryInfo":{"description":"DiscoveryInfo specifies response schema of the `Workload Onboarding Plane`\\nauto-discovery endpoint.","type":"object","required":["uid"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the\\n`Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.","type":"string","x-order":0}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1File":{"description":"File specifies a configuration file.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1},"content":{"description":"File content.","type":"string","format":"byte","x-order":2},"contentEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"},"reloadable":{"description":"Reloadable file.","type":"boolean","x-order":4}}},"v1alpha1GatewaySpecType":{"description":"Type defines the different type of use cases and functionalities supported by gateway install.\\nEach type configures the gateway workloads specific to a particular use case represented by the type.\\nIf not set, UNIFIED is set as default.\\n\\n - UNIFIED: UNIFIED represents the gateway type supporting all functionalities: INGRESS, EGRESS, and EASTWEST.\\nGateway workloads are configured with default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.\\n - INGRESS: INGRESS represents the gateway type configured for Ingress use cases.\\nGateway workloads are configured with default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.\\n - EGRESS: EGRESS represents the gateway type configured for Egress use cases.\\nGateway workloads are configured with the default ports 80 (HTTP), 443 (HTTPS), and 15443 (ISTIO_mTLS).\\nThe gateway is configured with a ClusterIP type service by default.\\n - EASTWEST: EASTWEST represents the gateway type configured for East-West use cases.\\nGateway workloads are configured with the default port 15443 (ISTIO_mTLS).\\nThe gateway is configured with a LoadBalancer type service by default.","type":"string","default":"UNIFIED","enum":["UNIFIED","INGRESS","EGRESS","EASTWEST"]},"v1alpha1GetDiscoveryInfoResponse":{"description":"Message of the discovery response.","type":"object","required":["discoveryInfo"],"properties":{"discoveryInfo":{"$ref":"#/components/schemas/v1alpha1DiscoveryInfo"}}},"v1alpha1GetSidecarInfoResponse":{"description":"Message of the sidecar info response.","type":"object","required":["sidecar"],"properties":{"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"}}},"v1alpha1HostInfo":{"description":"HostInfo specifies information about the host the workload is running on.","type":"object","required":["addresses"],"properties":{"addresses":{"description":"Network addresses of the host the workload is running on.","type":"array","items":{"$ref":"#/components/schemas/registrationv1alpha1Address"},"x-order":0}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"enabled":{"description":"Enable the OAP (SkyWalking) HPA adapter component that allows pods to be\\nscaled based on Skywalking metrics.\\nThis is disabled by default.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across\\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version.\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/controlplanev1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio\\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10},"ambient":{"$ref":"#/components/schemas/IstioAmbient"}}},"v1alpha1IstioSidecarInfo":{"description":"IstioInfo specifies information about the `Istio Sidecar` installed\\nalongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Istio Sidecar`.","type":"string","x-order":0},"revision":{"description":"Istio revision the pre-installed `Istio Sidecar` corresponds to.\\n\\nE.g., `canary`, `alpha`, etc.\\n\\nIf omitted, it is assumed that the pre-installed `Istio Sidecar`\\ncorresponds to the `default` Istio revision.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":1}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing Kubernetes resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"},"hostManagement":{"$ref":"#/components/schemas/MeshExpansionSettingsHostManagement"},"serviceObservability":{"$ref":"#/components/schemas/MeshExpansionSettingsServiceObservability"}}},"v1alpha1MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1NamespacedName":{"description":"NamespacedName specifies a namespace-scoped name.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"name":{"description":"Resource name.","type":"string","x-order":1}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1RegisterWorkloadResponse":{"description":"Response to the registration request.","type":"object"},"v1alpha1Registration":{"description":"Registration specifies information sent by the `Workload Onboarding Agent`\\nto the `Workload Onboarding Plane` to register the workload in the mesh.","type":"object","required":["agent","sidecar","host"],"properties":{"agent":{"$ref":"#/components/schemas/v1alpha1AgentInfo"},"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"},"host":{"$ref":"#/components/schemas/v1alpha1HostInfo"},"workload":{"$ref":"#/components/schemas/v1alpha1WorkloadInfo"},"settings":{"$ref":"#/components/schemas/typesregistrationv1alpha1Settings"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1SPMAgent":{"description":"Kubernetes settings for the SPM Agent component.","type":"object","properties":{"enabled":{"description":"SPM Agent is an optional component. If enabled is true, this component will be installed.","type":"boolean","x-order":0},"hostPath":{"description":"The root directory of each host for SPM agent use.\\nBy default, the value is \\"/\\".\\nIn the case of container-in-container, it is necessary to specify the path of the current host directory within the current container.","type":"string","x-order":1},"disableMultiProtocolAnalysis":{"description":"Set to true to disable multiple protocol analysis. Default is false.\\nWhen disabled, if the detected protocol is HTTP, the TCP protocol data won\'t be analyzed.\\nWhen enabled, if the detected protocol is HTTP, both the TCP and HTTP protocols will be analyzed together.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"The log level configuration by scopes.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":4}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1SessionResponse":{"description":"SessionResponse specifies response messages sent by the `Workload Onboarding Plane`\\nback to the `Workload Onboarding Agent` as part of a single session.","type":"object","properties":{"discoveryResponse":{"$ref":"#/components/schemas/v3DiscoveryResponse"}}},"v1alpha1SidecarConfiguration":{"description":"SidecarConfiguration represents boot configuration of a sidecar, e.g.\\n`Istio Sidecar`.","type":"object","properties":{"seed":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationSeed"},"update":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationUpdate"}}},"v1alpha1SidecarConfigurationSeed":{"description":"SidecarConfigurationSeed represents seed configuration required to start\\na sidecar, e.g. `Istio Sidecar`.","type":"object","required":["command"],"properties":{"command":{"description":"Path to the sidecar executable, i.e. `pilot-agent` binary of the\\n`Istio Sidecar`.\\n\\nNotice that `Workload Onboarding Agent` is not expected to run this command\\n\\"as is\\". Instead, `Workload Onboarding Agent` should use this value to identify\\nwhich of (potentially many) executables comprising a sidecar it needs to\\nrun.\\n\\nE.g., `Istio Sidecar` comes with `pilot-agent`, `envoy` and `istio-start.sh`\\nexecutables. To clarify that `Workload Onboarding Agent` must use `pilot-agent`\\nbinary to start the sidecar, `Workload Onboarding Plane` will use a command value\\n`/usr/local/bin/pilot-agent`.","type":"string","x-order":0},"args":{"description":"Arguments to the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"type":"string"},"x-order":1},"env":{"description":"Environment variables of the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/typessidecarv1alpha1EnvVar"},"x-order":2},"files":{"description":"Configuration files of the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":3},"dirs":{"description":"Directories required by the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1Dir"},"x-order":4}}},"v1alpha1SidecarConfigurationUpdate":{"description":"SidecarConfigurationUpdate represents an update to the already known\\nseed configuration that can be applied without full restart of the sidecar.","type":"object","properties":{"files":{"description":"Reloadable configuration files of the sidecar, e.g. `Istio token` file\\nreloadable by the Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":0}}},"v1alpha1SidecarInfo":{"description":"SidecarInfo specifies information about the sidecar installed alongside\\nthe workload.","type":"object","properties":{"istio":{"$ref":"#/components/schemas/v1alpha1IstioSidecarInfo"}}},"v1alpha1UnregisterWorkloadResponse":{"description":"Response to the unregistration request.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it will take to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.","type":"string","x-order":0}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/controlplanev1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/commonv1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WaypointsConfig":{"type":"object","properties":{"clusterLevel":{"$ref":"#/components/schemas/WaypointsConfigCommonWaypointConfig"},"namespaceLevel":{"description":"List of namespace-level waypoint configurations. Each entry specifies waypoint\\nsettings for a specific namespace or set of namespaces.","type":"array","items":{"$ref":"#/components/schemas/WaypointsConfigNamespaceLevelCommonConfig"},"x-order":1}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v1alpha1WorkloadInfo":{"description":"WorkloadInfo specifies information about the workload.","type":"object","properties":{"labels":{"description":"Labels associated with the workload.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"v2AuthenticationSettingsAuthenticationMode":{"description":"AuthenticationMode configures whether to initiate only mutual TLS\\nconnections or to allow plaintext traffic as well.\\n\\n - UNSET: Default is UNSET.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Always initiate mutual TLS authenticated connections, and fail if the upstream does not support it.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":2}}},"v2AutomaticLoadBalancing":{"type":"object","title":"Settings for configuring automatic load balancing between clusters based on observed metrics.\\n$hide_from_docs","properties":{"enabled":{"description":"Whether to enable automatic load balancing.","type":"boolean","x-order":0}}},"v2BlameResponse":{"description":"```yaml\\neffectiveProfileConfig:\\n  trafficSettings:\\n    reachability:\\n      mode: GROUP\\n    resilience:\\n      circuitBreakerSensitivity: MEDIUM\\n  authenticationSettings:\\n    trafficMode: REQUIRED\\neffectiveProfilePaths:\\n  authenticationSettings: organizations/my-org/profiles/profile1\\n  authenticationSettings.trafficMode: organizations/my-org/profiles/profile1\\n  trafficSettings: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability.mode: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience.circuitBreakerSensitivity: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\neffectiveProfileMandatedPaths:\\n  - authenticationSettings\\n  - authenticationSettings.trafficMode\\n```","type":"object","title":"Blame data for a given resource.\\nExample:","properties":{"effectiveProfileConfig":{"$ref":"#/components/schemas/v2ProfileConfig"},"effectiveProfilePaths":{"description":"Map of profile config field paths to the resource FQNs that set the value at that path.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"effectiveProfileMandatedPaths":{"description":"Subset of the effective paths which values are set by mandates.","type":"array","items":{"type":"string"},"x-order":2},"effectiveProfileAttachmentPaths":{"description":"Like effective_profile_paths, but the FQNs are from the resources that attach the profiles.","type":"object","additionalProperties":{"type":"string"},"x-order":3}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2},"spmAgentReceiverEnabled":{"description":"Whether the SPM Agent is enabled or disabled in MP.\\nIf the SPM Agent is disabled in MP, then it should also be turned off in CP to prevent the OAP crash in CP.","type":"boolean","x-order":3}}},"v2ClusterOnboardingConfig":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the cluster onboarding configuration.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"},"x-order":2}}},"v2ClusterOnboardingStatus":{"description":"The onboarding status for a cluster.","type":"object","properties":{"namespaces":{"description":"The status of the namespaces in the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingStatusNamespaceStatus"},"x-order":0}}},"v2ClusterOnboardingStatusNamespaceStatus":{"description":"The status of the namespaces in the cluster.","type":"object","properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"},"currentState":{"$ref":"#/components/schemas/v2NamespaceCurrentState"},"currentStateDetails":{"description":"Details about the actual state of the namespace.","type":"string","x-order":3}}},"v2ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/tsbv2Locality"},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"},"istioRevisions":{"description":"Metadata of different Istio revision found in the cluster.\\nAn empty istio revisions field represents there was no Istio\\ndiscovered in the cluster.\\nField should not be empty in ControlMode as TSB will install\\nand depend on Istio.\\nIn Observe mode, an empty field represents that a vanilla kubernetes\\ncluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterStateIstioRevision"},"x-order":7}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2Composer":{"type":"object","title":"Composer extension configuration.\\n$hide_from_docs","properties":{"plugins":{"description":"List of plugins.","type":"array","items":{"$ref":"#/components/schemas/v2ComposerPlugins"},"x-order":0}}},"v2ComposerPlugins":{"description":"Plugin definition.","type":"object","required":["name"],"properties":{"name":{"description":"Plugin name.\\n\\nThis can be one of the [Tetrate built in\\nplugins](https://docs.tetrate.io/service-bridge/) or a\\ncustom plugin.\\n\\nTetrate built in plugins are bundled with TSB and can run directly.\\nHowever providing `pluginSource` is required if this is a custom plugin.","type":"string","x-order":0},"priority":{"description":"Priority to be given to this plugin (Optional).\\n\\nPriority decides the order of execution of plugins.\\nFor example. Plugin P1(priority=10) will be executed\\nbefore Plugin P2(priority=100).","type":"integer","format":"int64","x-order":1},"config":{"$ref":"#/components/schemas/v2ComposerPluginsPluginConfig"},"pluginSource":{"$ref":"#/components/schemas/v2ComposerPluginsPluginSource"}}},"v2ComposerPluginsPluginConfig":{"description":"Configuration for plugin.","type":"object","properties":{"inline":{"description":"Provide plugin config inline in the `yaml` format.\\n\\nThe following is an example of a valid config for tetrate\'s\\nresponse-transformer plugin.\\n\\n```yaml\\ninline:\\n  headersToAdd:\\n  - key: \\"example-header\\"\\n    value: \\"example-value\\"\\n  headersToRemove:\\n  - \\"example-header-to-remove\\"\\n  bodyToSet: \\"the response is mutated!\\"\\n```\\n\\nIf the config fails plugin\'s schema validation, the\\n`tetrate-composer` sidecar will reject it.","type":"object","x-order":0},"secret":{"description":"Obtain plugin config from the specified kubernetes secret.\\nPlease ensure the secret has a key \\"config\\" having values in the\\n`yaml` format. The secret must be present in the same namespace as\\nthe gateway install.\\n\\nThe following is an example of a secret which contains a valid config\\nfor tetrate\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: YWRkOgogIGpzb246CiAgLSBleGFtcGxl\\nkind: Secret\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the secret cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-composer` sidecar.","type":"string","x-order":1},"configMap":{"description":"Obtain plugin config from the specified kubernetes configMap.\\nEnsure the configMap has a key \\"config\\" having values in the\\n`yaml` format. The configMap must be present in the same namespace\\nas the gateway install.\\n\\nThe following is an example of a configMap which contains a valid config\\nfor tetrate\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: |\\n    headersToAdd:\\n    - key: \\"example-header\\"\\n      value: \\"example-value\\"\\n    headersToRemove:\\n    - \\"example-header-to-remove\\"\\n    bodyToSet: \\"the response is mutated!\\"\\nkind: ConfigMap\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the configMap cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-composer` sidecar.","type":"string","x-order":2}}},"v2ComposerPluginsPluginSource":{"description":"Reference to custom plugin files.","type":"object","required":["configMap"],"properties":{"configMap":{"description":"Kubernetes ConfigMap containing the plugin files.\\nThe configMap must be present in same namespace as the gateway install.\\n\\nTo create this configmap in the gateway install namespace, run:\\n\\n```yaml\\nkubectl create configmap my-plugin --from-file=./my-plugin-dir` -n\\n{gw-install-namespace}\\n```\\n\\nand use the name `my-plugin` here.\\n\\nIn case the configMap cannot be loaded (not found, bad format or any\\nother issue reading it), the custom plugin will not be initialised and\\nthe config will be rejected by the `tetrate-composer` sidecar.","type":"string","x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2ControlPlaneMode":{"description":"Available Control Plane modes for the Control Plane deployment.\\n\\n - UNSET: Default mode will be used.\\n - CONTROL: Default mode installed in Control plane clusters.\\nThe Control Plane will be deployed with the entire TSB feature set\\nenabled for this cluster.\\n - OBSERVE: The Control Plane will be deployed with only service\\ndiscovery and observability features enabled.\\nOther features of TSB like configuration propagation,\\ncross-cluster discovery, etc, will not be available in this cluster.","type":"string","default":"UNSET","enum":["UNSET","CONTROL","OBSERVE"]},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2DownstreamResilienceSettings":{"description":"DownstreamResilienceSettings control the reliability knobs in Envoy when accepting\\ninbound connections.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettings"},"meshTimeout":{"$ref":"#/components/schemas/DownstreamResilienceSettingsMeshTimeout"}}},"v2DownstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for downstream connections.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2DownstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for inbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressAuthorizationSettings":{"description":"EgressAuthorizationSettings define rules for allowing specific service accounts to access external hosts.\\nBy default, when a host is configured for egress access on the Gateway, access is denied.","type":"object","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettings"},"to":{"description":"The set of hostnames exposed on the Gateway through which external hosts\\ncan be accessed.","type":"array","items":{"$ref":"#/components/schemas/EgressAuthorizationSettingsHostDetails"},"x-order":1},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2Extensions":{"description":"Extensions extend TSB functionality.","type":"object","properties":{"kong":{"$ref":"#/components/schemas/v2Kong"},"composer":{"$ref":"#/components/schemas/v2Composer"}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2FailoverSettings":{"description":"Failover settings for all proxies connecting to a host exposed in this workspace/organization\\nbased on the settings definition scope. Note that this is a server side setting.","type":"object","properties":{"topologyChoice":{"$ref":"#/components/schemas/FailoverSettingsTopologyChoice"},"failoverPriority":{"description":"FailoverPriority specifies the failover priority for traffic. FailoverPriority is an ordered list of labels \\nused to sort endpoints to do priority based load balancing. \\nThis is to support traffic failover across different groups of endpoints.\\nInternally these labels will be matched on both the client and endpoints to determine the priorities for\\nthe respective endpoints based on clients.\\nNote: For a label to be considered for match, the previous labels must match, i.e. \\nnth label would be considered matched only if first n-1 labels match.\\nIf for a particular client-endpoint pair, all the n labels match, the endpoint will be considered P(0).bool\\nIf first n-1 labels match, the endpoint will be considered P(1) and so on.\\n\\nFor getting the labels to be populated on the endpoints generated by the TSB for multicluster and eastwest scenario, \\nyou will need to label the kubernetes service of your gateway or east-west exposed service\\nusing a label with prefix `failover.tetrate.io/`. \\nFor example `failover.tetrate.io/version=v1` should be the label present\\non the kubernetes service of remote gateway or exposed service for east west traffic.\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"failover.tetrate.io/version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```\\n\\nAnother way to label the endpoints for eastwest scenario is to create a ServiceRoute object for the service and\\nspecify the labels in the ServiceRoute object. If there is any pod with such label present in the remote cluster,\\nthe endpoints for it will have these labels and thus it could be used in failoverPriority API.\\n\\nFor example:\\nSuppose if one of your clusters has service reviews only with version v1 and a second cluster with reviews only with version v2,\\nThen use the below serviceroute object to populate service labels to the endpoints dynamically: \\n```yaml\\napiVersion: traffic.tsb.tetrate.io/v2\\nkind: ServiceRoute\\nmetadata:\\n  name: reviews\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  service: ns1/reviews.ns1.svc.cluster.local\\n  subsets:\\n  - name: v1\\n    labels:\\n      version: v1\\n  - name: v2\\n    labels:\\n      version: v2\\n```\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```","type":"array","items":{"type":"string"},"x-order":1},"regionalFailover":{"description":"Locality routing settings for all gateways in the Workspace/Organization for which\\nthis is defined.\\n\\nExplicitly specify the region traffic will land on when endpoints in the local region become unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":2},"automaticLoadBalancing":{"$ref":"#/components/schemas/v2AutomaticLoadBalancing"}}},"v2FlaggerDestination":{"description":"FlaggerDestination will route traffic based on a Flagger Canary resource.\\nThe Canary resource must exist in the control plane cluster and have service delegation set to true.","type":"object","required":["canary","namespace"],"properties":{"canary":{"description":"Name of the Canary resource that will manage the deployment.","type":"string","x-order":0},"namespace":{"description":"Namespace of the Canary resource that will manage the deployment.","type":"string","x-order":1}}},"v2GetClusterStatsResponse":{"type":"object","title":"Response to the request for the cluster stats of an Istio Proxy.\\nReturns the output of the `/clusters` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--clusters","properties":{"output":{"description":"Output of the cluster stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"}}},"v2GetConfigDumpRequestAll":{"description":"Dump all configuration.","type":"object","properties":{"includeEds":{"description":"Include EDS into config dump.","type":"boolean","x-order":0}}},"v2GetConfigDumpRequestEndpoints":{"description":"Dump endpoint configuration.","type":"object"},"v2GetConfigDumpRequestSecrets":{"description":"Dump secret configuration.","type":"object"},"v2GetConfigDumpResponse":{"type":"object","title":"Response to the request for a config dump from an Istio Proxy.\\nReturns the output of the `/config_dump` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--config_dump","properties":{"output":{"description":"Config in JSON format.","type":"string","x-order":0}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":0}}},"v2GetServerStatsResponse":{"type":"object","title":"Response to the request for the server stats of an Istio Proxy.\\nReturns the output of the `/stats` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--stats","properties":{"output":{"description":"Output of the server stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTPDirectResponse":{"description":"Configures an HTTP response to be generated. This can be used to implement\\nhealth check paths where the gateways will directly reply with a preconfigured\\nresponse when traffic hits certain exposed paths.","type":"object","required":["status"],"properties":{"status":{"description":"Specifies the HTTP response status to be returned.","type":"integer","format":"int64","x-order":0},"body":{"$ref":"#/components/schemas/HTTPDirectResponseHTTPBody"}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPFaultInjection":{"description":"HTTPFaultInjection can be used to specify one or more faults to inject\\nwhile forwarding HTTP requests to the destination specified in a route.\\nFaults include aborting the HTTP request from downstream service, and/or\\ndelaying proxying of requests. A fault rule MUST HAVE delay or abort or\\nboth.\\nNote that delay and abort faults are independent of one another, even if\\nboth are specified simultaneously.","type":"object","properties":{"delay":{"$ref":"#/components/schemas/HTTPFaultInjectionDelay"},"abort":{"$ref":"#/components/schemas/HTTPFaultInjectionAbort"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPMirror":{"description":"HTTPMirror can be used to specify the destinations to mirror HTTP traffic in addition to the original destination.\\nMirrored traffic is on a best effort basis where the sidecar/gateway will not wait for the mirrored destinations\\nto respond before returning the response from the original destination.","type":"object","required":["port"],"properties":{"host":{"description":"The host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":0},"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"percentage":{"description":"Percentage of the traffic to be mirrored.\\nIf this field is absent, the max value 100% will be mirrored.","type":"number","format":"double","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute describes match conditions and actions for HTTP traffic routing to service destinations.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the route.","type":"string","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"description":"Destination host:port and subset where HTTP traffic should be directed.\\n**Note**: Only one of `destination` and `flagger` must be configured per route.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2},"flagger":{"$ref":"#/components/schemas/v2FlaggerDestination"},"fault":{"$ref":"#/components/schemas/v2HTTPFaultInjection"},"mirrors":{"description":"Mirror HTTP traffic to multiple destinations in addition to forwarding the\\nrequests to the intended destination. Mirrored traffic is on a best effort\\nbasis, so it won\'t wait for the mirrored destinations response to respond\\nto the intended destination.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPMirror"},"x-order":5}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":5},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IdentityMatch":{"description":"IdentityMatch defines the strategy for utilizing service identities during the evaluation of authorization (authz) rules.\\nIt specifies how the identity of a service or workload is verified and used in the context of authz policies.\\nThe strictness of identity verification progresses in the following order:\\nUNKNOWN &lt; PERMISSIVE &lt; PEER_CERTIFICATE &lt; SOURCE_IDENTITY.\\n\\n - UNKNOWN: UNKNOWN represents the default state when identityMatch is not explicitly set.\\nIn practice, it behaves identically to the PERMISSIVE mode, allowing for a flexible approach to\\nidentity verification. This mode is typically used as a fallback or when the specific identity verification\\nstrategy is undecided.\\n - PEER_CERTIFICATE: PEER_CERTIFICATE mode mandates the use of Mutual TLS (mTLS) certificates for identity verification.\\nSpecifically, it utilizes the SPIFFE(Secure Production Identity Framework For Everyone) IDs presented in\\npeer certificates as the basis for authz decision-making. This mode aligns with Istio\'s Principal match\\nauthorization policies, offering a secure method of asserting service identities through cryptographic certificates.\\nIt is suitable for environments where strong, certificate-based identity validation is required.\\n - PERMISSIVE: PERMISSIVE mode offers a flexible, transitional approach to identity verification, allowing the evaluation of authz\\nrules based on either SOURCE_IDENTITY or PEER_CERTIFICATE identities. This mode is designed to facilitate\\ngradual adoption of identity verification practices or to ease system upgrades. It is particularly useful\\nin mixed environments where some services use SPIFFE IDs and others use a different form of service identity.\\n\\nIn ALLOW rules contexts, PERMISSIVE mode authorizes workloads if either their SOURCE_IDENTITY or PEER_CERTIFICATE\\nmatches the allowed principals. This approach broadens the range of clients that can be permitted,\\noffering more flexibility during policy enforcement.\\n\\nConversely, in DENY rules contexts, PERMISSIVE mode restricts access to workloads if either their\\nSOURCE_IDENTITY or PEER_CERTIFICATE matches the denied principals. This results in a more conservative\\nset of clients being allowed, enhancing security by restricting access more broadly.\\n - SOURCE_IDENTITY: SOURCE_IDENTITY mode strictly uses the service identity for authz rules evaluation. This identity is propagated\\nfrom the originating client to the target service workload, which then assesses authz rules based on this received\\nidentity. The mode ensures that authz decisions are made based on the explicit identity of the requesting service,\\nfacilitating fine-grained access control and enhancing security by strictly adhering to the principle of least privilege.\\n\\nThis mode is optimal in environments that require strict enforcement of service identities,\\nwhere the assurance of the caller\'s identity is paramount for secure access control.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","PEER_CERTIFICATE","PERMISSIVE","SOURCE_IDENTITY"]},"v2Impact":{"description":"Impact represents a single impact on a field. It specifies how a profile\\naffects a field and the type of the impact (e.g., effective or overridden).","type":"object","properties":{"fieldPath":{"description":"The path to the field that is impacted by the profile. This path uniquely\\nidentifies the field within the resource.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactImpactType"},"source":{"$ref":"#/components/schemas/v2ImpactSource"},"stringValue":{"description":"The value of the field that is impacted by the profile.","type":"string","x-order":3}}},"v2ImpactAnalysis":{"description":"ImpactAnalysis represents the impact of a profile on a resource.","type":"object","properties":{"effectiveImpactsCount":{"description":"The number of effective impacts, which refers to the number of fields\\nthat are directly impacted by the profile being analyzed.","type":"integer","format":"int32","x-order":0},"overriddenImpactsCount":{"description":"The number of overridden impacts, which refers to fields that have been\\nimpacted by another configuration, such as another profile or settings like\\norganization default setting, tenant default settings, workspace default settings,\\ntraffic settings, etc.","type":"integer","format":"int32","x-order":1},"impacts":{"description":"The list of individual impacts that were detected during the analysis.\\nEach impact corresponds to a field that is affected by the profile.","type":"array","items":{"$ref":"#/components/schemas/v2Impact"},"x-order":2}}},"v2ImpactAnalysisResponse":{"description":"ImpactAnalysisResponse represents the response to the ImpactAnalysisRequest.\\nIt contains detailed information about the impacts of the analyzed profiles.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource impacted.","type":"string","x-order":0},"current":{"$ref":"#/components/schemas/v2ImpactAnalysis"},"modified":{"$ref":"#/components/schemas/v2ImpactAnalysis"}}},"v2ImpactSource":{"description":"The source of the impact. This specifies where the impact originated from,\\nsuch as a profile default, a profile mandate, or a configuration setting.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource that impacts the field.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactSourceType"}}},"v2InboundTrafficSetting":{"description":"Configuration for inbound traffic.","type":"object","properties":{"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"resilience":{"$ref":"#/components/schemas/v2DownstreamResilienceSettings"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2TcpKeepAliveSettings"}}},"v2Kong":{"description":"Kong extension configuration.","type":"object","properties":{"plugins":{"description":"List of plugins.","type":"array","items":{"$ref":"#/components/schemas/v2KongPlugins"},"x-order":0}}},"v2KongPlugins":{"description":"Plugin definition.\\n\\nOnly plugins mutating request and response are supported currently.\\nAdvanced plugins may not work. Please contact Tetrate to check if a plugin\\nis supported.","type":"object","required":["name"],"properties":{"name":{"description":"Plugin name.\\n\\nThis can be one of the [Kong open source\\nplugins](https://github.com/Kong/kong/tree/master/kong/plugins) or a\\ncustom plugin.\\n\\nKong open source plugins are bundled with TSB and can run in the same\\nfashion as Kong. However providing `pluginSource` is required if this is\\na custom plugin.","type":"string","x-order":0},"priority":{"description":"Priority to be given to this plugin (Optional).\\n\\nPriority is a concept of kong which decides the order of execution of\\nplugins. Most of the bundled plugins come with a priority defined as per\\n[kong\'s plugin execution\\norder](https://docs.konghq.com/konnect/reference/plugins/#plugin-execution-order)\\n\\nTSB allows you to run both bundled and custom plugins in a different\\norder by reassigning priorities.","type":"integer","format":"int64","x-order":1},"config":{"$ref":"#/components/schemas/v2KongPluginsPluginConfig"},"pluginSource":{"$ref":"#/components/schemas/v2KongPluginsPluginSource"}}},"v2KongPluginsPluginConfig":{"description":"Configuration for Kong plugin.","type":"object","properties":{"inline":{"description":"Provide plugin config inline in the `yaml` format.\\n\\nThe following is an example of a valid config for Kong\'s\\nresponse-transformer plugin.\\n\\n```yaml\\ninline:\\n  add:\\n    json:\\n    - example\\n```\\n\\nIf the config fails plugin\'s schema vaildation, the\\n`tetrate-kong-extender` sidecar will reject it.","type":"object","x-order":0},"secret":{"description":"Obtain plugin config from the specified kubernetes secret.\\nPlease ensure the secret has a key \\"config\\" having values in the\\n`yaml` format. The secret must be present in the same namespace as\\nthe gateway install.\\n\\nThe following is an example of a secret which contains a valid config\\nfor Kong\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: YWRkOgogIGpzb246CiAgLSBleGFtcGxl\\nkind: Secret\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the secret cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-kong-extender` sidecar.\\n\\nNOT IMPLEMENTED.\\n$hide_from_docs","type":"string","x-order":1}}},"v2KongPluginsPluginSource":{"description":"Reference to custom plugin files.","type":"object","required":["configMap"],"properties":{"configMap":{"description":"Kubernetes ConfigMap containing the plugin files.\\nThe configMap must be present in same namespace as the gateway install.\\n\\nTo create this configmap in the gateway install namespace, run:\\n\\n```yaml\\nkubectl create configmap my-plugin --from-file=./my-plugin-dir` -n\\n{gw-install-namespace}\\n```\\n\\nand use the name `my-plugin` here.\\n\\nIn case the configMap cannot be loaded (not found, bad format or any\\nother issue reading it), the custom plugin will not be initialised and\\nthe config will be rejected by the `tetrate-kong-extender` sidecar.","type":"string","x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListAvailableProfilesResponse":{"description":"List of profiles that can be attached to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListClusterOnboardingConfigsResponse":{"description":"List of onboarding configurations for a cluster.","type":"object","properties":{"configs":{"description":"The list of onboarding configurations for the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/tsbv2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListInstallGatewaysResponse":{"description":"List of all Install Gateway objects in the gateway group.","type":"object","properties":{"installGateways":{"type":"array","items":{"$ref":"#/components/schemas/installdataplanev1alpha1GatewaySpec"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListProfilesResponse":{"description":"List of profiles belonging to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServiceTrafficSettingsResponse":{"description":"List of all Service Traffic Settings objects attached to the group.","type":"object","properties":{"serviceSettings":{"description":"List of Service Traffic Setting objects.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/telemetryv2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkloadsResponse":{"description":"Response to the request for a list of Workloads.","type":"object","properties":{"workloads":{"description":"List of workloads.","type":"array","items":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"},"x-order":0},"nextPageToken":{"description":"A token, which can be sent as `page_token` to retrieve the next page.\\nIf this field is omitted, there are no subsequent pages.","type":"string","x-order":1},"totalSize":{"description":"Total number of Workloads.\\nIf a filter was included in the request, this reflects the total number\\nafter the filtering is applied.","type":"integer","format":"int32","x-order":2}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LoadBalancerSettings":{"description":"Defines Load Balancing policies to be applied on the client requests.","type":"object","properties":{"simple":{"$ref":"#/components/schemas/LoadBalancerSettingsSimpleLB"},"consistentHash":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLB"}}},"v2LoggerLevelsResponse":{"description":"Response to the request for effective logger levels of an Istio Proxy.\\nReturns the output of the `/logging` endpoint of the Envoy Admin interface.","type":"object","properties":{"supportedLevels":{"description":"Supported logging levels.","type":"array","items":{"type":"string"},"x-order":0},"loggerLevels":{"description":"Effective logger levels.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/telemetryv2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2ModifyAttachedProfiles":{"description":"ModifyAttachedProfiles represents a request to analyze the impact of modifying\\nthe attached profiles of a resource.","type":"object","required":["fqn"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource to which profiles are attached.","type":"string","x-order":0},"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ModifyProfile":{"description":"ModifyProfile represents a request to analyze the impact of modifying a profile.","type":"object","required":["fqn","profile"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the profile to analyze. This should refer to a specific profile in the system.","type":"string","x-order":0},"profile":{"$ref":"#/components/schemas/v2Profile"}}},"v2NamespaceCurrentState":{"description":"The current state of a namespace.\\n\\n - CURRENT_UNDEFINED: Undefined state.\\n - CURRENT_UNKNOWN: The TSB CP is not able to determine the state of the namespace.\\n - CURRENT_SYSTEM: The namespace has been detected as TSB system namespace, as cloud provider system namespace, or\\nas a namespace with system components specified in the Cluster Onboarding Config as\\n`DESIRED_SYSTEM`.\\nIt should not have sidecars injected and should not be configured with Istio injection.\\n - CURRENT_DISABLED: The namespace has been detected with no sidecars injected and is not configured with Istio injection.\\nCheck the `current_state_details` field for more information.\\n - CURRENT_ENABLED: The namespace has been detected with sidecars injected and is configured with Istio injection.","type":"string","default":"CURRENT_UNDEFINED","enum":["CURRENT_UNDEFINED","CURRENT_UNKNOWN","CURRENT_SYSTEM","CURRENT_DISABLED","CURRENT_ENABLED"]},"v2NamespaceDesiredState":{"description":"The desired state of a namespace.\\n\\n - DESIRED_UNDEFINED: Undefined state.\\n - DESIRED_UNASSIGNED: The user did not specify a desired state for the namespace.\\n - DESIRED_DISABLED: The namespace should have no sidecars injected and don\'t be configured with Istio injection.\\n - DESIRED_IGNORED: TSB should not modify the Istio injection.\\n - DESIRED_ONBOARDED: The namespace should have a sidecars injected and be configured with Istio injection.\\n - DESIRED_SYSTEM: The namespace should be considered as a system namespace. Which means that the namespace\\ncontain system components and should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nIt is similar in terms of sidecar injection to `DESIRED_DISABLED` but it\\nis used to mark the namespace as a system namespace as well.","type":"string","default":"DESIRED_UNDEFINED","enum":["DESIRED_UNDEFINED","DESIRED_UNASSIGNED","DESIRED_DISABLED","DESIRED_IGNORED","DESIRED_ONBOARDED","DESIRED_SYSTEM"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/v2NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8},"useRefreshToken":{"description":"Enable automatic access token refresh using associated refresh token\\n[(see RFC 6749 section 6)](https://datatracker.ietf.org/doc/html/rfc6749#section-6)\\nprovided that the OAuth server supports that.\\n\\nIf not set defaults to `true`.","type":"boolean","x-order":9}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2OpenAPI":{"description":"OpenAPI configuration for the HTTP server.","type":"object","properties":{"fqn":{"description":"The fqn of the API that holds the OpenAPI spec document.","type":"string","x-order":0},"validation":{"$ref":"#/components/schemas/OpenAPIValidation"}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"},"x-order":7}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2OutboundTrafficSetting":{"description":"Configuration for outbound traffic.","type":"object","properties":{"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"egress":{"$ref":"#/components/schemas/v2OutboundTrafficSettingEgressGateway"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients sending traffic to them.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":2}}},"v2OutboundTrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2Profile":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}},"v2ProfileConfig":{"description":"ProfileConfig holds the configuration objects that can be used as defaults or mandates.","type":"object","properties":{"trafficSettings":{"$ref":"#/components/schemas/v2TrafficSetting"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"wafSettings":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmExtensions":{"description":"Wasm Extensions specifies all the WasmExtensions assigned to this profile\\nwith the specific configuration for each extension.\\nThe WASM extensions configured here only apply to workloads, not gateways.\\nThis will be moved under a `security` section in the future.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":3},"unsetFields":{"type":"array","title":"Unset fields specify fields that must not have any value.\\nIn Mandates, fields in this list must remain unset, even if subsequent evaluated Profile Mandates define them.\\nIn Defaults, fields in this list are removed if defined in previously evaluated Profile Defaults.\\nItems in this list are dot-separated paths to the fields, relative to the root of ProfileConfig.\\nField names are in camelCase, as in JSON/YAML.\\nPaths that navigate lists or maps unset the sub-path for all elements.\\nFor example:\\n- \\"traffic.outbound.reachability.hosts\\"\\n- \\"traffic.inbound.resilience.meshTimeout.maxConnectionDuration\\"","items":{"type":"string"},"x-order":4},"traffic":{"$ref":"#/components/schemas/v2TrafficSettings"}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2ProxyType":{"description":"ProxyType defines the type of a proxy within the service mesh.\\n\\nThis enum is used to apply configurations based on the type of\\nthe proxy.\\n\\n - ANY: ANY is the default proxy type that represents both sidecar,\\nand gateway proxies. Use this value to apply configurations\\nto both sidecars and gateways.\\n - SIDECAR: SIDECAR represents a sidecar proxy that runs alongside an\\napplication. Use this value to apply configurations only\\nto the sidecars.\\n - GATEWAY: GATEWAY represents a gateway proxy that runs standalone\\nand, acts as an entry/exit point into/out of the service\\nmesh. Use this value to apply configurations only to the\\ngateways.","type":"string","default":"ANY","enum":["ANY","SIDECAR","GATEWAY"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"This field is DEPRECATED in favor of `upstreamTrafficSettings.resilience.connectionPool.http.requestTimeout`.\\nTimeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2ResilienceSettingsSensitivity"}}},"v2ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2ResourceStatusWithDetails":{"description":"Contains the ResourceStatus with metadata about the resource.","type":"object","properties":{"fqn":{"description":"The status of the resource.","type":"string","x-order":0,"readOnly":true},"apiVersion":{"description":"API version of the resource.","type":"string","x-order":1,"readOnly":true},"name":{"description":"Resource name.","type":"string","x-order":2,"readOnly":true},"status":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":4}}},"v2RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"v2RoleScopeType":{"type":"object","required":["apiGroup","kind"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kind":{"description":"Specific kind of API under the API group.","type":"string","x-order":1}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\nthe gateway routes traffic to an external service through a user-created service entry.\\nThe service entry should only be created in the gateway deployment namespace with the location set to MESH_EXTERNAL.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2SearchStatusResponse":{"description":"Response of the search query for the status of resources related to specified search criteria.","type":"object","properties":{"statuses":{"description":"Collections of status of resources related to the specified search criteria.","type":"array","items":{"$ref":"#/components/schemas/v2ResourceStatusWithDetails"},"x-order":0}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"description":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceState":{"description":"State denotes the interactions the service can have with the mesh. A service can exist in one of the states\\nwhich represents the set of interactions(Observability and Control) the mesh can have with these services.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2ServiceTrafficSetting":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2StreamLogsResponse":{"description":"Response to the request to stream logs of an Istio Proxy.","type":"object","properties":{"output":{"description":"Logs of an Istio Proxy.","type":"string","x-order":0}}},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"v2TcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficMode":{"description":"Traffic mode defines the type of configuration that has been configured on a Gateway server.\\n\\n - AUTO: AUTO mode indicates that the type of configuration is automatically detected from the underlying Gateway deployment.\\n - INGRESS: INGRESS mode specifies the configuration for managing incoming traffic into the mesh.\\nIn this mode, the Gateway server is responsible for handling incoming requests from external sources\\nand routing them to appropriate services within the mesh.\\n - EGRESS: EGRESS mode specifies the configuration for managing outgoing traffic from the mesh to external destinations.\\nIn this mode, the Gateway server controls traffic leaving the mesh and enforces policies and security measures\\nfor accessing external services.\\n - TRANSIT: TRANSIT mode specifies that the Gateway is configured to facilitate transit traffic between different clusters\\nwithin the mesh that are not directly reachable. This mode enables forwarding of traffic between clusters\\nvia the Gateway, allowing communication between services deployed in separate clusters.","type":"string","default":"AUTO","enum":["AUTO","INGRESS","EGRESS","TRANSIT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":8},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"v2TrafficSettings":{"description":"Traffic settings is used to configure inbound and outbound traffic of proxy workloads\\nbelonging to traffic groups or workspaces via profiles. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.","type":"object","properties":{"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"}}},"v2UpstreamResilienceSettings":{"description":"UpstreamResilienceSettings controls the reliability knobs for client connections\\nto the upstream hosts.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsSensitivity"},"outlierDetection":{"$ref":"#/components/schemas/UpstreamResilienceSettingsOutlierDetection"}}},"v2UpstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for the upstream host.","type":"object","properties":{"http":{"$ref":"#/components/schemas/UpstreamResilienceSettingsConnectionPoolSettingsHTTP"},"tcp":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2UpstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for outbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"maxConnections":{"description":"Maximum number of HTTP1 /TCP connections to the service.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":1},"connectTimeout":{"description":"TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Default is 10s.","type":"string","x-order":2}}},"v2UpstreamResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - CUSTOM: When selected, the outlier detection settings must be specified \\nin the resilience.outlierDetection field.\\nIf that field is set but the mode is not CUSTOM, those settings will be ignored.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH","CUSTOM"]},"v2UpstreamTrafficSettings":{"description":"Traffic settings for the clients that are downstreams to the defined\\nupstream hosts.","type":"object","properties":{"hosts":{"description":"List of hosts for which the settings will be created. Can contain wildcard hosts.\\nThe host should be a service from the service registry or a host declared by ServiceEntries.","type":"array","items":{"type":"string"},"x-order":0},"settings":{"$ref":"#/components/schemas/v2UpstreamTrafficSettingsSettings"}}},"v2UpstreamTrafficSettingsSettings":{"description":"Traffic settings to be applied to the clients of the upstream hosts.","type":"object","properties":{"resilience":{"$ref":"#/components/schemas/v2UpstreamResilienceSettings"},"loadBalancer":{"$ref":"#/components/schemas/v2LoadBalancerSettings"},"authentication":{"$ref":"#/components/schemas/tsbtrafficv2AuthenticationSettings"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/extensionv2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v3BuildVersion":{"description":"BuildVersion combines SemVer version of extension with free-form build information\\n(i.e. \'alpha\', \'private-build\') as a set of strings.","type":"object","properties":{"version":{"$ref":"#/components/schemas/v3SemanticVersion"},"metadata":{"type":"object","title":"Free-form build information.\\nEnvoy defines several well known keys in the source/common/version/version.h file","x-order":1}}},"v3ContextParams":{"description":"`xds.resource.listening_address`: The value is \\"IP:port\\" (e.g. \\"10.1.1.3:8080\\") which is\\n  the listening address of a Listener. Used in a Listener resource query.","type":"object","title":"Additional parameters that can be used to select resource variants. These include any\\nglobal context parameters, per-resource type client feature capabilities and per-resource\\ntype functional attributes. All per-resource type attributes will be `xds.resource.`\\nprefixed and some of these are documented below:","properties":{"params":{"type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v3ControlPlane":{"description":"Identifies a specific ControlPlane instance that Envoy is connected to.","type":"object","properties":{"identifier":{"description":"An opaque control plane identifier that uniquely identifies an instance\\nof control plane. This can be used to identify which control plane instance,\\nthe Envoy is connected to.","type":"string","x-order":0}}},"v3DiscoveryRequest":{"type":"object","title":"A DiscoveryRequest requests a set of versioned resources of the same type for\\na given Envoy node on some API.\\n[#next-free-field: 8]","properties":{"versionInfo":{"description":"The version_info provided in the request messages will be the version_info\\nreceived with the most recent successfully processed response or empty on\\nthe first request. It is expected that no new request is sent after a\\nresponse is received until the Envoy instance is ready to ACK/NACK the new\\nconfiguration. ACK/NACK takes place by returning the new API config version\\nas applied or the previous API config version respectively. Each type_url\\n(see below) has an independent version associated with it.","type":"string","x-order":0},"node":{"$ref":"#/components/schemas/corev3Node"},"resourceNames":{"description":"List of resources to subscribe to, e.g. list of cluster names or a route\\nconfiguration name. If this is empty, all resources for the API are\\nreturned. LDS/CDS may have empty resource_names, which will cause all\\nresources for the Envoy instance to be returned. The LDS and CDS responses\\nwill then imply a number of resources that need to be fetched via EDS/RDS,\\nwhich will be explicitly enumerated in resource_names.","type":"array","items":{"type":"string"},"x-order":2},"resourceLocators":{"description":"[#not-implemented-hide:]\\nAlternative to ``resource_names`` field that allows specifying dynamic\\nparameters along with each resource name. Clients that populate this\\nfield must be able to handle responses from the server where resources\\nare wrapped in a Resource message.\\nNote that it is legal for a request to have some resources listed\\nin ``resource_names`` and others in ``resource_locators``.","type":"array","items":{"$ref":"#/components/schemas/v3ResourceLocator"},"x-order":3},"typeUrl":{"description":"Type of the resource that is being requested, e.g.\\n\\"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\\". This is implicit\\nin requests made via singleton xDS APIs such as CDS, LDS, etc. but is\\nrequired for ADS.","type":"string","x-order":4},"responseNonce":{"description":"nonce corresponding to DiscoveryResponse being ACK/NACKed. See above\\ndiscussion on version_info and the DiscoveryResponse nonce comment. This\\nmay be empty only if 1) this is a non-persistent-stream xDS such as HTTP,\\nor 2) the client has not yet accepted an update in this xDS stream (unlike\\ndelta, where it is populated only for new explicit ACKs).","type":"string","x-order":5},"errorDetail":{"$ref":"#/components/schemas/googlerpcStatus"}}},"v3DiscoveryResponse":{"type":"object","title":"[#next-free-field: 7]","properties":{"versionInfo":{"description":"The version of the response data.","type":"string","x-order":0},"resources":{"description":"The response resources. These resources are typed and depend on the API being called.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":1},"canary":{"description":"* --terminate-on-canary-transition-failure. When set, Envoy is able to\\n  terminate if it detects that configuration is stuck at canary. Consider\\n  this example sequence of updates:\\n  - Management server applies a canary config successfully.\\n  - Management server rolls back to a production config.\\n  - Envoy rejects the new production config.\\n  Since there is no sensible way to continue receiving configuration\\n  updates, Envoy will then terminate and apply production config from a\\n  clean slate.\\n* --dry-run-canary. When set, a canary response will never be applied, only\\n  validated via a dry run.","type":"boolean","title":"[#not-implemented-hide:]\\nCanary is used to support two Envoy command line flags:","x-order":2},"typeUrl":{"description":"Type URL for resources. Identifies the xDS API when muxing over ADS.\\nMust be consistent with the type_url in the \'resources\' repeated Any (if non-empty).","type":"string","x-order":3},"nonce":{"description":"For gRPC based subscriptions, the nonce provides a way to explicitly ack a\\nspecific DiscoveryResponse in a following DiscoveryRequest. Additional\\nmessages may have been sent by Envoy to the management server for the\\nprevious version on the stream prior to this DiscoveryResponse, that were\\nunprocessed at response send time. The nonce allows the management server\\nto ignore any further DiscoveryRequests for the previous version until a\\nDiscoveryRequest bearing the nonce. The nonce is optional and is not\\nrequired for non-stream based xDS implementations.","type":"string","x-order":4},"controlPlane":{"$ref":"#/components/schemas/v3ControlPlane"}}},"v3EnvoyInternalAddress":{"type":"object","title":"The address represents an envoy internal listener.\\n[#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]","properties":{"serverListenerName":{"description":"Specifies the :ref:`name &lt;envoy_v3_api_field_config.listener.v3.Listener.name&gt;` of the\\ninternal listener.","type":"string","x-order":0},"endpointId":{"description":"Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a\\nsingle upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for\\nexample, may be set to the final destination IP for the target internal listener.","type":"string","x-order":1}}},"v3Extension":{"type":"object","title":"Version and identification for an Envoy extension.\\n[#next-free-field: 7]","properties":{"name":{"description":"This is the name of the Envoy filter as specified in the Envoy\\nconfiguration, e.g. envoy.filters.http.router, com.acme.widget.","type":"string","x-order":0},"category":{"type":"string","title":"Category of the extension.\\nExtension category names use reverse DNS notation. For instance \\"envoy.filters.listener\\"\\nfor Envoy\'s built-in listener filters or \\"com.acme.filters.http\\" for HTTP filters from\\nacme.com vendor.\\n[#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]","x-order":1},"typeDescriptor":{"type":"string","title":"[#not-implemented-hide:] Type descriptor of extension configuration proto.\\n[#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]\\n[#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]","x-order":2},"version":{"$ref":"#/components/schemas/v3BuildVersion"},"disabled":{"description":"Indicates that the extension is present but was disabled via dynamic configuration.","type":"boolean","x-order":4},"typeUrls":{"description":"Type URLs of extension configuration protos.","type":"array","items":{"type":"string"},"x-order":5}}},"v3Pipe":{"type":"object","properties":{"path":{"description":"Unix Domain Socket path. On Linux, paths starting with \'@\' will use the\\nabstract namespace. The starting \'@\' is replaced by a null byte by Envoy.\\nPaths starting with \'@\' will result in an error in environments other than\\nLinux.","type":"string","x-order":0},"mode":{"description":"The mode for the Pipe. Not applicable for abstract sockets.","type":"integer","format":"int64","x-order":1}}},"v3ResourceLocator":{"description":"Specifies a resource to be subscribed to.","type":"object","properties":{"name":{"description":"The resource name to subscribe to.","type":"string","x-order":0},"dynamicParameters":{"description":"A set of dynamic parameters used to match against the dynamic parameter\\nconstraints on the resource. This allows clients to select between\\nmultiple variants of the same resource.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v3SemanticVersion":{"description":"Envoy uses SemVer (https://semver.org/). Major/minor versions indicate\\nexpected behaviors and APIs, the patch version field is used only\\nfor security fixes and can be generally ignored.","type":"object","properties":{"majorNumber":{"type":"integer","format":"int64","x-order":0},"minorNumber":{"type":"integer","format":"int64","x-order":1},"patch":{"type":"integer","format":"int64","x-order":2}}},"v3SocketAddress":{"type":"object","title":"[#next-free-field: 7]","properties":{"protocol":{"$ref":"#/components/schemas/v3SocketAddressProtocol"},"address":{"description":"The address for this socket. :ref:`Listeners &lt;config_listeners&gt;` will bind\\nto the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``\\nto bind to any address. [#comment:TODO(zuercher) reinstate when implemented:\\nIt is possible to distinguish a Listener address via the prefix/suffix matching\\nin :ref:`FilterChainMatch &lt;envoy_v3_api_msg_config.listener.v3.FilterChainMatch&gt;`.] When used\\nwithin an upstream :ref:`BindConfig &lt;envoy_v3_api_msg_config.core.v3.BindConfig&gt;`, the address\\ncontrols the source address of outbound connections. For :ref:`clusters\\n&lt;envoy_v3_api_msg_config.cluster.v3.Cluster&gt;`, the cluster type determines whether the\\naddress must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS\\n(``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized\\nvia :ref:`resolver_name &lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;`.","type":"string","x-order":1},"portValue":{"type":"integer","format":"int64","x-order":2},"namedPort":{"description":"This is only valid if :ref:`resolver_name\\n&lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;` is specified below and the\\nnamed resolver is capable of named port resolution.","type":"string","x-order":3},"resolverName":{"description":"The name of the custom resolver. This must have been registered with Envoy. If\\nthis is empty, a context dependent default applies. If the address is a concrete\\nIP address, no resolution will occur. If address is a hostname this\\nshould be set for resolution other than DNS. Specifying a custom resolver with\\n``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime.","type":"string","x-order":4},"ipv4Compat":{"description":"When binding to an IPv6 address above, this enables `IPv4 compatibility\\n&lt;https://tools.ietf.org/html/rfc3493#page-11&gt;`_. Binding to ``::`` will\\nallow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into\\nIPv6 space as ``::FFFF:&lt;IPv4-address&gt;``.","type":"boolean","x-order":5}}},"v3SocketAddressProtocol":{"type":"string","default":"TCP","enum":["TCP","UDP"]}}}}},"1_11_x":{"url":"service-bridge/generated/openapi/1.11.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.11.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards":{"get":{"tags":["DashboardService"],"summary":"Return the list of available dashboards, alongside their descriptions.\\nDashboards are identified by their names, which can be used to download them.","operationId":"DashboardService_ListDashboards","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v1ListDashboardsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/dashboards/{name}":{"get":{"tags":["DashboardService"],"summary":"Download a Grafana dashboard in JSON format by providing the dashboard\'s name.\\nThe downloaded dashboard is intended to be uploaded to a Grafana instance. Platform\\noperators can use each dashboard to monitor specific components of the TSB platform.","operationId":"DashboardService_DownloadDashboard","parameters":[{"description":"The name of the dashboard to download.","name":"name","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/tsbv2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding":{"get":{"tags":["Clusters"],"summary":"List the cluster onboarding configurations for a given cluster.","operationId":"Clusters_ListClusterOnboardingConfigs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClusterOnboardingConfigsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Clusters"],"summary":"Create the cluster onboarding configuration for a cluster.\\nOnly one onboarding configuration can be created for a cluster. This configuration is used to\\ndefine the desired state of the namespaces of the cluster.\\nThese namespaces with state DESIRED_ONBOARDED will be added to the onboarding tenant and onboarding\\nworkspace, so they can be managed by the management plane.\\nThe onboarding tenant and workspace are created automatically if they do not exist.","operationId":"Clusters_CreateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create the cluster onboarding configuration for a cluster.","type":"object","required":["name","config"],"properties":{"config":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"name":{"description":"The short name for the cluster onboarding config to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/status":{"get":{"tags":["Clusters"],"summary":"Get the onboarding status for a cluster.","operationId":"Clusters_GetClusterOnboardingStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/onboarding/{onboardin}":{"get":{"tags":["Clusters"],"summary":"Get the cluster onboarding configuration for a cluster.","operationId":"Clusters_GetClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Update the cluster onboarding configuration for a cluster.","operationId":"Clusters_UpdateClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Delete the cluster onboarding configuration for a cluster.","operationId":"Clusters_DeleteClusterOnboardingConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Onboardin name.","name":"onboardin","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"}},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/registryv2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/tsbapplicationv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbapplicationv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile2","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis":{"get":{"tags":["Workspaces"],"summary":"List all API objects in the workspace.","operationId":"Workspaces_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create an API object in the workspace.","operationId":"Workspaces_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/apitsbv2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/apis/{api}":{"get":{"tags":["Workspaces"],"summary":"Get the details of the given API object.","operationId":"Workspaces_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given API object.","operationId":"Workspaces_UpdateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n\\n$hide_from_docs","type":"object","required":["openapi"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given API object.","operationId":"Workspaces_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/gatewayv2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile3","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysis2Body"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/currentimpact":{"post":{"tags":["Profiles"],"summary":"CurrentImpactAnalysis analyzes the current impact of a profile or a resource attached profiles.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_CurrentImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CurrentImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/impact":{"post":{"tags":["Profiles"],"summary":"ImpactAnalysis analyzes the impact of profile or resource attached profiles modifications.\\nThe response is streamed, with each message representing the impact analysis for a specific profile\\nor resource and its corresponding impacts.","operationId":"Profiles_ImpactAnalysis8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_ImpactAnalysisBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2ImpactAnalysisResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2ImpactAnalysisResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/clusterstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the cluster stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetClusterStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetClusterStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetClusterStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/configdump":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a config dump from a workload (Istio Proxy)","operationId":"ProxyDiagnosticService_GetConfigDump4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetConfigDumpBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetConfigDumpResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/loggerlevels":{"put":{"tags":["ProxyDiagnosticService"],"summary":"Set the log levels of a workload","operationId":"ProxyDiagnosticService_SetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_SetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the logger levels of a workload","operationId":"ProxyDiagnosticService_GetLoggerLevels4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetLoggerLevelsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2LoggerLevelsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/serverstats":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the server stats of an Istio Proxy","operationId":"ProxyDiagnosticService_GetServerStats4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_GetServerStatsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetServerStatsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/streamlogs":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return a stream of logs (the output of the `kubectl logs` command) of an Istio Proxy.","operationId":"ProxyDiagnosticService_StreamLogs4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_StreamLogsBody"},"responses":{"200":{"description":"A successful response.(streaming responses)","content":{"application/json":{"schema":{"type":"object","title":"Stream result of v2StreamLogsResponse","properties":{"error":{"$ref":"#/components/schemas/googlerpcStatus"},"result":{"$ref":"#/components/schemas/v2StreamLogsResponse"}}}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/proxytools/workloads":{"post":{"tags":["ProxyDiagnosticService"],"summary":"Return the workload names under a given FQN resource and cluster.","operationId":"ProxyDiagnosticService_ListWorkloads4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/ProxyDiagnosticService_ListWorkloadsBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkloadsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings":{"get":{"tags":["Traffic"],"summary":"List all service traffic settings objects that have been attached to the traffic group.","operationId":"Traffic_ListServiceTrafficSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a service traffic settings object in the traffic group.","operationId":"Traffic_CreateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Traffic Setting.","type":"object","required":["name","serviceSetting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceSetting":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings/{servicesetting}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service traffic settings object.","operationId":"Traffic_GetServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given service traffic settings object.","operationId":"Traffic_UpdateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service traffic settings from the group.","operationId":"Traffic_DeleteServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Create a local User in TSB.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Modify an existing local user.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Delete an existing user.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/telemetryv2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}/kubernetes":{"get":{"tags":["RBAC"],"summary":"Get the Kubernetes ClusterRole associated with the given TSB Role.\\nReturns the ClusterRole formatted as a JSON or YAML depending on the Accept header: application/json or application/yaml.\\nIf no Accept header is provided, the response will be in YAML format.","operationId":"RBAC_GetRoleK8sMapping","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apiHttpBody"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"SidecarConfigurationService"},{"name":"SidecarInfoService"},{"name":"OnboardingAuthorizationService"},{"name":"OnboardingPlaneDiscoveryService"},{"name":"WorkloadRegistrationService"},{"name":"AgentSessionService"},{"name":"Applications"},{"name":"DashboardService"},{"name":"ProxyDiagnosticService"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Profiles"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/qv2Metadata"},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Profiles_CurrentImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"resource":{"description":"Resource fqn to analyze its attached profiles impact.","type":"string"}}}}},"required":true},"ProxyDiagnosticService_SetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request to change effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"allLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestAllLoggers"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"givenLoggers":{"$ref":"#/components/schemas/SetLoggerLevelsRequestGivenLoggers"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"Profiles_CurrentImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"CurrentImpactAnalysisRequest holds the fields needed to request the current impact of a\\nprofile or a attached profiles to a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"profile":{"description":"Profile fqn to analyze the impact.","type":"string"}}}}},"required":true},"Profiles_CreateProfileBody":{"content":{"application/json":{"schema":{"description":"Request to create a profile belonging to a given resource.","type":"object","required":["name","profile"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"profile":{"$ref":"#/components/schemas/v2Profile"}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true},"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"ProxyDiagnosticService_GetClusterStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the cluster stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetConfigDumpBody":{"content":{"application/json":{"schema":{"description":"Request for a config dump from a workload (Istio Proxy).","type":"object","required":["cluster","workload"],"properties":{"all":{"$ref":"#/components/schemas/v2GetConfigDumpRequestAll"},"bootstrap":{"$ref":"#/components/schemas/GetConfigDumpRequestBootstrap"},"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"clusters":{"$ref":"#/components/schemas/GetConfigDumpRequestClusters"},"ecds":{"$ref":"#/components/schemas/GetConfigDumpRequestEcds"},"endpoints":{"$ref":"#/components/schemas/v2GetConfigDumpRequestEndpoints"},"listeners":{"$ref":"#/components/schemas/GetConfigDumpRequestListeners"},"routes":{"$ref":"#/components/schemas/GetConfigDumpRequestRoutes"},"secrets":{"$ref":"#/components/schemas/v2GetConfigDumpRequestSecrets"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetLoggerLevelsBody":{"content":{"application/json":{"schema":{"description":"Request for effective logger levels of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_GetServerStatsBody":{"content":{"application/json":{"schema":{"description":"Request for the server stats of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_StreamLogsBody":{"content":{"application/json":{"schema":{"description":"Request to stream logs of an Istio Proxy.","type":"object","required":["cluster","workload"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster to execute the diagnostic task in.","type":"string"},"follow":{"description":"Follow the log stream of the pod. Defaults to false.","type":"boolean"},"previous":{"description":"Return logs of the previous terminated container instead of the logs of the current container.\\nDefaults to false.","type":"boolean"},"sinceSeconds":{"description":"A relative time in seconds before the current time from which to show logs. If this value\\nprecedes the time a pod was started, only logs since the pod start will be returned.\\nIf this value is in the future, no logs will be returned.","type":"string","format":"int64"},"workload":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"}}}}},"required":true},"ProxyDiagnosticService_ListWorkloadsBody":{"content":{"application/json":{"schema":{"description":"Request to retrieve the workload names on which the diagnostic tools can be run.\\nThe returned workloads are belonging to the resource specified by the `fqn` field \\nand are running in the cluster specified by the `cluster` field.","type":"object","required":["cluster"],"properties":{"cluster":{"description":"Fully-qualified name of the cluster the workload belongs to.","type":"string"},"filter":{"$ref":"#/components/schemas/ListWorkloadsRequestFilter"},"pageSize":{"description":"Optional. The maximum number of Workloads to return.\\nThe service may return fewer than this value.\\nRely on the `next_page_token` response field to determine if there are more workloads\\nto be retrieved.\\nIf unspecified, at most 50 Workloads will be returned.\\nThe maximum value is 1000; values above 1000 will be coerced to 1000.","type":"integer","format":"int32"},"pageToken":{"description":"Optional. A page token, received from a previous `ListWorkloadsRequest` call.\\nProvide this to retrieve the subsequent page.\\n\\nWhen paginating, all other parameters provided to `ListWorkloadsRequest` must\\nmatch the call that provided the page token.","type":"string"}}}}},"required":true},"Profiles_ImpactAnalysisBody":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"description":"Request to analyze the impact of modifying the attached profiles of a resource.","type":"object","title":"Request to analyze the impact of modifying the attached profiles of a resource.","properties":{"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"}}}},"modifyProfile":{"$ref":"#/components/schemas/v2ModifyProfile"}}}}},"required":true},"Profiles_UpdateProfileBody":{"content":{"application/json":{"schema":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}}}},"required":true},"Profiles_ImpactAnalysis2Body":{"content":{"application/json":{"schema":{"description":"ImpactAnalysisRequest holds the fields needed to request the impact of a\\nprofile modification or profile attachment modification in a resource.\\nOnly one of the fields should be set at a time.","type":"object","required":["profile"],"properties":{"fieldPaths":{"description":"List of field paths to analyze the impact of the profiles on. If this field is set,\\nthe request will analyze the impact of the profiles only on the specified field paths.","type":"array","items":{"type":"string"}},"modifyAttachedProfiles":{"$ref":"#/components/schemas/v2ModifyAttachedProfiles"},"modifyProfile":{"description":"Request to analyze the impact of modifying an existing profile.","type":"object","title":"Request to analyze the impact of modifying an existing profile.","properties":{"profile":{"$ref":"#/components/schemas/v2Profile"}}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterOnboardingConfigNamespaceConfig":{"description":"Configuration for a namespace.","type":"object","required":["name"],"properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"}}},"ClusterStateIstioRevision":{"description":"IstioRevision represents the Istio revisions in the ControlPlane Cluster.","type":"object","properties":{"revision":{"type":"string","title":"Istio revision found in the cluster","x-order":0},"version":{"description":"Istio version found in the cluster.","type":"string","x-order":1},"distribution":{"$ref":"#/components/schemas/IstioRevisionDistribution"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ConsistentHashLBMagLev":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nIt can be used as a drop in replacement for `RingHash`. It has higher speed than RingHash with faster hash table lookups.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#maglev","required":["tableSize"],"properties":{"tableSize":{"description":"The table size for Maglev hashing. This helps in controlling the\\ndisruption when the backend hosts change.\\nIncreasing the table size reduces the amount of disruption.","type":"integer","format":"int64","x-order":0}}},"ConsistentHashLBRingHash":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nEach upstream host is mapped onto a circle (ring) by hashing its address, each request is then\\nrouted using some hash property of the request.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#ring-hash","properties":{"minimumRingSize":{"description":"The minimum number of virtual nodes to use for the hash\\nring. Defaults to 1024. Larger ring sizes result in more granular\\nload distributions. If the number of hosts in the load balancing\\npool is larger than the ring size, each host will be assigned a\\nsingle virtual node.","type":"integer","format":"int64","x-order":0}}},"DownstreamResilienceSettingsMeshTimeout":{"description":"Connection and Stream timeout settings for the mesh.\\nThese apply to the inbound connections at the Sidecars\\nand Gateways.","type":"object","properties":{"maxConnectionDuration":{"description":"This specifies the duration of time after which\\na downstream and upstream connection will be drained\\nand/or closed, starting from when it was first\\nestablished. If there are no active streams,\\nthe connection will be closed. If there are any active\\nstreams, the drain sequence will kick-in, and the connection\\nwill be force-closed after the drain period. The default\\nvalue of max connection duration is 0 or unlimited,\\nwhich means that the connections will never be closed\\ndue to aging. This setting applies to the entire HTTP connection\\nand all streams (HTTP/2 and HTTP/3) the connection carries.","type":"string","x-order":0},"maxStreamDuration":{"description":"The max stream duration is the maximum time that a stream\u2019s\\nlifetime will span.","type":"string","x-order":1},"maxDownstreamConnectionDuration":{"description":"The maximum duration of a TCP connection. The duration is defined\\nas the period since a connection was established. If not set,\\nthere is no max duration. When max_downstream_connection_duration\\nis reached the connection will be closed. This can be used\\nalongside with `max_connection_duration`.","type":"string","x-order":2},"proxyType":{"$ref":"#/components/schemas/v2ProxyType"}}},"EgressAuthorizationSettingsHostDetails":{"description":"List of external hosts details.","type":"object","required":["host"],"properties":{"host":{"$ref":"#/components/schemas/v2StringMatch"},"paths":{"description":"The request paths allowed for access, e.g., [\\"/accounts\\", \\"/info*\\", \\"/user/profile/*\\"].\\nExact and prefix-based regular matches are supported.\\nIf not set, any path is allowed.","type":"array","items":{"type":"string"},"x-order":1},"methods":{"description":"The HTTP methods allowed by this rule, e.g., [\\"GET\\", \\"HEAD\\"].\\nIf not set, any method is allowed.","type":"array","items":{"type":"string"},"x-order":2}}},"FailoverSettingsTopologyChoice":{"description":"TopologyChoice specifies the topology preference for traffic priority.\\n\\n - NONE: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - CLUSTER: Prefer traffic to stay in the cluster as much as possible.\\n - LOCALITY: Prefer traffic to stay in the region/zone/subzone as much as possible irrespective of the cluster.","type":"string","default":"NONE","enum":["NONE","CLUSTER","LOCALITY"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"GetClusterStatsRequestClusterStatsFormat":{"description":"Format of the cluster stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.","type":"string","default":"JSON","enum":["JSON","TEXT"]},"GetConfigDumpRequestBootstrap":{"description":"Dump bootstrap configuration.","type":"object"},"GetConfigDumpRequestClusters":{"description":"Dump cluster configuration.","type":"object"},"GetConfigDumpRequestEcds":{"description":"Dump typed extension configuration.","type":"object"},"GetConfigDumpRequestListeners":{"description":"Dump listener configuration.","type":"object"},"GetConfigDumpRequestRoutes":{"description":"Dump route configuration.","type":"object"},"GetServerStatsRequestServerStatsFormat":{"description":"Format of the server stats of an Istio Proxy.\\n\\n - JSON: JSON format.\\n - TEXT: Text format.\\n - PROMETHEUS: Prometheus format.","type":"string","default":"JSON","enum":["JSON","TEXT","PROMETHEUS"]},"GitOpsPushMode":{"description":"Push mode for GitOps component. Default: SYNC.\\n\\n - SYNC: In SYNC mode TSB K8s resources are validated and pushed to Management Plane synchronously,\\nblocking on resource creation until the resource is created successfully in the Management Plane.\\nThis is the default mode.\\n - ASYNC: In ASYNC mode TSB K8s resources are pushed to Management Plane asynchronously, without blocking on resource creation.\\nTo know if the resource was created successfully, check its K8s status.","type":"string","default":"SYNC","enum":["SYNC","ASYNC"]},"HTTPDirectResponseHTTPBody":{"description":"Specifies the content of the response body.","type":"object","properties":{"string":{"type":"string","title":"response body as a string","x-order":0},"bytes":{"description":"response body as base64 encoded bytes.","type":"string","format":"byte","x-order":1}}},"HTTPFaultInjectionAbort":{"description":"Abort specification is used to prematurely abort a request with a\\npre-specified error code.\\nThe _httpStatus_ field is used to indicate the HTTP status code to\\nreturn to the caller. The optional _percentage_ field can be used to only\\nabort a certain percentage of requests. If not specified, no request will be\\naborted.","type":"object","properties":{"percentage":{"description":"Percentage of requests to be aborted with the error code provided.\\nIf not specified, no request will be aborted.","type":"number","format":"double","x-order":0},"httpStatus":{"description":"HTTP status code to use to abort the HTTP request.","type":"integer","format":"int32","x-order":1},"grpcStatus":{"type":"string","title":"GRPC status code to use to abort the request. The supported\\ncodes are documented in https://github.com/grpc/grpc/blob/master/doc/statuscodes.md","x-order":2}}},"HTTPFaultInjectionDelay":{"description":"Delay specification is used to inject latency into the request\\nforwarding path.\\n\\nThe _fixedDelay_ field is used to indicate the amount of delay in seconds.\\nThe optional _percentage_ field can be used to only delay a certain\\npercentage of requests. If left unspecified, no request will be delayed.","type":"object","properties":{"percentage":{"description":"Percentage of requests on which the delay will be injected.\\nIf left unspecified, no request will be delayed.","type":"number","format":"double","x-order":0},"fixedDelay":{"description":"Add a fixed delay before forwarding the request. Format:\\n1h/1m/1s/1ms. MUST be &gt;=1ms.","type":"string","x-order":1}}},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"ImpactImpactType":{"description":"Enum representing the different types of impact a profile can have on a field.\\n\\n - UNKNOWN: The impact type is unknown or unspecified.\\n - EFFECTIVE: The profile is effective on the field, meaning the profile directly sets\\nthe field\'s value.\\n - OVERRIDE: The field\'s value is overridden by another profile or configuration, but was\\npreviously set by the profile being analyzed.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","EFFECTIVE","OVERRIDE"]},"ImpactSourceType":{"description":"The type of the impact source.\\n\\n - INVALID: The impact source is unknown or unspecified.\\n - DEFAULT: The impact source is a profile default.\\n - MANDATE: The impact source is a profile mandate.\\n - SETTINGS: The impact source is configuration setting.","type":"string","default":"INVALID","enum":["INVALID","DEFAULT","MANDATE","SETTINGS"]},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"IstioRevisionDistribution":{"description":"- UNKNOWN: Unknown Istio distribution\\n - TSB: TSB istio distribution\\n - TID: TID istio distribution","type":"string","title":"Type of distribution for the Istio version","default":"UNKNOWN","enum":["UNKNOWN","TSB","TID"]},"IstioStatusIstioInjection":{"description":"Istio injection status for the namespace.\\n\\n - ISTIO_INJECTION_UNDEFINED: The TSB CP is not able to determine the Istio injection status of the namespace.\\n - ISTIO_INJECTION_ENABLED: The namespace is configured with Istio injection.\\n - ISTIO_INJECTION_DISABLED: The namespace is not configured with Istio injection.","type":"string","default":"ISTIO_INJECTION_UNDEFINED","enum":["ISTIO_INJECTION_UNDEFINED","ISTIO_INJECTION_ENABLED","ISTIO_INJECTION_DISABLED"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"KongPlugins":{"description":"Plugin definition.\\n\\nOnly plugins mutating request and response are supported currently.\\nAdvanced plugins may not work. Please contact Tetrate to check if a plugin\\nis supported.","type":"object","required":["name"],"properties":{"name":{"description":"Plugin name.\\n\\nThis can be one of the [Kong open source\\nplugins](https://github.com/Kong/kong/tree/master/kong/plugins) or a\\ncustom plugin.\\n\\nKong open source plugins are bundled with TSB and can run in the same\\nfashion as Kong. However providing `pluginSource` is required if this is\\na custom plugin.","type":"string","x-order":0},"priority":{"description":"Priority to be given to this plugin (Optional).\\n\\nPriority is a concept of kong which decides the order of execution of\\nplugins. Most of the bundled plugins come with a priority defined as per\\n[kong\'s plugin execution\\norder](https://docs.konghq.com/konnect/reference/plugins/#plugin-execution-order)\\n\\nTSB allows you to run both bundled and custom plugins in a different\\norder by reassigning priorities.","type":"integer","format":"int64","x-order":1},"config":{"$ref":"#/components/schemas/PluginsPluginConfig"},"pluginSource":{"$ref":"#/components/schemas/PluginsPluginSource"}}},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"ListWorkloadsRequestFilter":{"description":"Workloads filter.","type":"object","properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"serviceName":{"description":"Name of a Service.","type":"string","x-order":1}}},"LoadBalancerSettingsConsistentHashLB":{"description":"Consistent Hash-based load balancing can be used to provide soft\\nsession affinity based on HTTP headers, cookies or other\\nproperties. The affinity to a particular destination host may be\\nlost when one or more hosts are added/removed from the destination\\nservice.\\n\\nNote: consistent hashing is less reliable at maintaining affinity than common\\n\\"sticky sessions\\" implementations, which often encode a specific destination in\\na cookie, ensuring affinity is maintained as long as the backend remains.\\nWith consistent hash, the guarantees are weaker; any host addition or removal can\\nbreak affinity for `1/backends` requests.\\n\\nWarning: consistent hashing depends on each proxy having a consistent view of endpoints.\\nThis is not the case when locality load balancing is enabled. Locality load balancing\\nand consistent hash will only work together when all proxies are in the same locality,\\nor a high level load balancer handles locality affinity.","type":"object","properties":{"httpHeaderName":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"httpCookie":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLBHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.\\nThis is applicable for both TCP and HTTP connections.","type":"boolean","x-order":2},"httpQueryParameterName":{"description":"Hash based on a specific HTTP query parameter.","type":"string","x-order":3},"ringHash":{"$ref":"#/components/schemas/ConsistentHashLBRingHash"},"maglev":{"$ref":"#/components/schemas/ConsistentHashLBMagLev"}}},"LoadBalancerSettingsConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"LoadBalancerSettingsSimpleLB":{"description":"Standard load balancing algorithms that require no tuning.\\n\\n - UNSPECIFIED: No load balancing algorithm has been specified by the user.\\nAn appropriate default will be used.\\n - RANDOM: The random load balancer selects a random healthy host. The random\\nload balancer generally performs better than round robin if no health\\nchecking policy is configured.\\n - PASSTHROUGH: This option will forward the connection to the original IP address\\nrequested by the caller without doing any form of load\\nbalancing. This option must be used with care. It is meant for\\nadvanced use cases. Refer to Original Destination load balancer in\\nEnvoy for further details.\\n - ROUND_ROBIN: A basic round robin load balancing policy. This is generally unsafe\\nfor many scenarios (e.g. when enpoint weighting is used) as it can\\noverburden endpoints. In general, prefer to use LEAST_REQUEST as a\\ndrop-in replacement for ROUND_ROBIN.\\n - LEAST_REQUEST: The least request load balancer spreads load across endpoints, favoring\\nendpoints with the least outstanding requests. This is generally safer\\nand outperforms ROUND_ROBIN in nearly all cases. Prefer to use\\nLEAST_REQUEST as a drop-in replacement for ROUND_ROBIN.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","RANDOM","PASSTHROUGH","ROUND_ROBIN","LEAST_REQUEST"]},"MeshExpansionSettingsOnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer"}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OpenAPIValidation":{"type":"object","title":"Validation options for the OpenAPI document.\\n$hide_from_docs","properties":{"enabled":{"description":"If set to true, the OpenAPI document is enabled for validation.\\nDefaults to false.","type":"boolean","x-order":0},"allowUndefined":{"description":"By default if a request is not defined in the OpenAPI document, it will be rejected. Set this to true to allow those requests to proceed with no validation.","type":"boolean","x-order":1},"pathPrefix":{"description":"Prefix to add to the paths in the OpenAPI doc before matching against incoming requests.","type":"string","x-order":2}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"PluginsPluginConfig":{"description":"Configuration for Kong plugin.","type":"object","properties":{"inline":{"description":"Provide plugin config inline in the `yaml` format.\\n\\nThe following is an example of a valid config for Kong\'s\\nresponse-transformer plugin.\\n\\n```yaml\\ninline:\\n  add:\\n    json:\\n    - example\\n```\\n\\nIf the config fails plugin\'s schema vaildation, the\\n`tetrate-kong-extender` sidecar will reject it.","type":"object","x-order":0},"secret":{"description":"Obtain plugin config from the specified kubernetes secret.\\nPlease ensure the secret has a key \\"config\\" having values in the\\n`yaml` format. The secret must be present in the same namespace as\\nthe gateway install.\\n\\nThe following is an example of a secret which contains a valid config\\nfor Kong\'s response-transformer plugin.\\n\\n```yaml\\napiVersion: v1\\ndata:\\n  config: YWRkOgogIGpzb246CiAgLSBleGFtcGxl\\nkind: Secret\\nmetadata:\\n  name: response-transformer-config\\n  namespace: gw-install-namespace\\ntype: Opaque\\n```\\n\\nIn case the secret cannot be loaded (not found, bad format, schema\\nvalidation failure or any other issue reading it), the config will be\\nrejected by the `tetrate-kong-extender` sidecar.\\n\\nNOT IMPLEMENTED.\\n$hide_from_docs","type":"string","x-order":1}}},"PluginsPluginSource":{"description":"Reference to custom plugin files.","type":"object","required":["configMap"],"properties":{"configMap":{"description":"Kubernetes ConfigMap containing the plugin files.\\nThe configMap must be present in same namespace as the gateway install.\\n\\nTo create this configmap in the gateway install namespace, run:\\n\\n```yaml\\nkubectl create configmap my-plugin --from-file=./my-plugin-dir` -n\\n{gw-install-namespace}\\n```\\n\\nand use the name `my-plugin` here.\\n\\nIn case the configMap cannot be loaded (not found, bad format or any\\nother issue reading it), the custom plugin will not be initialised and\\nthe config will be rejected by the `tetrate-kong-extender` sidecar.","type":"string","x-order":0}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1},"scopedAt":{"description":"The list of parent types where the defined kinds will be scoped under.\\nIf omitted, no scope limitation is applied.","type":"array","items":{"$ref":"#/components/schemas/v2RoleScopeType"},"x-order":2}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/ServiceMetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServiceMetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/ServiceRouteStickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteStickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SetLoggerLevelsRequestAllLoggers":{"description":"Desired level for all loggers.","type":"object","required":["level"],"properties":{"level":{"description":"Desired level for all loggers.","type":"string","x-order":0}}},"SetLoggerLevelsRequestGivenLoggers":{"description":"Desired levels for given loggers.\\nAvailable log levels are: trace, debug, info, warning/warn, error, critical, off.\\nExamples: {\\"config\\": \\"trace\\", \\"grpc\\": \\"debug\\", \\"http\\": \\"debug\\", \\"http2\\": \\"debug\\"}\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#post--logging\\nfor more details about loggers\' naming.","type":"object","required":["loggerLevels"],"properties":{"loggerLevels":{"description":"Desired levels for given loggers.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"UpstreamResilienceSettingsConnectionPoolSettingsHTTP":{"description":"HTTP Settings for outbound requests.","type":"object","properties":{"requestTimeout":{"description":"Timeout for HTTP requests. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Disabled if not set.","type":"string","x-order":0},"retries":{"$ref":"#/components/schemas/v2HTTPRetry"},"maxRequests":{"description":"Maximum number of active requests to the service.\\nApplicable to both HTTP/1.1 and HTTP2.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":2},"maxRequestsPerConnection":{"description":"Maximum number of requests per connection to the service.\\nIf set to 1, it disables keep alive. Default 0, meaning \\"unlimited\\", up to 2^29.","type":"integer","format":"int64","x-order":3}}},"UpstreamResilienceSettingsOutlierDetection":{"description":"Outlier detection settings for the upstream host.","type":"object","properties":{"consecutiveGatewayFailure":{"description":"The number of consecutive gateway failures (502, 503, 504 status codes)\\nbefore a consecutive gateway failure ejection occurs. Defaults to circuitBreakerSensitivity\\nof MEDIUM(5) in TSB.","type":"integer","format":"int64","x-order":0},"enforcingConsecutiveGatewayFailure":{"description":"The percentage of a host to be ejected when an outlier status\\nis detected through consecutive gateway failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100 in TSB.","type":"integer","format":"int64","x-order":1},"consecutive5xx":{"description":"The number of consecutive server-side error responses (for HTTP traffic,\\n5xx responses; for TCP traffic, connection failures; for Redis, failure to\\nrespond PONG; etc.) before a consecutive 5xx ejection occurs. Defaults to 5.","type":"integer","format":"int64","x-order":2},"enforcingConsecutive5xx":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive 5xx. This setting can be used to disable\\nejection or to ramp it up slowly. Defaults to 0 in TSB.","type":"integer","format":"int64","x-order":3},"splitExternalLocalOriginErrors":{"description":"Determines whether to distinguish local origin failures from external errors.\\nLocal Origin Failures are errors that occur within the Envoy process itself, \\nbefore the request is actually sent to the upstream host.\\nexample of these are connection timeout, TCP reset etc.\\nExternal errors are errors that occur after the request is sent to the upstream host.\\nexample of these are 5xx errors, connection refused etc.\\nIf set to true, consecutiveLocalOriginFailure and enforcingConsecutiveLocalOriginFailure will be taken into account.\\nDefaults to false.\\n\\nThe number of consecutive locally originated failures before ejection\\n occurs. Defaults to 5. Parameter takes effect only when splitExternalLocalOriginErrors\\n is set to true.","type":"boolean","x-order":4},"consecutiveLocalOriginFailure":{"type":"integer","format":"int64","x-order":5},"enforcingConsecutiveLocalOriginFailure":{"description":"The percentage of a host to be actually ejected when an outlier status\\nis detected through consecutive locally originated failures. This setting can be\\nused to disable ejection or to ramp it up slowly. Defaults to 100.\\nParameter takes effect only when splitExternalLocalOriginErrors is set to true.","type":"integer","format":"int64","x-order":6},"interval":{"description":"The time interval between ejection analysis sweeps. This can result in\\nboth new ejections as well as hosts being returned to service. Defaults\\nto 10000ms or 10s.","type":"string","x-order":7},"baseEjectionTime":{"description":"The base time that a host is ejected for. The real time is equal to the\\nbase time multiplied by the number of times the host has been ejected.\\nDefaults to 30000ms or 30s.","type":"string","x-order":8}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"apiHttpBody":{"description":"Message that represents an arbitrary HTTP body. It should only be used for\\npayload formats that can\'t be represented as JSON, such as raw binary or\\nan HTML page.\\n\\n\\nThis message can be used both in streaming and non-streaming API methods in\\nthe request as well as the response.\\n\\nIt can be used as a top-level request field, which is convenient if one\\nwants to extract parameters from either the URL or HTTP template into the\\nrequest fields and also want access to the raw HTTP body.\\n\\nExample:\\n\\n    message GetResourceRequest {\\n      // A unique request id.\\n      string request_id = 1;\\n\\n      // The raw HTTP body is bound to this field.\\n      google.api.HttpBody http_body = 2;\\n\\n    }\\n\\n    service ResourceService {\\n      rpc GetResource(GetResourceRequest)\\n        returns (google.api.HttpBody);\\n      rpc UpdateResource(google.api.HttpBody)\\n        returns (google.protobuf.Empty);\\n\\n    }\\n\\nExample with streaming methods:\\n\\n    service CaldavService {\\n      rpc GetCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n      rpc UpdateCalendar(stream google.api.HttpBody)\\n        returns (stream google.api.HttpBody);\\n\\n    }\\n\\nUse of this type only changes how the request and response bodies are\\nhandled, all other features will continue to work unchanged.","type":"object","properties":{"contentType":{"description":"The HTTP Content-Type header value specifying the content type of the body.","type":"string","x-order":0},"data":{"description":"The HTTP request/response body as raw binary.","type":"string","format":"byte","x-order":1},"extensions":{"description":"Application specific response metadata. Must be set in the first response\\nfor streaming APIs.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"apitsbv2API":{"description":"An API object defines an OpenAPI specification that can be used by gateways to validate incoming requests.\\n\\n\\n\\n\\n$hide_from_docs","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4}}},"apitsbv2ListAPIsResponse":{"description":"List of all API objects in the workspace.","type":"object","properties":{"apis":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2API"},"x-order":0}}},"apitsbv2ResourceStatus":{"description":"`ResourceStatus` provides the current status of any TSB resource.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"User friendly message adding details of the status.","type":"string","x-order":1},"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"aggregatedStatus":{"$ref":"#/components/schemas/v2AggregatedStatus"}}},"apitsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/apitsbv2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17},"state":{"$ref":"#/components/schemas/v2ServiceState"}}},"apitsbv2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Periodical interval at which the objects will be reconciled after they are successfully synchronized (created,\\nupdated, deleted) with the Management Plane.\\nThis parameter does not affect retry on unsuccessful operation which are retried with exponential backoff strategy\\n(staring with 3s and max delay 120s).\\nFormat: 1h/1m/1s/1ms. A value of 0 disables per-object reconciliation and uses the operator\'s global interval of 10h.\\nDefault: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5},"pushMode":{"$ref":"#/components/schemas/GitOpsPushMode"}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate. TSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"commonv1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"controlplanev1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be \\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"controlplanev1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"corev3Address":{"description":"Addresses specify either a logical or physical address and port, which are\\nused to tell Envoy where to bind/listen, connect to upstream and find\\nmanagement servers.","type":"object","properties":{"socketAddress":{"$ref":"#/components/schemas/v3SocketAddress"},"pipe":{"$ref":"#/components/schemas/v3Pipe"},"envoyInternalAddress":{"$ref":"#/components/schemas/v3EnvoyInternalAddress"}}},"corev3Locality":{"description":"Identifies location of where either Envoy runs or where upstream hosts run.","type":"object","properties":{"region":{"description":"Region this :ref:`zone &lt;envoy_v3_api_field_config.core.v3.Locality.zone&gt;` belongs to.","type":"string","x-order":0},"zone":{"description":"Defines the local service zone where Envoy is running. Though optional, it\\nshould be set if discovery service routing is used and the discovery\\nservice exposes :ref:`zone data &lt;envoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality&gt;`,\\neither in this message or via :option:`--service-zone`. The meaning of zone\\nis context dependent, e.g. `Availability Zone (AZ)\\n&lt;https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html&gt;`_\\non AWS, `Zone &lt;https://cloud.google.com/compute/docs/regions-zones/&gt;`_ on\\nGCP, etc.","type":"string","x-order":1},"subZone":{"description":"When used for locality of upstream hosts, this field further splits zone\\ninto smaller chunks of sub-zones so they can be load balanced\\nindependently.","type":"string","x-order":2}}},"corev3Node":{"type":"object","title":"Identifies a specific Envoy instance. The node identifier is presented to the\\nmanagement server, which may use this identifier to distinguish per Envoy\\nconfiguration for serving.\\n[#next-free-field: 13]","properties":{"id":{"description":"An opaque node identifier for the Envoy node. This also provides the local\\nservice node name. It should be set if any of the following features are\\nused: :ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`CDS\\n&lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-node`.","type":"string","x-order":0},"cluster":{"description":"Defines the local service cluster name where Envoy is running. Though\\noptional, it should be set if any of the following features are used:\\n:ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`health check cluster\\nverification\\n&lt;envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher&gt;`,\\n:ref:`runtime override directory &lt;envoy_v3_api_msg_config.bootstrap.v3.Runtime&gt;`,\\n:ref:`user agent addition\\n&lt;envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent&gt;`,\\n:ref:`HTTP global rate limiting &lt;config_http_filters_rate_limit&gt;`,\\n:ref:`CDS &lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-cluster`.","type":"string","x-order":1},"metadata":{"description":"Opaque metadata extending the node identifier. Envoy will pass this\\ndirectly to the management server.","type":"object","x-order":2},"dynamicParameters":{"description":"Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike\\nother fields in this message). For example, the xDS client may have a shard identifier that\\nchanges during the lifetime of the xDS client. In Envoy, this would be achieved by updating the\\ndynamic context on the Server::Instance\'s LocalInfo context provider. The shard ID dynamic\\nparameter then appears in this field during future discovery requests.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v3ContextParams"},"x-order":3},"locality":{"$ref":"#/components/schemas/corev3Locality"},"userAgentName":{"type":"string","title":"Free-form string that identifies the entity requesting config.\\nE.g. \\"envoy\\" or \\"grpc\\"","x-order":5},"userAgentVersion":{"type":"string","title":"Free-form string that identifies the version of the entity requesting config.\\nE.g. \\"1.12.2\\" or \\"abcd1234\\", or \\"SpecialEnvoyBuild\\"","x-order":6},"userAgentBuildVersion":{"$ref":"#/components/schemas/v3BuildVersion"},"extensions":{"description":"List of extensions and their versions supported by the node.","type":"array","items":{"$ref":"#/components/schemas/v3Extension"},"x-order":8},"clientFeatures":{"description":"Client feature support list. These are well known features described\\nin the Envoy API repository for a given major version of an API. Client features\\nuse reverse DNS naming scheme, for example ``com.acme.feature``.\\nSee :ref:`the list of features &lt;client_features&gt;` that xDS client may\\nsupport.","type":"array","items":{"type":"string"},"x-order":9},"listeningAddresses":{"description":"Known listening ports on the node as a generic hint to the management server\\nfor filtering :ref:`listeners &lt;config_listeners&gt;` to be returned. For example,\\nif there is a listener bound to port 80, the list can optionally contain the\\nSocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint.","type":"array","items":{"$ref":"#/components/schemas/corev3Address"},"x-order":10}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests either to destination clusters, such as a `Tier1Gateway`,\\nor to specific services, like an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"},"x-order":10},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\npopulating the port will result in an error, as the server is considered only for egress.\\nTSB will automatically configure the mTLS port (15443) on the gateway to receive the mesh traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":8},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"openapi":{"$ref":"#/components/schemas/v2OpenAPI"},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"}}},"gatewayv2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":5},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"gatewayv2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"googlerpcStatus":{"description":"The `Status` type defines a logical error model that is suitable for\\ndifferent programming environments, including REST APIs and RPC APIs. It is\\nused by [gRPC](https://github.com/grpc). Each `Status` message contains\\nthree pieces of data: error code, error message, and error details.\\n\\nYou can find out more about this error model and how to work with it in the\\n[API Design Guide](https://cloud.google.com/apis/design/errors).","type":"object","properties":{"code":{"description":"The status code, which should be an enum value of\\n[google.rpc.Code][google.rpc.Code].","type":"integer","format":"int32","x-order":0},"message":{"description":"A developer-facing error message, which should be in English. Any\\nuser-facing error message should be localized and sent in the\\n[google.rpc.Status.details][google.rpc.Status.details] field, or localized\\nby the client.","type":"string","x-order":1},"details":{"description":"A list of messages that carry the error details.  There is a common set of\\nmessage types for APIs to use.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installcontrolplanev1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installcontrolplanev1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"installcontrolplanev1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4},"indexPrefix":{"description":"The prefix of the ElasticSearch indices and templates.\\nDefaults to `skywalking`.","type":"string","x-order":5}}},"installcontrolplanev1alpha1ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"installcontrolplanev1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"installcontrolplanev1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"installcontrolplanev1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"installcontrolplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"installcontrolplanev1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"installcontrolplanev1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/installcontrolplanev1alpha1LatticeSettings"}}},"installcontrolplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7},"remoteDiagnostic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCPRemoteDiagnosticSettings"}}},"installcontrolplanev1alpha1XCPRemoteDiagnosticSettings":{"description":"Remote Diagnostic settings on the Control Plane side.","type":"object","properties":{"enabled":{"description":"Enable Remote Diagnostic on the Control Plane side.\\n\\nOnce Remote Diagnostic is enabled on the Control Plane side, it will become possible to\\nlaunch from the TSB UI a range of predefined diagnostic tasks for execution in the context\\nof that cluster.\\n\\nIn particular, it will be possible to take config dumps, view low-level metrics,\\nview and change log levels and stream logs from any Istio Gateway and Istio Sidecar\\ndeployed to that cluster.\\n\\nNotice that Remote Diagnostic has to be enabled on both sides, i.e. the Control Plane side\\nand the Management Plane side, which is the default configuration.\\n\\nDefaults to `true`.","type":"boolean","x-order":0}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports configuring the operator and istiod deployments separately and CNI\\nconfiguration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"operatorDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"istiodDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":6}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"description":"`Any` contains an arbitrary serialized protocol buffer message along with a\\nURL that describes the type of the serialized message.\\n\\nProtobuf library provides support to pack/unpack Any values in the form\\nof utility functions or additional generated methods of the Any type.\\n\\nExample 1: Pack and unpack a message in C++.\\n\\n    Foo foo = ...;\\n    Any any;\\n    any.PackFrom(foo);\\n    ...\\n    if (any.UnpackTo(&amp;foo)) {\\n      ...\\n    }\\n\\nExample 2: Pack and unpack a message in Java.\\n\\n    Foo foo = ...;\\n    Any any = Any.pack(foo);\\n    ...\\n    if (any.is(Foo.class)) {\\n      foo = any.unpack(Foo.class);\\n    }\\n    // or ...\\n    if (any.isSameTypeAs(Foo.getDefaultInstance())) {\\n      foo = any.unpack(Foo.getDefaultInstance());\\n    }\\n\\n Example 3: Pack and unpack a message in Python.\\n\\n    foo = Foo(...)\\n    any = Any()\\n    any.Pack(foo)\\n    ...\\n    if any.Is(Foo.DESCRIPTOR):\\n      any.Unpack(foo)\\n      ...\\n\\n Example 4: Pack and unpack a message in Go\\n\\n     foo := &amp;pb.Foo{...}\\n     any, err := anypb.New(foo)\\n     if err != nil {\\n       ...\\n     }\\n     ...\\n     foo := &amp;pb.Foo{}\\n     if err := any.UnmarshalTo(foo); err != nil {\\n       ...\\n     }\\n\\nThe pack methods provided by protobuf library will by default use\\n\'type.googleapis.com/full.type.name\' as the type URL and the unpack\\nmethods only use the fully qualified type name after the last \'/\'\\nin the type URL, for example \\"foo.bar.com/x/y.z\\" will yield type\\nname \\"y.z\\".\\n\\nJSON\\n====\\nThe JSON representation of an `Any` value uses the regular\\nrepresentation of the deserialized, embedded message, with an\\nadditional field `@type` which contains the type URL. Example:\\n\\n    package google.profile;\\n    message Person {\\n      string first_name = 1;\\n      string last_name = 2;\\n    }\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.profile.Person\\",\\n      \\"firstName\\": &lt;string&gt;,\\n      \\"lastName\\": &lt;string&gt;\\n    }\\n\\nIf the embedded message type is well-known and has a custom JSON\\nrepresentation, that representation will be embedded adding a field\\n`value` which holds the custom JSON in addition to the `@type`\\nfield. Example (for message [google.protobuf.Duration][]):\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.protobuf.Duration\\",\\n      \\"value\\": \\"1.212s\\"\\n    }","type":"object","properties":{"@type":{"description":"A URL/resource name that uniquely identifies the type of the serialized\\nprotocol buffer message. This string must contain at least\\none \\"/\\" character. The last segment of the URL\'s path must represent\\nthe fully qualified name of the type (as in\\n`path/google.protobuf.Duration`). The name should be in a canonical form\\n(e.g., leading \\".\\" is not accepted).\\n\\nIn practice, teams usually precompile into the binary all types that they\\nexpect it to use in the context of Any. However, for URLs which use the\\nscheme `http`, `https`, or no scheme, one can optionally set up a type\\nserver that maps type URLs to message definitions as follows:\\n\\n* If no scheme is provided, `https` is assumed.\\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\\n  value in binary format, or produce an error.\\n* Applications are allowed to cache lookup results based on the\\n  URL, or have them precompiled into a binary to avoid any\\n  lookup. Therefore, binary compatibility needs to be preserved\\n  on changes to types. (Use versioned type names to manage\\n  breaking changes.)\\n\\nNote: this functionality is not currently available in the official\\nprotobuf release, and it is not used for type URLs beginning with\\ntype.googleapis.com. As of May 2023, there are no widely used type server\\nimplementations and no plans to implement one.\\n\\nSchemes other than `http`, `https` (or the empty scheme) might be\\nused with implementation specific semantics.","type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\nThe JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"qv2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"rbacv2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/tsbrbacv2Subject"},"x-order":1}}},"registrationv1alpha1Address":{"description":"Address specifies network address.","type":"object","required":["ip","type"],"properties":{"ip":{"description":"IP address.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"registryv2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"registryv2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"registryv2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"securityv2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"telemetryv2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"telemetryv2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"tsbapplicationv2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":9,"readOnly":true}}},"tsbapplicationv2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/tsbapplicationv2API"},"x-order":0}}},"tsbapplicationv2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6},"fromCookies":{"description":"fromCookies:\\n - auth-token\\n\\nThen JWT will be extracted from auth-token cookie in the request.\\n\\nNote: Requests with multiple tokens (at different locations) are not supported.\\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"List of cookie names from which JWT is expected.\\nFor example, if config is:","items":{"type":"string"},"x-order":7}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbdiagnosticv2Workload":{"description":"Name and namespace of a workload.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace of a workload.","type":"string","x-order":0},"name":{"description":"Name of a workload.","type":"string","x-order":1}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"`serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid Kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid Kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"resources":{"description":"`resources` specify the allowed set of resources using TSB FQNs.\\n\\n- `organizations/myorg/tenants/mycompany-a/workspaces/w2` - allow access from workspace w2.\\n- `organizations/myorg/tenants/mycompany/workspaces/w1/securitygroups/s1` - allow access from security group s1.","type":"array","items":{"type":"string"},"x-order":2}}},"tsbgatewayv2AuthorizationSettingsMode":{"description":"A shortcut for defining the common authorization patterns.\\n\\n - UNSET: Represents an unset or default mode.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - SERVICE_ACCOUNT: The workload allows traffic from service accounts defined explicitly.","type":"string","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","SERVICE_ACCOUNT"]},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbrbacv2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"tsbregistryv2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. It corresponds to the gateway virtual hosts.\\nThis field is expected to be empty if the service is not publicly accessible.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/registryv2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/registryv2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"description":"The canonical name of the service defined by user.","type":"string","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15},"internalHostnames":{"type":"array","title":"The hostnames by which this service is accessed internally. Can correspond to the\\nFQDN of the service or to the hostnames provided by an external service (E.g. service entry)","items":{"type":"string"},"x-order":16}}},"tsbsecurityv2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/tsbauthv2Authentication"}}},"tsbsecurityv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"tsbsecurityv2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2AuthenticationSettings":{"description":"Configuration for connection authentication parameters.\\nThis allows the enforcement of mutual TLS connections to upstream services\\nthat do not have a sidecar.\\nThis ensures that gateways or mesh workloads do not communicate in plain text with services outside the mesh.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2AuthenticationSettingsAuthenticationMode"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"tsbv2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2Service"},"x-order":1},"istio":{"$ref":"#/components/schemas/v2IstioStatus"}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesregistrationv1alpha1Settings":{"description":"Settings specifies registration settings.","type":"object","properties":{"connectedOver":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"typessidecarv1alpha1EnvVar":{"description":"EnvVar specifies a single environment variable.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the environment variable.","type":"string","x-order":0},"value":{"description":"Value of the environment variable.","type":"string","x-order":1},"valueEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1Dashboard":{"description":"Message containing some metadata of a dashboard.","type":"object","properties":{"name":{"description":"The name of the dashboard.","type":"string","x-order":0},"title":{"description":"The title of the dashboard.","type":"string","x-order":1},"description":{"description":"The description of the dashboard.","type":"string","x-order":2}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1ListDashboardsResponse":{"description":"Response providing a list of available Grafana dashboards.","type":"object","properties":{"dashboards":{"description":"List of available dashboards.","type":"array","items":{"$ref":"#/components/schemas/v1Dashboard"},"x-order":0}}},"v1alpha1AddressType":{"description":"AddressType specifies type of a network address associated with the workload.\\n\\n - UNSPECIFIED: Not specified.\\n - VPC: IP address from the `VPC` range. Commonly referred to as `Private IP` or\\n`Internal IP`.\\n - INTERNET: IP address from the `Internet` range. Commonly referred to as `Public IP` or\\n`External IP`.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","VPC","INTERNET"]},"v1alpha1AgentInfo":{"description":"AgentInfo specifies information about the `Workload Onboarding Agent`\\ninstalled alongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Workload Onboarding Agent`.","type":"string","x-order":0}}},"v1alpha1ApplyConfigurationResponse":{"description":"Message of the apply sidecar configuration response.","type":"object"},"v1alpha1AuthorizeOnboardingResponse":{"description":"Response to the authorization request.","type":"object","required":["token","expiresAt"],"properties":{"token":{"description":"Bearer token that should be used to authenticate any subsequent requests\\nto the `Workload Onboarding Plane`.\\nAlso known as a `Workload Onboarding Token`.","type":"string","x-order":0},"expiresAt":{"description":"Expiration time of the returned token.","type":"string","format":"date-time","x-order":1}}},"v1alpha1BanyanDBSettings":{"description":"Configure a BanyanDB connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    banyandb:\\n      host: banyandb\\n      port: 5678\\n```\\n$hide_from_docs","type":"object","required":["host","port"],"properties":{"host":{"description":"BanyanDB host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port BanyanDB is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1ContentEquality":{"description":"ContentEquality specifies a strategy to compare two text-like values\\nfor equality, e.g. old and new values of a certain configuration property.\\n\\n - BYTES: Compares two values as opaque byte arrays.\\n - JSON: Compares two values as JSON values.","type":"string","default":"BYTES","enum":["BYTES","JSON"]},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/installcontrolplanev1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/installcontrolplanev1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"awsController":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSController"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"}}},"v1alpha1ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"v1alpha1ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettings"},"banyandb":{"$ref":"#/components/schemas/v1alpha1BanyanDBSettings"},"retentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain metrics for. Defaults to 7 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":2},"tracesRetentionPeriodDays":{"type":"integer","format":"int32","title":"Number of days to retain traces for. Defaults to 3 days.\\nShould be automatically copied from MP and users don\'t need to set it.\\n$hide_from_docs","x-order":3}}},"v1alpha1DeleteConfigurationResponse":{"description":"Message of the delete sidecar configuration response.","type":"object"},"v1alpha1DescribeConfigurationResponse":{"description":"Message of the describe sidecar configuration response.","type":"object","properties":{"version":{"description":"Version of the desired sidecar configuration.","type":"string","x-order":0}}},"v1alpha1Dir":{"description":"Dir specifies a directory.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1}}},"v1alpha1DiscoveryInfo":{"description":"DiscoveryInfo specifies response schema of the `Workload Onboarding Plane`\\nauto-discovery endpoint.","type":"object","required":["uid"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the\\n`Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.","type":"string","x-order":0}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1File":{"description":"File specifies a configuration file.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1},"content":{"description":"File content.","type":"string","format":"byte","x-order":2},"contentEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"},"reloadable":{"description":"Reloadable file.","type":"boolean","x-order":4}}},"v1alpha1GetDiscoveryInfoResponse":{"description":"Message of the discovery response.","type":"object","required":["discoveryInfo"],"properties":{"discoveryInfo":{"$ref":"#/components/schemas/v1alpha1DiscoveryInfo"}}},"v1alpha1GetSidecarInfoResponse":{"description":"Message of the sidecar info response.","type":"object","required":["sidecar"],"properties":{"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"}}},"v1alpha1HostInfo":{"description":"HostInfo specifies information about the host the workload is running on.","type":"object","required":["addresses"],"properties":{"addresses":{"description":"Network addresses of the host the workload is running on.","type":"array","items":{"$ref":"#/components/schemas/registrationv1alpha1Address"},"x-order":0}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"enabled":{"description":"Enable the OAP (SkyWalking) HPA adapter component that allows pods to be\\nscaled based on Skywalking metrics.\\nThis is disabled by default.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across \\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version. \\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/controlplanev1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio \\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10}}},"v1alpha1IstioSidecarInfo":{"description":"IstioInfo specifies information about the `Istio Sidecar` installed\\nalongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Istio Sidecar`.","type":"string","x-order":0},"revision":{"description":"Istio revision the pre-installed `Istio Sidecar` corresponds to.\\n\\nE.g., `canary`, `alpha`, etc.\\n\\nIf omitted, it is assumed that the pre-installed `Istio Sidecar`\\ncorresponds to the `default` Istio revision.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":1}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing k8s resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"}}},"v1alpha1MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1NamespacedName":{"description":"NamespacedName specifies a namespace-scoped name.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"name":{"description":"Resource name.","type":"string","x-order":1}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1RegisterWorkloadResponse":{"description":"Response to the registration request.","type":"object"},"v1alpha1Registration":{"description":"Registration specifies information sent by the `Workload Onboarding Agent`\\nto the `Workload Onboarding Plane` to register the workload in the mesh.","type":"object","required":["agent","sidecar","host"],"properties":{"agent":{"$ref":"#/components/schemas/v1alpha1AgentInfo"},"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"},"host":{"$ref":"#/components/schemas/v1alpha1HostInfo"},"workload":{"$ref":"#/components/schemas/v1alpha1WorkloadInfo"},"settings":{"$ref":"#/components/schemas/typesregistrationv1alpha1Settings"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1SessionResponse":{"description":"SessionResponse specifies response messages sent by the `Workload Onboarding Plane`\\nback to the `Workload Onboarding Agent` as part of a single session.","type":"object","properties":{"discoveryResponse":{"$ref":"#/components/schemas/v3DiscoveryResponse"}}},"v1alpha1SidecarConfiguration":{"description":"SidecarConfiguration represents boot configuration of a sidecar, e.g.\\n`Istio Sidecar`.","type":"object","properties":{"seed":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationSeed"},"update":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationUpdate"}}},"v1alpha1SidecarConfigurationSeed":{"description":"SidecarConfigurationSeed represents seed configuration required to start\\na sidecar, e.g. `Istio Sidecar`.","type":"object","required":["command"],"properties":{"command":{"description":"Path to the sidecar executable, i.e. `pilot-agent` binary of the\\n`Istio Sidecar`.\\n\\nNotice that `Workload Onboarding Agent` is not expected to run this command\\n\\"as is\\". Instead, `Workload Onboarding Agent` should use this value to identify\\nwhich of (potentially many) executables comprising a sidecar it needs to\\nrun.\\n\\nE.g., `Istio Sidecar` comes with `pilot-agent`, `envoy` and `istio-start.sh`\\nexecutables. To clarify that `Workload Onboarding Agent` must use `pilot-agent`\\nbinary to start the sidecar, `Workload Onboarding Plane` will use a command value\\n`/usr/local/bin/pilot-agent`.","type":"string","x-order":0},"args":{"description":"Arguments to the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"type":"string"},"x-order":1},"env":{"description":"Environment variables of the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/typessidecarv1alpha1EnvVar"},"x-order":2},"files":{"description":"Configuration files of the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":3},"dirs":{"description":"Directories required by the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1Dir"},"x-order":4}}},"v1alpha1SidecarConfigurationUpdate":{"description":"SidecarConfigurationUpdate represents an update to the already known\\nseed configuration that can be applied without full restart of the sidecar.","type":"object","properties":{"files":{"description":"Reloadable configuration files of the sidecar, e.g. `Istio token` file\\nreloadable by the Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":0}}},"v1alpha1SidecarInfo":{"description":"SidecarInfo specifies information about the sidecar installed alongside\\nthe workload.","type":"object","properties":{"istio":{"$ref":"#/components/schemas/v1alpha1IstioSidecarInfo"}}},"v1alpha1UnregisterWorkloadResponse":{"description":"Response to the unregistration request.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it will take to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.","type":"string","x-order":0}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/controlplanev1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/commonv1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v1alpha1WorkloadInfo":{"description":"WorkloadInfo specifies information about the workload.","type":"object","properties":{"labels":{"description":"Labels associated with the workload.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"v2AuthenticationSettingsAuthenticationMode":{"description":"AuthenticationMode configures whether to initiate only mutual TLS\\nconnections or to allow plaintext traffic as well.\\n\\n - UNSET: Default is UNSET.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Always initiate mutual TLS authenticated connections, and fail if the upstream does not support it.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":2}}},"v2BlameResponse":{"description":"```yaml\\neffectiveProfileConfig:\\n  trafficSettings:\\n    reachability:\\n      mode: GROUP\\n    resilience:\\n      circuitBreakerSensitivity: MEDIUM\\n  authenticationSettings:\\n    trafficMode: REQUIRED\\neffectiveProfilePaths:\\n  authenticationSettings: organizations/my-org/profiles/profile1\\n  authenticationSettings.trafficMode: organizations/my-org/profiles/profile1\\n  trafficSettings: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability.mode: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience.circuitBreakerSensitivity: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\neffectiveProfileMandatedPaths:\\n  - authenticationSettings\\n  - authenticationSettings.trafficMode\\n```","type":"object","title":"Blame data for a given resource.\\nExample:","properties":{"effectiveProfileConfig":{"$ref":"#/components/schemas/v2ProfileConfig"},"effectiveProfilePaths":{"description":"Map of profile config field paths to the resource FQNs that set the value at that path.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"effectiveProfileMandatedPaths":{"description":"Subset of the effective paths which values are set by mandates.","type":"array","items":{"type":"string"},"x-order":2},"effectiveProfileAttachmentPaths":{"description":"Like effective_profile_paths, but the FQNs are from the resources that attach the profiles.","type":"object","additionalProperties":{"type":"string"},"x-order":3}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2}}},"v2ClusterOnboardingConfig":{"description":"Configuration for onboarding a cluster.\\n\\n\\n\\n","type":"object","required":["namespaces"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the cluster onboarding configuration.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"namespaces":{"description":"Set of namespaces configuration for the cluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterOnboardingConfigNamespaceConfig"},"x-order":2}}},"v2ClusterOnboardingStatus":{"description":"The onboarding status for a cluster.","type":"object","properties":{"namespaces":{"description":"The status of the namespaces in the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingStatusNamespaceStatus"},"x-order":0}}},"v2ClusterOnboardingStatusNamespaceStatus":{"description":"The status of the namespaces in the cluster.","type":"object","properties":{"name":{"description":"The name of the namespace.","type":"string","x-order":0},"desiredState":{"$ref":"#/components/schemas/v2NamespaceDesiredState"},"currentState":{"$ref":"#/components/schemas/v2NamespaceCurrentState"},"currentStateDetails":{"description":"Details about the actual state of the namespace.","type":"string","x-order":3}}},"v2ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/tsbv2Locality"},"mode":{"$ref":"#/components/schemas/v2ControlPlaneMode"},"istioRevisions":{"description":"Metadata of different Istio revision found in the cluster.\\nAn empty istio revisions field represents there was no Istio\\ndiscovered in the cluster.\\nField should not be empty in ControlMode as TSB will install\\nand depend on Istio.\\nIn Observe mode, an empty field represents that a vanilla kubernetes\\ncluster.","type":"array","items":{"$ref":"#/components/schemas/ClusterStateIstioRevision"},"x-order":7}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2ControlPlaneMode":{"description":"Available Control Plane modes for the Control Plane deployment.\\n\\n - UNSET: Default mode will be used.\\n - CONTROL: Default mode installed in Control plane clusters.\\nThe Control Plane will be deployed with the entire TSB feature set\\nenabled for this cluster.\\n - OBSERVE: The Control Plane will be deployed with only service\\ndiscovery and observability features enabled.\\nOther features of TSB like configuration propagation,\\ncross-cluster discovery, etc, will not be available in this cluster.","type":"string","default":"UNSET","enum":["UNSET","CONTROL","OBSERVE"]},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2DownstreamResilienceSettings":{"description":"DownstreamResilienceSettings control the reliability knobs in Envoy when accepting\\ninbound connections.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettings"},"meshTimeout":{"$ref":"#/components/schemas/DownstreamResilienceSettingsMeshTimeout"}}},"v2DownstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for downstream connections.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2DownstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for inbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressAuthorizationSettings":{"description":"EgressAuthorizationSettings define rules for allowing specific service accounts to access external hosts.\\nBy default, when a host is configured for egress access on the Gateway, access is denied.","type":"object","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettings"},"to":{"description":"The set of hostnames exposed on the Gateway through which external hosts\\ncan be accessed.","type":"array","items":{"$ref":"#/components/schemas/EgressAuthorizationSettingsHostDetails"},"x-order":1},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2Extensions":{"description":"Extensions extend TSB functionality.","type":"object","properties":{"kong":{"$ref":"#/components/schemas/v2Kong"}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2FailoverSettings":{"description":"Failover settings for all proxies connecting to a host exposed in this workspace/organization\\nbased on the settings definition scope. Note that this is a server side setting.","type":"object","properties":{"topologyChoice":{"$ref":"#/components/schemas/FailoverSettingsTopologyChoice"},"failoverPriority":{"description":"FailoverPriority specifies the failover priority for traffic. FailoverPriority is an ordered list of labels \\nused to sort endpoints to do priority based load balancing. \\nThis is to support traffic failover across different groups of endpoints.\\nInternally these labels will be matched on both the client and endpoints to determine the priorities for\\nthe respective endpoints based on clients.\\nNote: For a label to be considered for match, the previous labels must match, i.e. \\nnth label would be considered matched only if first n-1 labels match.\\nIf for a particular client-endpoint pair, all the n labels match, the endpoint will be considered P(0).bool\\nIf first n-1 labels match, the endpoint will be considered P(1) and so on.\\n\\nFor getting the labels to be populated on the endpoints generated by the TSB for multicluster and eastwest scenario, \\nyou will need to label the kubernetes service of your gateway or east-west exposed service\\nusing a label with prefix `failover.tetrate.io/`. \\nFor example `failover.tetrate.io/version=v1` should be the label present\\non the kubernetes service of remote gateway or exposed service for east west traffic.\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"failover.tetrate.io/version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```\\n\\nAnother way to label the endpoints for eastwest scenario is to create a ServiceRoute object for the service and\\nspecify the labels in the ServiceRoute object. If there is any pod with such label present in the remote cluster,\\nthe endpoints for it will have these labels and thus it could be used in failoverPriority API.\\n\\nFor example:\\nSuppose if one of your clusters has service reviews only with version v1 and a second cluster with reviews only with version v2,\\nThen use the below serviceroute object to populate service labels to the endpoints dynamically: \\n```yaml\\napiVersion: traffic.tsb.tetrate.io/v2\\nkind: ServiceRoute\\nmetadata:\\n  name: reviews\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  service: ns1/reviews.ns1.svc.cluster.local\\n  subsets:\\n  - name: v1\\n    labels:\\n      version: v1\\n  - name: v2\\n    labels:\\n      version: v2\\n```\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```","type":"array","items":{"type":"string"},"x-order":1},"regionalFailover":{"description":"Locality routing settings for all gateways in the Workspace/Organization for which\\nthis is defined.\\n\\nExplicitly specify the region traffic will land on when endpoints in the local region become unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":2}}},"v2FlaggerDestination":{"description":"FlaggerDestination will route traffic based on a Flagger Canary resource.\\nThe Canary resource must exist in the control plane cluster and have service delegation set to true.","type":"object","required":["canary","namespace"],"properties":{"canary":{"description":"Name of the Canary resource that will manage the deployment.","type":"string","x-order":0},"namespace":{"description":"Namespace of the Canary resource that will manage the deployment.","type":"string","x-order":1}}},"v2GetClusterStatsResponse":{"type":"object","title":"Response to the request for the cluster stats of an Istio Proxy.\\nReturns the output of the `/clusters` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--clusters","properties":{"output":{"description":"Output of the cluster stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetClusterStatsRequestClusterStatsFormat"}}},"v2GetConfigDumpRequestAll":{"description":"Dump all configuration.","type":"object","properties":{"includeEds":{"description":"Include EDS into config dump.","type":"boolean","x-order":0}}},"v2GetConfigDumpRequestEndpoints":{"description":"Dump endpoint configuration.","type":"object"},"v2GetConfigDumpRequestSecrets":{"description":"Dump secret configuration.","type":"object"},"v2GetConfigDumpResponse":{"type":"object","title":"Response to the request for a config dump from an Istio Proxy.\\nReturns the output of the `/config_dump` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--config_dump","properties":{"output":{"description":"Config in JSON format.","type":"string","x-order":0}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":0}}},"v2GetServerStatsResponse":{"type":"object","title":"Response to the request for the server stats of an Istio Proxy.\\nReturns the output of the `/stats` endpoint of the Envoy Admin interface.\\nSee https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--stats","properties":{"output":{"description":"Output of the server stats endpoint of an Istio Proxy.","type":"string","x-order":0},"outputFormat":{"$ref":"#/components/schemas/GetServerStatsRequestServerStatsFormat"}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTPDirectResponse":{"description":"Configures an HTTP response to be generated. This can be used to implement\\nhealth check paths where the gateways will directly reply with a preconfigured\\nresponse when traffic hits certain exposed paths.","type":"object","required":["status"],"properties":{"status":{"description":"Specifies the HTTP response status to be returned.","type":"integer","format":"int64","x-order":0},"body":{"$ref":"#/components/schemas/HTTPDirectResponseHTTPBody"}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPFaultInjection":{"description":"HTTPFaultInjection can be used to specify one or more faults to inject\\nwhile forwarding HTTP requests to the destination specified in a route.\\nFaults include aborting the HTTP request from downstream service, and/or\\ndelaying proxying of requests. A fault rule MUST HAVE delay or abort or\\nboth.\\nNote that delay and abort faults are independent of one another, even if\\nboth are specified simultaneously.","type":"object","properties":{"delay":{"$ref":"#/components/schemas/HTTPFaultInjectionDelay"},"abort":{"$ref":"#/components/schemas/HTTPFaultInjectionAbort"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPMirror":{"description":"HTTPMirror can be used to specify the destinations to mirror HTTP traffic in addition to the original destination.\\nMirrored traffic is on a best effort basis where the sidecar/gateway will not wait for the mirrored destinations\\nto respond before returning the response from the original destination.","type":"object","required":["port"],"properties":{"host":{"description":"The host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":0},"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"percentage":{"description":"Percentage of the traffic to be mirrored.\\nIf this field is absent, the max value 100% will be mirrored.","type":"number","format":"double","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute describes match conditions and actions for HTTP traffic routing to service destinations.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the route.","type":"string","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"description":"Destination host:port and subset where HTTP traffic should be directed.\\n**Note**: Only one of `destination` and `flagger` must be configured per route.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2},"flagger":{"$ref":"#/components/schemas/v2FlaggerDestination"},"fault":{"$ref":"#/components/schemas/v2HTTPFaultInjection"},"mirrors":{"description":"Mirror HTTP traffic to multiple destinations in addition to forwarding the\\nrequests to the intended destination. Mirrored traffic is on a best effort\\nbasis, so it won\'t wait for the mirrored destinations response to respond\\nto the intended destination.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPMirror"},"x-order":5}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":5},"extensions":{"$ref":"#/components/schemas/v2Extensions"}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IdentityMatch":{"description":"IdentityMatch defines the strategy for utilizing service identities during the evaluation of authorization (authz) rules.\\nIt specifies how the identity of a service or workload is verified and used in the context of authz policies.\\nThe strictness of identity verification progresses in the following order:\\nUNKNOWN &lt; PERMISSIVE &lt; PEER_CERTIFICATE &lt; SOURCE_IDENTITY.\\n\\n - UNKNOWN: UNKNOWN represents the default state when identityMatch is not explicitly set.\\nIn practice, it behaves identically to the PERMISSIVE mode, allowing for a flexible approach to\\nidentity verification. This mode is typically used as a fallback or when the specific identity verification\\nstrategy is undecided.\\n - PEER_CERTIFICATE: PEER_CERTIFICATE mode mandates the use of Mutual TLS (mTLS) certificates for identity verification.\\nSpecifically, it utilizes the SPIFFE(Secure Production Identity Framework For Everyone) IDs presented in\\npeer certificates as the basis for authz decision-making. This mode aligns with Istio\'s Principal match\\nauthorization policies, offering a secure method of asserting service identities through cryptographic certificates.\\nIt is suitable for environments where strong, certificate-based identity validation is required.\\n - PERMISSIVE: PERMISSIVE mode offers a flexible, transitional approach to identity verification, allowing the evaluation of authz\\nrules based on either SOURCE_IDENTITY or PEER_CERTIFICATE identities. This mode is designed to facilitate\\ngradual adoption of identity verification practices or to ease system upgrades. It is particularly useful\\nin mixed environments where some services use SPIFFE IDs and others use a different form of service identity.\\n\\nIn ALLOW rules contexts, PERMISSIVE mode authorizes workloads if either their SOURCE_IDENTITY or PEER_CERTIFICATE\\nmatches the allowed principals. This approach broadens the range of clients that can be permitted,\\noffering more flexibility during policy enforcement.\\n\\nConversely, in DENY rules contexts, PERMISSIVE mode restricts access to workloads if either their\\nSOURCE_IDENTITY or PEER_CERTIFICATE matches the denied principals. This results in a more conservative\\nset of clients being allowed, enhancing security by restricting access more broadly.\\n - SOURCE_IDENTITY: SOURCE_IDENTITY mode strictly uses the service identity for authz rules evaluation. This identity is propagated\\nfrom the originating client to the target service workload, which then assesses authz rules based on this received\\nidentity. The mode ensures that authz decisions are made based on the explicit identity of the requesting service,\\nfacilitating fine-grained access control and enhancing security by strictly adhering to the principle of least privilege.\\n\\nThis mode is optimal in environments that require strict enforcement of service identities,\\nwhere the assurance of the caller\'s identity is paramount for secure access control.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","PEER_CERTIFICATE","PERMISSIVE","SOURCE_IDENTITY"]},"v2Impact":{"description":"Impact represents a single impact on a field. It specifies how a profile\\naffects a field and the type of the impact (e.g., effective or overridden).","type":"object","properties":{"fieldPath":{"description":"The path to the field that is impacted by the profile. This path uniquely\\nidentifies the field within the resource.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactImpactType"},"source":{"$ref":"#/components/schemas/v2ImpactSource"},"stringValue":{"description":"The value of the field that is impacted by the profile.","type":"string","x-order":3}}},"v2ImpactAnalysis":{"description":"ImpactAnalysis represents the impact of a profile on a resource.","type":"object","properties":{"effectiveImpactsCount":{"description":"The number of effective impacts, which refers to the number of fields\\nthat are directly impacted by the profile being analyzed.","type":"integer","format":"int32","x-order":0},"overriddenImpactsCount":{"description":"The number of overridden impacts, which refers to fields that have been\\nimpacted by another configuration, such as another profile or settings like\\norganization default setting, tenant default settings, workspace default settings,\\ntraffic settings, etc.","type":"integer","format":"int32","x-order":1},"impacts":{"description":"The list of individual impacts that were detected during the analysis.\\nEach impact corresponds to a field that is affected by the profile.","type":"array","items":{"$ref":"#/components/schemas/v2Impact"},"x-order":2}}},"v2ImpactAnalysisResponse":{"description":"ImpactAnalysisResponse represents the response to the ImpactAnalysisRequest.\\nIt contains detailed information about the impacts of the analyzed profiles.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource impacted.","type":"string","x-order":0},"current":{"$ref":"#/components/schemas/v2ImpactAnalysis"},"modified":{"$ref":"#/components/schemas/v2ImpactAnalysis"}}},"v2ImpactSource":{"description":"The source of the impact. This specifies where the impact originated from,\\nsuch as a profile default, a profile mandate, or a configuration setting.","type":"object","properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource that impacts the field.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/ImpactSourceType"}}},"v2InboundTrafficSetting":{"description":"Configuration for inbound traffic.","type":"object","properties":{"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"resilience":{"$ref":"#/components/schemas/v2DownstreamResilienceSettings"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2IstioStatus":{"description":"IstioStatus provides information about the Istio injection status of the namespace.","type":"object","properties":{"istioInjection":{"$ref":"#/components/schemas/IstioStatusIstioInjection"},"istioRevision":{"description":"Istio revision of the namespace.","type":"string","x-order":1}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2TcpKeepAliveSettings"}}},"v2Kong":{"description":"Kong extension configuration.","type":"object","properties":{"plugins":{"description":"List of plugins.","type":"array","items":{"$ref":"#/components/schemas/KongPlugins"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListAvailableProfilesResponse":{"description":"List of profiles that can be attached to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListClusterOnboardingConfigsResponse":{"description":"List of onboarding configurations for a cluster.","type":"object","properties":{"configs":{"description":"The list of onboarding configurations for the cluster.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterOnboardingConfig"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/tsbv2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListProfilesResponse":{"description":"List of profiles belonging to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServiceTrafficSettingsResponse":{"description":"List of all Service Traffic Settings objects attached to the group.","type":"object","properties":{"serviceSettings":{"description":"List of Service Traffic Setting objects.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/telemetryv2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkloadsResponse":{"description":"Response to the request for a list of Workloads.","type":"object","properties":{"workloads":{"description":"List of workloads.","type":"array","items":{"$ref":"#/components/schemas/tsbdiagnosticv2Workload"},"x-order":0},"nextPageToken":{"description":"A token, which can be sent as `page_token` to retrieve the next page.\\nIf this field is omitted, there are no subsequent pages.","type":"string","x-order":1},"totalSize":{"description":"Total number of Workloads.\\nIf a filter was included in the request, this reflects the total number\\nafter the filtering is applied.","type":"integer","format":"int32","x-order":2}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LoadBalancerSettings":{"description":"Defines Load Balancing policies to be applied on the client requests.","type":"object","properties":{"simple":{"$ref":"#/components/schemas/LoadBalancerSettingsSimpleLB"},"consistentHash":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLB"}}},"v2LoggerLevelsResponse":{"description":"Response to the request for effective logger levels of an Istio Proxy.\\nReturns the output of the `/logging` endpoint of the Envoy Admin interface.","type":"object","properties":{"supportedLevels":{"description":"Supported logging levels.","type":"array","items":{"type":"string"},"x-order":0},"loggerLevels":{"description":"Effective logger levels.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/telemetryv2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2ModifyAttachedProfiles":{"description":"ModifyAttachedProfiles represents a request to analyze the impact of modifying\\nthe attached profiles of a resource.","type":"object","required":["fqn"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the resource to which profiles are attached.","type":"string","x-order":0},"profiles":{"description":"A list of profiles attached to the resource that will be analyzed for impact.\\nThese profiles are used to propagate default and mandatory configurations to\\nchild resources, and any changes to them will be reflected in the impact analysis.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ModifyProfile":{"description":"ModifyProfile represents a request to analyze the impact of modifying a profile.","type":"object","required":["fqn","profile"],"properties":{"fqn":{"description":"The fully-qualified name (FQN) of the profile to analyze. This should refer to a specific profile in the system.","type":"string","x-order":0},"profile":{"$ref":"#/components/schemas/v2Profile"}}},"v2NamespaceCurrentState":{"description":"The current state of a namespace.\\n\\n - CURRENT_UNDEFINED: Undefined state.\\n - CURRENT_UNKNOWN: The TSB CP is not able to determine the state of the namespace.\\n - CURRENT_SYSTEM: The namespace has been detected as TSB system namespace, as cloud provider system namespace, or\\nas a namespace with system components specified in the Cluster Onboarding Config as\\n`DESIRED_SYSTEM`.\\nIt should not have sidecars injected and should not be configured with Istio injection.\\n - CURRENT_DISABLED: The namespace has been detected with no sidecars injected and is not configured with Istio injection.\\nCheck the `current_state_details` field for more information.\\n - CURRENT_ENABLED: The namespace has been detected with sidecars injected and is configured with Istio injection.","type":"string","default":"CURRENT_UNDEFINED","enum":["CURRENT_UNDEFINED","CURRENT_UNKNOWN","CURRENT_SYSTEM","CURRENT_DISABLED","CURRENT_ENABLED"]},"v2NamespaceDesiredState":{"description":"The desired state of a namespace.\\n\\n - DESIRED_UNDEFINED: Undefined state.\\n - DESIRED_UNASSIGNED: The user did not specify a desired state for the namespace.\\n - DESIRED_DISABLED: The namespace should have no sidecars injected and don\'t be configured with Istio injection.\\n - DESIRED_IGNORED: TSB should not modify the Istio injection.\\n - DESIRED_ONBOARDED: The namespace should have a sidecars injected and be configured with Istio injection.\\n - DESIRED_SYSTEM: The namespace should be considered as a system namespace. Which means that the namespace\\ncontain system components and should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nIt is similar in terms of sidecar injection to `DESIRED_DISABLED` but it\\nis used to mark the namespace as a system namespace as well.","type":"string","default":"DESIRED_UNDEFINED","enum":["DESIRED_UNDEFINED","DESIRED_UNASSIGNED","DESIRED_DISABLED","DESIRED_IGNORED","DESIRED_ONBOARDED","DESIRED_SYSTEM"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/v2NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8},"useRefreshToken":{"description":"Enable automatic access token refresh using associated refresh token\\n[(see RFC 6749 section 6)](https://datatracker.ietf.org/doc/html/rfc6749#section-6)\\nprovided that the OAuth server supports that.\\n\\nIf not set defaults to `true`.","type":"boolean","x-order":9}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2OpenAPI":{"type":"object","title":"OpenAPI configuration for the HTTP server.\\n$hide_from_docs","properties":{"fqn":{"description":"The fqn of the API that holds the OpenAPI spec document.","type":"string","x-order":0},"validation":{"$ref":"#/components/schemas/OpenAPIValidation"}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"systemNamespaces":{"description":"List of namespaces that will be considered as system namespaces for the organization\\nand will not be able to be onboarded into TSB.\\nSystem namespaces are namespaces that should not have sidecars injected and don\'t be\\nconfigured with Istio injection.\\nThis is useful for namespaces that are used for infrastructure components like monitoring,\\nlogging, cloud provider components, etc. and that should not be managed by TSB in the\\ncluster namespace onboarding workflows.","type":"array","items":{"type":"string"},"x-order":7}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2OutboundTrafficSetting":{"description":"Configuration for outbound traffic.","type":"object","properties":{"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"egress":{"$ref":"#/components/schemas/v2OutboundTrafficSettingEgressGateway"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients sending traffic to them.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":2}}},"v2OutboundTrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2Profile":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}},"v2ProfileConfig":{"description":"ProfileConfig holds the configuration objects that can be used as defaults or mandates.","type":"object","properties":{"trafficSettings":{"$ref":"#/components/schemas/v2TrafficSetting"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"wafSettings":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmExtensions":{"description":"Wasm Extensions specifies all the WasmExtensions assigned to this profile\\nwith the specific configuration for each extension.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":3},"unsetFields":{"type":"array","title":"Unset fields specify fields that must not have any value.\\nIn Mandates, fields in this list must remain unset, even if subsequent evaluated Profile Mandates define them.\\nIn Defaults, fields in this list are removed if defined in previously evaluated Profile Defaults.\\nItems in this list are dot-separated paths to the fields, relative to the root of ProfileConfig.\\nField names are in camelCase, as in JSON/YAML.\\nPaths that navigate lists or maps unset the sub-path for all elements.\\nFor example:\\n- \\"trafficSettings.reachability.hosts\\"\\n- \\"trafficSettings.resilience.upstreamTrafficSettings.hosts\\"","items":{"type":"string"},"x-order":4}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2ProxyType":{"description":"ProxyType defines the type of a proxy within the service mesh.\\n\\nThis enum is used to apply configurations based on the type of\\nthe proxy.\\n\\n - ANY: ANY is the default proxy type that represents both sidecar,\\nand gateway proxies. Use this value to apply configurations\\nto both sidecars and gateways.\\n - SIDECAR: SIDECAR represents a sidecar proxy that runs alongside an\\napplication. Use this value to apply configurations only\\nto the sidecars.\\n - GATEWAY: GATEWAY represents a gateway proxy that runs standalone\\nand, acts as an entry/exit point into/out of the service\\nmesh. Use this value to apply configurations only to the\\ngateways.","type":"string","default":"ANY","enum":["ANY","SIDECAR","GATEWAY"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"This field is DEPRECATED in favor of `upstreamTrafficSettings.resilience.connectionPool.http.requestTimeout`.\\nTimeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2ResilienceSettingsSensitivity"}}},"v2ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":4}}},"v2RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"v2RoleScopeType":{"type":"object","required":["apiGroup","kind"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kind":{"description":"Specific kind of API under the API group.","type":"string","x-order":1}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\nthe gateway routes traffic to an external service through a user-created service entry.\\nThe service entry should only be created in the gateway deployment namespace with the location set to MESH_EXTERNAL.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"description":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceState":{"description":"State denotes the interactions the service can have with the mesh. A service can exist in one of the states\\nwhich represents the set of interactions(Observability and Control) the mesh can have with these services.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh, has a proxy we can configure and can be observed with\\nSkywalking agents.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2ServiceTrafficSetting":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2StreamLogsResponse":{"description":"Response to the request to stream logs of an Istio Proxy.","type":"object","properties":{"output":{"description":"Logs of an Istio Proxy.","type":"string","x-order":0}}},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"v2TcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficMode":{"description":"Traffic mode defines the type of configuration that has been configured on a Gateway server.\\n\\n - AUTO: AUTO mode indicates that the type of configuration is automatically detected from the underlying Gateway deployment.\\n - INGRESS: INGRESS mode specifies the configuration for managing incoming traffic into the mesh.\\nIn this mode, the Gateway server is responsible for handling incoming requests from external sources\\nand routing them to appropriate services within the mesh.\\n - EGRESS: EGRESS mode specifies the configuration for managing outgoing traffic from the mesh to external destinations.\\nIn this mode, the Gateway server controls traffic leaving the mesh and enforces policies and security measures\\nfor accessing external services.\\n - TRANSIT: TRANSIT mode specifies that the Gateway is configured to facilitate transit traffic between different clusters\\nwithin the mesh that are not directly reachable. This mode enables forwarding of traffic between clusters\\nvia the Gateway, allowing communication between services deployed in separate clusters.","type":"string","default":"AUTO","enum":["AUTO","INGRESS","EGRESS","TRANSIT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":8},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"v2UpstreamResilienceSettings":{"description":"UpstreamResilienceSettings controls the reliability knobs for client connections\\nto the upstream hosts.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsSensitivity"},"outlierDetection":{"$ref":"#/components/schemas/UpstreamResilienceSettingsOutlierDetection"}}},"v2UpstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for the upstream host.","type":"object","properties":{"http":{"$ref":"#/components/schemas/UpstreamResilienceSettingsConnectionPoolSettingsHTTP"},"tcp":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2UpstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for outbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"maxConnections":{"description":"Maximum number of HTTP1 /TCP connections to the service.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":1},"connectTimeout":{"description":"TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Default is 10s.","type":"string","x-order":2}}},"v2UpstreamResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - CUSTOM: When selected, the outlier detection settings must be specified \\nin the resilience.outlierDetection field.\\nIf that field is set but the mode is not CUSTOM, those settings will be ignored.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH","CUSTOM"]},"v2UpstreamTrafficSettings":{"description":"Traffic settings for the clients that are downstreams to the defined\\nupstream hosts.","type":"object","properties":{"hosts":{"description":"List of hosts for which the settings will be created. Can contain wildcard hosts.\\nThe host should be a service from the service registry or a host declared by ServiceEntries.","type":"array","items":{"type":"string"},"x-order":0},"settings":{"$ref":"#/components/schemas/v2UpstreamTrafficSettingsSettings"}}},"v2UpstreamTrafficSettingsSettings":{"description":"Traffic settings to be applied to the clients of the upstream hosts.","type":"object","properties":{"resilience":{"$ref":"#/components/schemas/v2UpstreamResilienceSettings"},"loadBalancer":{"$ref":"#/components/schemas/v2LoadBalancerSettings"},"authentication":{"$ref":"#/components/schemas/tsbtrafficv2AuthenticationSettings"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/extensionv2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the download proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v3BuildVersion":{"description":"BuildVersion combines SemVer version of extension with free-form build information\\n(i.e. \'alpha\', \'private-build\') as a set of strings.","type":"object","properties":{"version":{"$ref":"#/components/schemas/v3SemanticVersion"},"metadata":{"type":"object","title":"Free-form build information.\\nEnvoy defines several well known keys in the source/common/version/version.h file","x-order":1}}},"v3ContextParams":{"description":"`xds.resource.listening_address`: The value is \\"IP:port\\" (e.g. \\"10.1.1.3:8080\\") which is\\n  the listening address of a Listener. Used in a Listener resource query.","type":"object","title":"Additional parameters that can be used to select resource variants. These include any\\nglobal context parameters, per-resource type client feature capabilities and per-resource\\ntype functional attributes. All per-resource type attributes will be `xds.resource.`\\nprefixed and some of these are documented below:","properties":{"params":{"type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v3ControlPlane":{"description":"Identifies a specific ControlPlane instance that Envoy is connected to.","type":"object","properties":{"identifier":{"description":"An opaque control plane identifier that uniquely identifies an instance\\nof control plane. This can be used to identify which control plane instance,\\nthe Envoy is connected to.","type":"string","x-order":0}}},"v3DiscoveryRequest":{"type":"object","title":"A DiscoveryRequest requests a set of versioned resources of the same type for\\na given Envoy node on some API.\\n[#next-free-field: 8]","properties":{"versionInfo":{"description":"The version_info provided in the request messages will be the version_info\\nreceived with the most recent successfully processed response or empty on\\nthe first request. It is expected that no new request is sent after a\\nresponse is received until the Envoy instance is ready to ACK/NACK the new\\nconfiguration. ACK/NACK takes place by returning the new API config version\\nas applied or the previous API config version respectively. Each type_url\\n(see below) has an independent version associated with it.","type":"string","x-order":0},"node":{"$ref":"#/components/schemas/corev3Node"},"resourceNames":{"description":"List of resources to subscribe to, e.g. list of cluster names or a route\\nconfiguration name. If this is empty, all resources for the API are\\nreturned. LDS/CDS may have empty resource_names, which will cause all\\nresources for the Envoy instance to be returned. The LDS and CDS responses\\nwill then imply a number of resources that need to be fetched via EDS/RDS,\\nwhich will be explicitly enumerated in resource_names.","type":"array","items":{"type":"string"},"x-order":2},"resourceLocators":{"description":"[#not-implemented-hide:]\\nAlternative to ``resource_names`` field that allows specifying dynamic\\nparameters along with each resource name. Clients that populate this\\nfield must be able to handle responses from the server where resources\\nare wrapped in a Resource message.\\nNote that it is legal for a request to have some resources listed\\nin ``resource_names`` and others in ``resource_locators``.","type":"array","items":{"$ref":"#/components/schemas/v3ResourceLocator"},"x-order":3},"typeUrl":{"description":"Type of the resource that is being requested, e.g.\\n\\"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\\". This is implicit\\nin requests made via singleton xDS APIs such as CDS, LDS, etc. but is\\nrequired for ADS.","type":"string","x-order":4},"responseNonce":{"description":"nonce corresponding to DiscoveryResponse being ACK/NACKed. See above\\ndiscussion on version_info and the DiscoveryResponse nonce comment. This\\nmay be empty only if 1) this is a non-persistent-stream xDS such as HTTP,\\nor 2) the client has not yet accepted an update in this xDS stream (unlike\\ndelta, where it is populated only for new explicit ACKs).","type":"string","x-order":5},"errorDetail":{"$ref":"#/components/schemas/googlerpcStatus"}}},"v3DiscoveryResponse":{"type":"object","title":"[#next-free-field: 7]","properties":{"versionInfo":{"description":"The version of the response data.","type":"string","x-order":0},"resources":{"description":"The response resources. These resources are typed and depend on the API being called.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":1},"canary":{"description":"* --terminate-on-canary-transition-failure. When set, Envoy is able to\\n  terminate if it detects that configuration is stuck at canary. Consider\\n  this example sequence of updates:\\n  - Management server applies a canary config successfully.\\n  - Management server rolls back to a production config.\\n  - Envoy rejects the new production config.\\n  Since there is no sensible way to continue receiving configuration\\n  updates, Envoy will then terminate and apply production config from a\\n  clean slate.\\n* --dry-run-canary. When set, a canary response will never be applied, only\\n  validated via a dry run.","type":"boolean","title":"[#not-implemented-hide:]\\nCanary is used to support two Envoy command line flags:","x-order":2},"typeUrl":{"description":"Type URL for resources. Identifies the xDS API when muxing over ADS.\\nMust be consistent with the type_url in the \'resources\' repeated Any (if non-empty).","type":"string","x-order":3},"nonce":{"description":"For gRPC based subscriptions, the nonce provides a way to explicitly ack a\\nspecific DiscoveryResponse in a following DiscoveryRequest. Additional\\nmessages may have been sent by Envoy to the management server for the\\nprevious version on the stream prior to this DiscoveryResponse, that were\\nunprocessed at response send time. The nonce allows the management server\\nto ignore any further DiscoveryRequests for the previous version until a\\nDiscoveryRequest bearing the nonce. The nonce is optional and is not\\nrequired for non-stream based xDS implementations.","type":"string","x-order":4},"controlPlane":{"$ref":"#/components/schemas/v3ControlPlane"}}},"v3EnvoyInternalAddress":{"type":"object","title":"The address represents an envoy internal listener.\\n[#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]","properties":{"serverListenerName":{"description":"Specifies the :ref:`name &lt;envoy_v3_api_field_config.listener.v3.Listener.name&gt;` of the\\ninternal listener.","type":"string","x-order":0},"endpointId":{"description":"Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a\\nsingle upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for\\nexample, may be set to the final destination IP for the target internal listener.","type":"string","x-order":1}}},"v3Extension":{"type":"object","title":"Version and identification for an Envoy extension.\\n[#next-free-field: 7]","properties":{"name":{"description":"This is the name of the Envoy filter as specified in the Envoy\\nconfiguration, e.g. envoy.filters.http.router, com.acme.widget.","type":"string","x-order":0},"category":{"type":"string","title":"Category of the extension.\\nExtension category names use reverse DNS notation. For instance \\"envoy.filters.listener\\"\\nfor Envoy\'s built-in listener filters or \\"com.acme.filters.http\\" for HTTP filters from\\nacme.com vendor.\\n[#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]","x-order":1},"typeDescriptor":{"type":"string","title":"[#not-implemented-hide:] Type descriptor of extension configuration proto.\\n[#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]\\n[#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]","x-order":2},"version":{"$ref":"#/components/schemas/v3BuildVersion"},"disabled":{"description":"Indicates that the extension is present but was disabled via dynamic configuration.","type":"boolean","x-order":4},"typeUrls":{"description":"Type URLs of extension configuration protos.","type":"array","items":{"type":"string"},"x-order":5}}},"v3Pipe":{"type":"object","properties":{"path":{"description":"Unix Domain Socket path. On Linux, paths starting with \'@\' will use the\\nabstract namespace. The starting \'@\' is replaced by a null byte by Envoy.\\nPaths starting with \'@\' will result in an error in environments other than\\nLinux.","type":"string","x-order":0},"mode":{"description":"The mode for the Pipe. Not applicable for abstract sockets.","type":"integer","format":"int64","x-order":1}}},"v3ResourceLocator":{"description":"Specifies a resource to be subscribed to.","type":"object","properties":{"name":{"description":"The resource name to subscribe to.","type":"string","x-order":0},"dynamicParameters":{"description":"A set of dynamic parameters used to match against the dynamic parameter\\nconstraints on the resource. This allows clients to select between\\nmultiple variants of the same resource.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v3SemanticVersion":{"description":"Envoy uses SemVer (https://semver.org/). Major/minor versions indicate\\nexpected behaviors and APIs, the patch version field is used only\\nfor security fixes and can be generally ignored.","type":"object","properties":{"majorNumber":{"type":"integer","format":"int64","x-order":0},"minorNumber":{"type":"integer","format":"int64","x-order":1},"patch":{"type":"integer","format":"int64","x-order":2}}},"v3SocketAddress":{"type":"object","title":"[#next-free-field: 7]","properties":{"protocol":{"$ref":"#/components/schemas/v3SocketAddressProtocol"},"address":{"description":"The address for this socket. :ref:`Listeners &lt;config_listeners&gt;` will bind\\nto the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``\\nto bind to any address. [#comment:TODO(zuercher) reinstate when implemented:\\nIt is possible to distinguish a Listener address via the prefix/suffix matching\\nin :ref:`FilterChainMatch &lt;envoy_v3_api_msg_config.listener.v3.FilterChainMatch&gt;`.] When used\\nwithin an upstream :ref:`BindConfig &lt;envoy_v3_api_msg_config.core.v3.BindConfig&gt;`, the address\\ncontrols the source address of outbound connections. For :ref:`clusters\\n&lt;envoy_v3_api_msg_config.cluster.v3.Cluster&gt;`, the cluster type determines whether the\\naddress must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS\\n(``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized\\nvia :ref:`resolver_name &lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;`.","type":"string","x-order":1},"portValue":{"type":"integer","format":"int64","x-order":2},"namedPort":{"description":"This is only valid if :ref:`resolver_name\\n&lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;` is specified below and the\\nnamed resolver is capable of named port resolution.","type":"string","x-order":3},"resolverName":{"description":"The name of the custom resolver. This must have been registered with Envoy. If\\nthis is empty, a context dependent default applies. If the address is a concrete\\nIP address, no resolution will occur. If address is a hostname this\\nshould be set for resolution other than DNS. Specifying a custom resolver with\\n``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime.","type":"string","x-order":4},"ipv4Compat":{"description":"When binding to an IPv6 address above, this enables `IPv4 compatibility\\n&lt;https://tools.ietf.org/html/rfc3493#page-11&gt;`_. Binding to ``::`` will\\nallow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into\\nIPv6 space as ``::FFFF:&lt;IPv4-address&gt;``.","type":"boolean","x-order":5}}},"v3SocketAddressProtocol":{"type":"string","default":"TCP","enum":["TCP","UDP"]}}}}},"1_10_x":{"url":"service-bridge/generated/openapi/1.10.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.10.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/v2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/registryv2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbregistryv2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/v2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile2","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbgatewayv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/gatewayv2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/gatewayv2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbistiointernalv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles":{"get":{"tags":["Profiles"],"summary":"List all Profiles that belong to a resource.","operationId":"Profiles_ListProfiles3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Profiles"],"summary":"Create a profile object for a given resource.\\nA `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenants, Workspaces and Groups levels.","operationId":"Profiles_CreateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_CreateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/profiles/{profile}":{"get":{"tags":["Profiles"],"summary":"Get the details of a Profile in an resource.","operationId":"Profiles_GetProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Profiles"],"summary":"Modify a Profile in a resource.","operationId":"Profiles_UpdateProfile3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Profiles_UpdateProfileBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Profile"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Profiles"],"summary":"Delete a Profile from a resource.","operationId":"Profiles_DeleteProfile3","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Profile name.","name":"profile","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbsecurityv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbtrafficv2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/availableprofiles":{"get":{"tags":["Profiles"],"summary":"Lists the profiles that can be attached to the given resource.\\nThe returned profiles contain metadata (fqn, display name and description) information.\\nTo retrieve the full profile, rely on `GetProfile` or `ListProfiles` methods.","operationId":"Profiles_ListAvailableProfiles5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAvailableProfilesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings":{"get":{"tags":["Traffic"],"summary":"List all service traffic settings objects that have been attached to the traffic group.","operationId":"Traffic_ListServiceTrafficSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a service traffic settings object in the traffic group.","operationId":"Traffic_CreateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Traffic Setting.","type":"object","required":["name","serviceSetting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceSetting":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/servicesettings/{servicesetting}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service traffic settings object.","operationId":"Traffic_GetServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given service traffic settings object.","operationId":"Traffic_UpdateServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service traffic settings from the group.","operationId":"Traffic_DeleteServiceTrafficSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Create a local User in TSB.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Modify an existing local user.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"This method should only be used when there is no Identity Provider configured in TSB\\nand all users are managed locally by IAM.\\nWhen using an external Identity Provider, the SyncOrganization method should be used\\ninstead to synchronize the users and teams.","tags":["Teams"],"summary":"Delete an existing user.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/blame":{"get":{"tags":["Profiles"],"summary":"Get the profile blame data for a given resource FQN.","operationId":"Profiles_Blame_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2BlameResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/apitsbv2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"SidecarConfigurationService"},{"name":"SidecarInfoService"},{"name":"OnboardingAuthorizationService"},{"name":"OnboardingPlaneDiscoveryService"},{"name":"WorkloadRegistrationService"},{"name":"AgentSessionService"},{"name":"Applications"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Profiles"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/qv2Metadata"},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Profiles_CreateProfileBody":{"content":{"application/json":{"schema":{"description":"Request to create a profile belonging to a given resource.","type":"object","required":["name","profile"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"profile":{"$ref":"#/components/schemas/v2Profile"}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true},"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"Profiles_UpdateProfileBody":{"content":{"application/json":{"schema":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ConsistentHashLBMagLev":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nIt can be used as a drop in replacement for `RingHash`. It has higher speed than RingHash with faster hash table lookups.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#maglev","required":["tableSize"],"properties":{"tableSize":{"description":"The table size for Maglev hashing. This helps in controlling the\\ndisruption when the backend hosts change.\\nIncreasing the table size reduces the amount of disruption.","type":"integer","format":"int64","x-order":0}}},"ConsistentHashLBRingHash":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nEach upstream host is mapped onto a circle (ring) by hashing its address, each request is then\\nrouted using some hash property of the request.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#ring-hash","properties":{"minimumRingSize":{"description":"The minimum number of virtual nodes to use for the hash\\nring. Defaults to 1024. Larger ring sizes result in more granular\\nload distributions. If the number of hosts in the load balancing\\npool is larger than the ring size, each host will be assigned a\\nsingle virtual node.","type":"integer","format":"int64","x-order":0}}},"EgressAuthorizationSettingsHostDetails":{"description":"List of external hosts details.","type":"object","required":["host"],"properties":{"host":{"$ref":"#/components/schemas/v2StringMatch"},"paths":{"description":"The request paths allowed for access, e.g., [\\"/accounts\\", \\"/info*\\", \\"/user/profile/*\\"].\\nExact and prefix-based regular matches are supported.\\nIf not set, any path is allowed.","type":"array","items":{"type":"string"},"x-order":1},"methods":{"description":"The HTTP methods allowed by this rule, e.g., [\\"GET\\", \\"HEAD\\"].\\nIf not set, any method is allowed.","type":"array","items":{"type":"string"},"x-order":2}}},"FailoverSettingsTopologyChoice":{"description":"TopologyChoice specifies the topology preference for traffic priority.\\n\\n - NONE: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - CLUSTER: Prefer traffic to stay in the cluster as much as possible.\\n - LOCALITY: Prefer traffic to stay in the region/zone/subzone as much as possible irrespective of the cluster.","type":"string","default":"NONE","enum":["NONE","CLUSTER","LOCALITY"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"GitOpsPushMode":{"description":"Push mode for GitOps component. Default: SYNC.\\n\\n - SYNC: In SYNC mode TSB K8s resources are validated and pushed to Management Plane synchronously,\\nblocking on resource creation until the resource is created successfully in the Management Plane.\\nThis is the default mode.\\n - ASYNC: In ASYNC mode TSB K8s resources are pushed to Management Plane asynchronously, without blocking on resource creation.\\nTo know if the resource was created successfully, check its K8s status.","type":"string","default":"SYNC","enum":["SYNC","ASYNC"]},"HTTPDirectResponseHTTPBody":{"description":"Specifies the content of the response body.","type":"object","properties":{"string":{"type":"string","title":"response body as a string","x-order":0},"bytes":{"description":"response body as base64 encoded bytes.","type":"string","format":"byte","x-order":1}}},"HTTPFaultInjectionAbort":{"description":"Abort specification is used to prematurely abort a request with a\\npre-specified error code.\\nThe _httpStatus_ field is used to indicate the HTTP status code to\\nreturn to the caller. The optional _percentage_ field can be used to only\\nabort a certain percentage of requests. If not specified, no request will be\\naborted.","type":"object","properties":{"percentage":{"description":"Percentage of requests to be aborted with the error code provided.\\nIf not specified, no request will be aborted.","type":"number","format":"double","x-order":0},"httpStatus":{"description":"HTTP status code to use to abort the HTTP request.","type":"integer","format":"int32","x-order":1},"grpcStatus":{"type":"string","title":"GRPC status code to use to abort the request. The supported\\ncodes are documented in https://github.com/grpc/grpc/blob/master/doc/statuscodes.md","x-order":2}}},"HTTPFaultInjectionDelay":{"description":"Delay specification is used to inject latency into the request\\nforwarding path.\\n\\nThe _fixedDelay_ field is used to indicate the amount of delay in seconds.\\nThe optional _percentage_ field can be used to only delay a certain\\npercentage of requests. If left unspecified, no request will be delayed.","type":"object","properties":{"percentage":{"description":"Percentage of requests on which the delay will be injected.\\nIf left unspecified, no request will be delayed.","type":"number","format":"double","x-order":0},"fixedDelay":{"description":"Add a fixed delay before forwarding the request. Format:\\n1h/1m/1s/1ms. MUST be &gt;=1ms.","type":"string","x-order":1}}},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"LoadBalancerSettingsConsistentHashLB":{"description":"Consistent Hash-based load balancing can be used to provide soft\\nsession affinity based on HTTP headers, cookies or other\\nproperties. The affinity to a particular destination host may be\\nlost when one or more hosts are added/removed from the destination\\nservice.\\n\\nNote: consistent hashing is less reliable at maintaining affinity than common\\n\\"sticky sessions\\" implementations, which often encode a specific destination in\\na cookie, ensuring affinity is maintained as long as the backend remains.\\nWith consistent hash, the guarantees are weaker; any host addition or removal can\\nbreak affinity for `1/backends` requests.\\n\\nWarning: consistent hashing depends on each proxy having a consistent view of endpoints.\\nThis is not the case when locality load balancing is enabled. Locality load balancing\\nand consistent hash will only work together when all proxies are in the same locality,\\nor a high level load balancer handles locality affinity.","type":"object","properties":{"httpHeaderName":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"httpCookie":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLBHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.\\nThis is applicable for both TCP and HTTP connections.","type":"boolean","x-order":2},"httpQueryParameterName":{"description":"Hash based on a specific HTTP query parameter.","type":"string","x-order":3},"ringHash":{"$ref":"#/components/schemas/ConsistentHashLBRingHash"},"maglev":{"$ref":"#/components/schemas/ConsistentHashLBMagLev"}}},"LoadBalancerSettingsConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"LoadBalancerSettingsSimpleLB":{"description":"Standard load balancing algorithms that require no tuning.\\n\\n - UNSPECIFIED: No load balancing algorithm has been specified by the user.\\nAn appropriate default will be used.\\n - RANDOM: The random load balancer selects a random healthy host. The random\\nload balancer generally performs better than round robin if no health\\nchecking policy is configured.\\n - PASSTHROUGH: This option will forward the connection to the original IP address\\nrequested by the caller without doing any form of load\\nbalancing. This option must be used with care. It is meant for\\nadvanced use cases. Refer to Original Destination load balancer in\\nEnvoy for further details.\\n - ROUND_ROBIN: A basic round robin load balancing policy. This is generally unsafe\\nfor many scenarios (e.g. when enpoint weighting is used) as it can\\noverburden endpoints. In general, prefer to use LEAST_REQUEST as a\\ndrop-in replacement for ROUND_ROBIN.\\n - LEAST_REQUEST: The least request load balancer spreads load across endpoints, favoring\\nendpoints with the least outstanding requests. This is generally safer\\nand outperforms ROUND_ROBIN in nearly all cases. Prefer to use\\nLEAST_REQUEST as a drop-in replacement for ROUND_ROBIN.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","RANDOM","PASSTHROUGH","ROUND_ROBIN","LEAST_REQUEST"]},"MeshExpansionSettingsOnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer"}}},"MeshExpansionSettingsOnboardingPlaneTokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"N2ACPEPSettings":{"description":"Settings for the Envoy Policy Enforcement Point (PEP) access decision calls.","type":"object","properties":{"disableTls":{"description":"Setting for disabling TLS for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"skipTlsVerify":{"description":"Skip TLS verification for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":1},"timeout":{"description":"Timeout in seconds for the PEP access decision calls to NGAC Cluster Server (PDP) (Default: 5s).","type":"string","x-order":2},"cache":{"$ref":"#/components/schemas/PEPSettingsCache"}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"PEPSettingsCache":{"description":"PEP Cache for access decisions.","type":"object","properties":{"disabled":{"description":"Disable caching of access decisions from NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"ignoreNoCacheHeader":{"description":"Ignore the \'no-cache\' header.","type":"boolean","x-order":1},"ttl":{"description":"TTL for the cache (Default: 10s).","type":"string","x-order":2}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/ServiceMetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServiceMetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/ServiceRouteStickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteStickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"UpstreamResilienceSettingsConnectionPoolSettingsHTTP":{"description":"HTTP Settings for outbound requests.","type":"object","properties":{"requestTimeout":{"description":"Timeout for HTTP requests. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Disabled if not set.","type":"string","x-order":0},"retries":{"$ref":"#/components/schemas/v2HTTPRetry"},"maxRequests":{"description":"Maximum number of active requests to the service.\\nApplicable to both HTTP/1.1 and HTTP2.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":2},"maxRequestsPerConnection":{"description":"Maximum number of requests per connection to the service.\\nIf set to 1, it disables keep alive. Default 0, meaning \\"unlimited\\", up to 2^29.","type":"integer","format":"int64","x-order":3}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"apitsbv2ResourceStatus":{"description":"`ResourceStatus` provides the current status of any TSB resource.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"User friendly message adding details of the status.","type":"string","x-order":1},"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"aggregatedStatus":{"$ref":"#/components/schemas/v2AggregatedStatus"}}},"apitsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/v2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Interval at which the reconcile process will run.\\nThe reconcile process will read all TSB CRs that exist in the cluster and\\nreapply them to the management plane, to make sure the cluster CRs remain\\nas the source of truth. Format: 1h/1m/1s/1ms. A value of 0 disables the\\nreconcile loop. Default: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5},"pushMode":{"$ref":"#/components/schemas/GitOpsPushMode"}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate. TSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"commonv1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"corev3Address":{"description":"Addresses specify either a logical or physical address and port, which are\\nused to tell Envoy where to bind/listen, connect to upstream and find\\nmanagement servers.","type":"object","properties":{"socketAddress":{"$ref":"#/components/schemas/v3SocketAddress"},"pipe":{"$ref":"#/components/schemas/v3Pipe"},"envoyInternalAddress":{"$ref":"#/components/schemas/v3EnvoyInternalAddress"}}},"corev3Locality":{"description":"Identifies location of where either Envoy runs or where upstream hosts run.","type":"object","properties":{"region":{"description":"Region this :ref:`zone &lt;envoy_v3_api_field_config.core.v3.Locality.zone&gt;` belongs to.","type":"string","x-order":0},"zone":{"description":"Defines the local service zone where Envoy is running. Though optional, it\\nshould be set if discovery service routing is used and the discovery\\nservice exposes :ref:`zone data &lt;envoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality&gt;`,\\neither in this message or via :option:`--service-zone`. The meaning of zone\\nis context dependent, e.g. `Availability Zone (AZ)\\n&lt;https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html&gt;`_\\non AWS, `Zone &lt;https://cloud.google.com/compute/docs/regions-zones/&gt;`_ on\\nGCP, etc.","type":"string","x-order":1},"subZone":{"description":"When used for locality of upstream hosts, this field further splits zone\\ninto smaller chunks of sub-zones so they can be load balanced\\nindependently.","type":"string","x-order":2}}},"corev3Node":{"type":"object","title":"Identifies a specific Envoy instance. The node identifier is presented to the\\nmanagement server, which may use this identifier to distinguish per Envoy\\nconfiguration for serving.\\n[#next-free-field: 13]","properties":{"id":{"description":"An opaque node identifier for the Envoy node. This also provides the local\\nservice node name. It should be set if any of the following features are\\nused: :ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`CDS\\n&lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-node`.","type":"string","x-order":0},"cluster":{"description":"Defines the local service cluster name where Envoy is running. Though\\noptional, it should be set if any of the following features are used:\\n:ref:`statsd &lt;arch_overview_statistics&gt;`, :ref:`health check cluster\\nverification\\n&lt;envoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher&gt;`,\\n:ref:`runtime override directory &lt;envoy_v3_api_msg_config.bootstrap.v3.Runtime&gt;`,\\n:ref:`user agent addition\\n&lt;envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent&gt;`,\\n:ref:`HTTP global rate limiting &lt;config_http_filters_rate_limit&gt;`,\\n:ref:`CDS &lt;config_cluster_manager_cds&gt;`, and :ref:`HTTP tracing\\n&lt;arch_overview_tracing&gt;`, either in this message or via\\n:option:`--service-cluster`.","type":"string","x-order":1},"metadata":{"description":"Opaque metadata extending the node identifier. Envoy will pass this\\ndirectly to the management server.","type":"object","x-order":2},"dynamicParameters":{"description":"Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike\\nother fields in this message). For example, the xDS client may have a shard identifier that\\nchanges during the lifetime of the xDS client. In Envoy, this would be achieved by updating the\\ndynamic context on the Server::Instance\'s LocalInfo context provider. The shard ID dynamic\\nparameter then appears in this field during future discovery requests.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v3ContextParams"},"x-order":3},"locality":{"$ref":"#/components/schemas/corev3Locality"},"userAgentName":{"type":"string","title":"Free-form string that identifies the entity requesting config.\\nE.g. \\"envoy\\" or \\"grpc\\"","x-order":5},"userAgentVersion":{"type":"string","title":"Free-form string that identifies the version of the entity requesting config.\\nE.g. \\"1.12.2\\" or \\"abcd1234\\", or \\"SpecialEnvoyBuild\\"","x-order":6},"userAgentBuildVersion":{"$ref":"#/components/schemas/v3BuildVersion"},"extensions":{"description":"List of extensions and their versions supported by the node.","type":"array","items":{"$ref":"#/components/schemas/v3Extension"},"x-order":8},"clientFeatures":{"description":"Client feature support list. These are well known features described\\nin the Envoy API repository for a given major version of an API. Client features\\nuse reverse DNS naming scheme, for example ``com.acme.feature``.\\nSee :ref:`the list of features &lt;client_features&gt;` that xDS client may\\nsupport.","type":"array","items":{"type":"string"},"x-order":9},"listeningAddresses":{"description":"Known listening ports on the node as a generic hint to the management server\\nfor filtering :ref:`listeners &lt;config_listeners&gt;` to be returned. For example,\\nif there is a listener bound to port 80, the list can optionally contain the\\nSocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint.","type":"array","items":{"$ref":"#/components/schemas/corev3Address"},"x-order":10}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"},"x-order":10},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"gatewayv2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\npopulating the port will result in an error, as the server is considered only for egress.\\nTSB will automatically configure the mTLS port (15443) on the gateway to receive the mesh traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":8},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"}}},"gatewayv2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":5},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"gatewayv2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"googlerpcStatus":{"description":"The `Status` type defines a logical error model that is suitable for\\ndifferent programming environments, including REST APIs and RPC APIs. It is\\nused by [gRPC](https://github.com/grpc). Each `Status` message contains\\nthree pieces of data: error code, error message, and error details.\\n\\nYou can find out more about this error model and how to work with it in the\\n[API Design Guide](https://cloud.google.com/apis/design/errors).","type":"object","properties":{"code":{"description":"The status code, which should be an enum value of\\n[google.rpc.Code][google.rpc.Code].","type":"integer","format":"int32","x-order":0},"message":{"description":"A developer-facing error message, which should be in English. Any\\nuser-facing error message should be localized and sent in the\\n[google.rpc.Status.details][google.rpc.Status.details] field, or localized\\nby the client.","type":"string","x-order":1},"details":{"description":"A list of messages that carry the error details.  There is a common set of\\nmessage types for APIs to use.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installcontrolplanev1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"installcontrolplanev1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"installcontrolplanev1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4},"indexPrefix":{"description":"The prefix of the ElasticSearch indices and templates.\\nDefaults to `skywalking`.","type":"string","x-order":5}}},"installcontrolplanev1alpha1ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"installcontrolplanev1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"installcontrolplanev1alpha1N2AC":{"description":"Kubernetes settings for the N2AC components: Envoy PEP and NGAC discovery controller.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1},"pep":{"$ref":"#/components/schemas/N2ACPEPSettings"},"enabled":{"description":"Enable the ngac runtime enforcement. Disabled by default.","type":"boolean","x-order":3}}},"installcontrolplanev1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"installcontrolplanev1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"installcontrolplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"installcontrolplanev1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"installcontrolplanev1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/installcontrolplanev1alpha1LatticeSettings"}}},"installcontrolplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7},"remoteDiagnostic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCPRemoteDiagnosticSettings"}}},"installcontrolplanev1alpha1XCPRemoteDiagnosticSettings":{"description":"Remote Diagnostic settings on the Control Plane side.","type":"object","properties":{"enabled":{"description":"Enable Remote Diagnostic on the Control Plane side.\\n\\nOnce Remote Diagnostic is enabled on the Control Plane side, it will become possible to\\nlaunch from the TSB UI a range of predefined diagnostic tasks for execution in the context\\nof that cluster.\\n\\nIn particular, it will be possible to take config dumps, view low-level metrics,\\nview and change log levels and stream logs from any Istio Gateway and Istio Sidecar\\ndeployed to that cluster.\\n\\nNotice that Remote Diagnostic has to be enabled on both sides, i.e. the Control Plane side\\nand the Management Plane side, which is the default configuration.\\n\\nDefaults to `true`.","type":"boolean","x-order":0}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports configuring the operator and istiod deployments separately and CNI\\nconfiguration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"operatorDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"istiodDeployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":6}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"description":"`Any` contains an arbitrary serialized protocol buffer message along with a\\nURL that describes the type of the serialized message.\\n\\nProtobuf library provides support to pack/unpack Any values in the form\\nof utility functions or additional generated methods of the Any type.\\n\\nExample 1: Pack and unpack a message in C++.\\n\\n    Foo foo = ...;\\n    Any any;\\n    any.PackFrom(foo);\\n    ...\\n    if (any.UnpackTo(&amp;foo)) {\\n      ...\\n    }\\n\\nExample 2: Pack and unpack a message in Java.\\n\\n    Foo foo = ...;\\n    Any any = Any.pack(foo);\\n    ...\\n    if (any.is(Foo.class)) {\\n      foo = any.unpack(Foo.class);\\n    }\\n    // or ...\\n    if (any.isSameTypeAs(Foo.getDefaultInstance())) {\\n      foo = any.unpack(Foo.getDefaultInstance());\\n    }\\n\\n Example 3: Pack and unpack a message in Python.\\n\\n    foo = Foo(...)\\n    any = Any()\\n    any.Pack(foo)\\n    ...\\n    if any.Is(Foo.DESCRIPTOR):\\n      any.Unpack(foo)\\n      ...\\n\\n Example 4: Pack and unpack a message in Go\\n\\n     foo := &amp;pb.Foo{...}\\n     any, err := anypb.New(foo)\\n     if err != nil {\\n       ...\\n     }\\n     ...\\n     foo := &amp;pb.Foo{}\\n     if err := any.UnmarshalTo(foo); err != nil {\\n       ...\\n     }\\n\\nThe pack methods provided by protobuf library will by default use\\n\'type.googleapis.com/full.type.name\' as the type URL and the unpack\\nmethods only use the fully qualified type name after the last \'/\'\\nin the type URL, for example \\"foo.bar.com/x/y.z\\" will yield type\\nname \\"y.z\\".\\n\\nJSON\\n====\\nThe JSON representation of an `Any` value uses the regular\\nrepresentation of the deserialized, embedded message, with an\\nadditional field `@type` which contains the type URL. Example:\\n\\n    package google.profile;\\n    message Person {\\n      string first_name = 1;\\n      string last_name = 2;\\n    }\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.profile.Person\\",\\n      \\"firstName\\": &lt;string&gt;,\\n      \\"lastName\\": &lt;string&gt;\\n    }\\n\\nIf the embedded message type is well-known and has a custom JSON\\nrepresentation, that representation will be embedded adding a field\\n`value` which holds the custom JSON in addition to the `@type`\\nfield. Example (for message [google.protobuf.Duration][]):\\n\\n    {\\n      \\"@type\\": \\"type.googleapis.com/google.protobuf.Duration\\",\\n      \\"value\\": \\"1.212s\\"\\n    }","type":"object","properties":{"@type":{"description":"A URL/resource name that uniquely identifies the type of the serialized\\nprotocol buffer message. This string must contain at least\\none \\"/\\" character. The last segment of the URL\'s path must represent\\nthe fully qualified name of the type (as in\\n`path/google.protobuf.Duration`). The name should be in a canonical form\\n(e.g., leading \\".\\" is not accepted).\\n\\nIn practice, teams usually precompile into the binary all types that they\\nexpect it to use in the context of Any. However, for URLs which use the\\nscheme `http`, `https`, or no scheme, one can optionally set up a type\\nserver that maps type URLs to message definitions as follows:\\n\\n* If no scheme is provided, `https` is assumed.\\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\\n  value in binary format, or produce an error.\\n* Applications are allowed to cache lookup results based on the\\n  URL, or have them precompiled into a binary to avoid any\\n  lookup. Therefore, binary compatibility needs to be preserved\\n  on changes to types. (Use versioned type names to manage\\n  breaking changes.)\\n\\nNote: this functionality is not currently available in the official\\nprotobuf release, and it is not used for type URLs beginning with\\ntype.googleapis.com. As of May 2023, there are no widely used type server\\nimplementations and no plans to implement one.\\n\\nSchemes other than `http`, `https` (or the empty scheme) might be\\nused with implementation specific semantics.","type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\nThe JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"qv2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":1}}},"rbacv2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/tsbrbacv2Subject"},"x-order":1}}},"registrationv1alpha1Address":{"description":"Address specifies network address.","type":"object","required":["ip","type"],"properties":{"ip":{"description":"IP address.","type":"string","x-order":0},"type":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"registryv2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"registryv2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh and has a proxy we can configure.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"registryv2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"securityv2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"telemetryv2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"tsbapplicationv2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6},"fromCookies":{"description":"fromCookies:\\n - auth-token\\n\\nThen JWT will be extracted from auth-token cookie in the request.\\n\\nNote: Requests with multiple tokens (at different locations) are not supported.\\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"List of cookie names from which JWT is expected.\\nFor example, if config is:","items":{"type":"string"},"x-order":7}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"`serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid Kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid Kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"resources":{"description":"`resources` specify the allowed set of resources using TSB FQNs.\\n\\n- `organizations/myorg/tenants/mycompany-a/workspaces/w2` - allow access from workspace w2.\\n- `organizations/myorg/tenants/mycompany/workspaces/w1/securitygroups/s1` - allow access from security group s1.","type":"array","items":{"type":"string"},"x-order":2}}},"tsbgatewayv2AuthorizationSettingsMode":{"description":"A shortcut for defining the common authorization patterns.\\n\\n - UNSET: Represents an unset or default mode.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - SERVICE_ACCOUNT: The workload allows traffic from service accounts defined explicitly.","type":"string","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","SERVICE_ACCOUNT"]},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the gateway group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbrbacv2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"tsbregistryv2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/registryv2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/registryv2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/registryv2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"type":"string","title":"The canonical name of the service defined by user","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15}}},"tsbsecurityv2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/tsbauthv2Authentication"}}},"tsbsecurityv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"tsbsecurityv2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"profiles":{"description":"List of profiles attached to the security group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2AuthenticationSettings":{"description":"Configuration for connection authentication parameters.\\nThis allows the enforcement of mutual TLS connections to upstream services\\nthat do not have a sidecar.\\nThis ensures that gateways or mesh workloads do not communicate in plain text with services outside the mesh.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/v2AuthenticationSettingsAuthenticationMode"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"profiles":{"description":"List of profiles attached to the traffic group to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/apitsbv2Service"},"x-order":1}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesregistrationv1alpha1Settings":{"description":"Settings specifies registration settings.","type":"object","properties":{"connectedOver":{"$ref":"#/components/schemas/v1alpha1AddressType"}}},"typessidecarv1alpha1EnvVar":{"description":"EnvVar specifies a single environment variable.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the environment variable.","type":"string","x-order":0},"value":{"description":"Value of the environment variable.","type":"string","x-order":1},"valueEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1alpha1AddressType":{"description":"AddressType specifies type of a network address associated with the workload.\\n\\n - UNSPECIFIED: Not specified.\\n - VPC: IP address from the `VPC` range. Commonly referred to as `Private IP` or\\n`Internal IP`.\\n - INTERNET: IP address from the `Internet` range. Commonly referred to as `Public IP` or\\n`External IP`.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","VPC","INTERNET"]},"v1alpha1AgentInfo":{"description":"AgentInfo specifies information about the `Workload Onboarding Agent`\\ninstalled alongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Workload Onboarding Agent`.","type":"string","x-order":0}}},"v1alpha1ApplyConfigurationResponse":{"description":"Message of the apply sidecar configuration response.","type":"object"},"v1alpha1AuthorizeOnboardingResponse":{"description":"Response to the authorization request.","type":"object","required":["token","expiresAt"],"properties":{"token":{"description":"Bearer token that should be used to authenticate any subsequent requests\\nto the `Workload Onboarding Plane`.\\nAlso known as a `Workload Onboarding Token`.","type":"string","x-order":0},"expiresAt":{"description":"Expiration time of the returned token.","type":"string","format":"date-time","x-order":1}}},"v1alpha1ContentEquality":{"description":"ContentEquality specifies a strategy to compare two text-like values\\nfor equality, e.g. old and new values of a certain configuration property.\\n\\n - BYTES: Compares two values as opaque byte arrays.\\n - JSON: Compares two values as JSON values.","type":"string","default":"BYTES","enum":["BYTES","JSON"]},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/installcontrolplanev1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/installcontrolplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/installcontrolplanev1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"n2ac":{"$ref":"#/components/schemas/installcontrolplanev1alpha1N2AC"},"awsController":{"$ref":"#/components/schemas/installcontrolplanev1alpha1AWSController"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8}}},"v1alpha1ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"v1alpha1ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/installcontrolplanev1alpha1ElasticSearchSettings"}}},"v1alpha1DeleteConfigurationResponse":{"description":"Message of the delete sidecar configuration response.","type":"object"},"v1alpha1DescribeConfigurationResponse":{"description":"Message of the describe sidecar configuration response.","type":"object","properties":{"version":{"description":"Version of the desired sidecar configuration.","type":"string","x-order":0}}},"v1alpha1Dir":{"description":"Dir specifies a directory.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1}}},"v1alpha1DiscoveryInfo":{"description":"DiscoveryInfo specifies response schema of the `Workload Onboarding Plane`\\nauto-discovery endpoint.","type":"object","required":["uid"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the\\n`Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.","type":"string","x-order":0}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1File":{"description":"File specifies a configuration file.","type":"object","required":["path","mode"],"properties":{"path":{"description":"File path.","type":"string","x-order":0},"mode":{"description":"File mode.","type":"integer","format":"int32","x-order":1},"content":{"description":"File content.","type":"string","format":"byte","x-order":2},"contentEquality":{"$ref":"#/components/schemas/v1alpha1ContentEquality"},"reloadable":{"description":"Reloadable file.","type":"boolean","x-order":4}}},"v1alpha1GetDiscoveryInfoResponse":{"description":"Message of the discovery response.","type":"object","required":["discoveryInfo"],"properties":{"discoveryInfo":{"$ref":"#/components/schemas/v1alpha1DiscoveryInfo"}}},"v1alpha1GetSidecarInfoResponse":{"description":"Message of the sidecar info response.","type":"object","required":["sidecar"],"properties":{"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"}}},"v1alpha1HostInfo":{"description":"HostInfo specifies information about the host the workload is running on.","type":"object","required":["addresses"],"properties":{"addresses":{"description":"Network addresses of the host the workload is running on.","type":"array","items":{"$ref":"#/components/schemas/registrationv1alpha1Address"},"x-order":0}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"enabled":{"description":"Enable the OAP (SkyWalking) HPA adapter component that allows pods to be\\nscaled based on Skywalking metrics.\\nThis is disabled by default.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across \\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version. \\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio \\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10}}},"v1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be \\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"v1alpha1IstioSidecarInfo":{"description":"IstioInfo specifies information about the `Istio Sidecar` installed\\nalongside the workload.","type":"object","required":["version"],"properties":{"version":{"description":"Version of the `Istio Sidecar`.","type":"string","x-order":0},"revision":{"description":"Istio revision the pre-installed `Istio Sidecar` corresponds to.\\n\\nE.g., `canary`, `alpha`, etc.\\n\\nIf omitted, it is assumed that the pre-installed `Istio Sidecar`\\ncorresponds to the `default` Istio revision.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":1}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing k8s resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"}}},"v1alpha1MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/MeshExpansionSettingsOnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1NamespacedName":{"description":"NamespacedName specifies a namespace-scoped name.","type":"object","required":["namespace","name"],"properties":{"namespace":{"description":"Namespace name.","type":"string","x-order":0},"name":{"description":"Resource name.","type":"string","x-order":1}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/installcontrolplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1RegisterWorkloadResponse":{"description":"Response to the registration request.","type":"object"},"v1alpha1Registration":{"description":"Registration specifies information sent by the `Workload Onboarding Agent`\\nto the `Workload Onboarding Plane` to register the workload in the mesh.","type":"object","required":["agent","sidecar","host"],"properties":{"agent":{"$ref":"#/components/schemas/v1alpha1AgentInfo"},"sidecar":{"$ref":"#/components/schemas/v1alpha1SidecarInfo"},"host":{"$ref":"#/components/schemas/v1alpha1HostInfo"},"workload":{"$ref":"#/components/schemas/v1alpha1WorkloadInfo"},"settings":{"$ref":"#/components/schemas/typesregistrationv1alpha1Settings"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1SessionResponse":{"description":"SessionResponse specifies response messages sent by the `Workload Onboarding Plane`\\nback to the `Workload Onboarding Agent` as part of a single session.","type":"object","properties":{"discoveryResponse":{"$ref":"#/components/schemas/v3DiscoveryResponse"}}},"v1alpha1SidecarConfiguration":{"description":"SidecarConfiguration represents boot configuration of a sidecar, e.g.\\n`Istio Sidecar`.","type":"object","properties":{"seed":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationSeed"},"update":{"$ref":"#/components/schemas/v1alpha1SidecarConfigurationUpdate"}}},"v1alpha1SidecarConfigurationSeed":{"description":"SidecarConfigurationSeed represents seed configuration required to start\\na sidecar, e.g. `Istio Sidecar`.","type":"object","required":["command"],"properties":{"command":{"description":"Path to the sidecar executable, i.e. `pilot-agent` binary of the\\n`Istio Sidecar`.\\n\\nNotice that `Workload Onboarding Agent` is not expected to run this command\\n\\"as is\\". Instead, `Workload Onboarding Agent` should use this value to identify\\nwhich of (potentially many) executables comprising a sidecar it needs to\\nrun.\\n\\nE.g., `Istio Sidecar` comes with `pilot-agent`, `envoy` and `istio-start.sh`\\nexecutables. To clarify that `Workload Onboarding Agent` must use `pilot-agent`\\nbinary to start the sidecar, `Workload Onboarding Plane` will use a command value\\n`/usr/local/bin/pilot-agent`.","type":"string","x-order":0},"args":{"description":"Arguments to the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"type":"string"},"x-order":1},"env":{"description":"Environment variables of the sidecar command, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/typessidecarv1alpha1EnvVar"},"x-order":2},"files":{"description":"Configuration files of the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":3},"dirs":{"description":"Directories required by the sidecar, e.g. Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1Dir"},"x-order":4}}},"v1alpha1SidecarConfigurationUpdate":{"description":"SidecarConfigurationUpdate represents an update to the already known\\nseed configuration that can be applied without full restart of the sidecar.","type":"object","properties":{"files":{"description":"Reloadable configuration files of the sidecar, e.g. `Istio token` file\\nreloadable by the Istio `pilot-agent`.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1File"},"x-order":0}}},"v1alpha1SidecarInfo":{"description":"SidecarInfo specifies information about the sidecar installed alongside\\nthe workload.","type":"object","properties":{"istio":{"$ref":"#/components/schemas/v1alpha1IstioSidecarInfo"}}},"v1alpha1UnregisterWorkloadResponse":{"description":"Response to the unregistration request.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it will take to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.","type":"string","x-order":0}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/v1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/commonv1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v1alpha1WorkloadInfo":{"description":"WorkloadInfo specifies information about the workload.","type":"object","properties":{"labels":{"description":"Labels associated with the workload.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HTTP"},"x-order":9,"readOnly":true}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/rbacv2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/v2ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/qv2Metadata"}}},"v2ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"v2AuthenticationSettingsAuthenticationMode":{"description":"AuthenticationMode configures whether to initiate only mutual TLS\\nconnections or to allow plaintext traffic as well.\\n\\n - UNSET: Default is UNSET.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Always initiate mutual TLS authenticated connections, and fail if the upstream does not support it.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/securityv2Rule"},"x-order":2}}},"v2BlameResponse":{"description":"```yaml\\neffectiveProfileConfig:\\n  trafficSettings:\\n    reachability:\\n      mode: GROUP\\n    resilience:\\n      circuitBreakerSensitivity: MEDIUM\\n  authenticationSettings:\\n    trafficMode: REQUIRED\\neffectiveProfilePaths:\\n  authenticationSettings: organizations/my-org/profiles/profile1\\n  authenticationSettings.trafficMode: organizations/my-org/profiles/profile1\\n  trafficSettings: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.reachability.mode: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n  trafficSettings.resilience.circuitBreakerSensitivity: organizations/my-org/tenants/my-tenant/workspaces/ws/trafficgroups/tg/profiles/profile2\\n```","type":"object","title":"Blame data for a given resource.\\nExample:","properties":{"effectiveProfileConfig":{"$ref":"#/components/schemas/v2ProfileConfig"},"effectiveProfilePaths":{"description":"Map of profile config field paths to the resource FQNs that set the value at that path.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/tsbv2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/v2ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2}}},"v2ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/tsbv2Locality"}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2DownstreamResilienceSettings":{"description":"DownstreamResilienceSettings control the reliability knobs in Envoy when accepting\\ninbound connections.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettings"}}},"v2DownstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for downstream connections.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2DownstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2DownstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for inbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressAuthorizationSettings":{"description":"EgressAuthorizationSettings define rules for allowing specific service accounts to access external hosts.\\nBy default, when a host is configured for egress access on the Gateway, access is denied.","type":"object","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettings"},"to":{"description":"The set of hostnames exposed on the Gateway through which external hosts\\ncan be accessed.","type":"array","items":{"$ref":"#/components/schemas/EgressAuthorizationSettingsHostDetails"},"x-order":1},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2FailoverSettings":{"description":"Failover settings for all proxies connecting to a host exposed in this workspace/organization\\nbased on the settings definition scope. Note that this is a server side setting.","type":"object","properties":{"topologyChoice":{"$ref":"#/components/schemas/FailoverSettingsTopologyChoice"},"failoverPriority":{"description":"FailoverPriority specifies the failover priority for traffic. FailoverPriority is an ordered list of labels \\nused to sort endpoints to do priority based load balancing. \\nThis is to support traffic failover across different groups of endpoints.\\nInternally these labels will be matched on both the client and endpoints to determine the priorities for\\nthe respective endpoints based on clients.\\nNote: For a label to be considered for match, the previous labels must match, i.e. \\nnth label would be considered matched only if first n-1 labels match.\\nIf for a particular client-endpoint pair, all the n labels match, the endpoint will be considered P(0).bool\\nIf first n-1 labels match, the endpoint will be considered P(1) and so on.\\n\\nFor getting the labels to be populated on the endpoints generated by the TSB for multicluster and eastwest scenario, \\nyou will need to label the kubernetes service of your gateway or east-west exposed service\\nusing a label with prefix `failover.tetrate.io/`. \\nFor example `failover.tetrate.io/version=v1` should be the label present\\non the kubernetes service of remote gateway or exposed service for east west traffic.\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"failover.tetrate.io/version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```\\n\\nAnother way to label the endpoints for eastwest scenario is to create a ServiceRoute object for the service and\\nspecify the labels in the ServiceRoute object. If there is any pod with such label present in the remote cluster,\\nthe endpoints for it will have these labels and thus it could be used in failoverPriority API.\\n\\nFor example:\\nSuppose if one of your clusters has service reviews only with version v1 and a second cluster with reviews only with version v2,\\nThen use the below serviceroute object to populate service labels to the endpoints dynamically: \\n```yaml\\napiVersion: traffic.tsb.tetrate.io/v2\\nkind: ServiceRoute\\nmetadata:\\n  name: reviews\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  service: ns1/reviews.ns1.svc.cluster.local\\n  subsets:\\n  - name: v1\\n    labels:\\n      version: v1\\n  - name: v2\\n    labels:\\n      version: v2\\n```\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```","type":"array","items":{"type":"string"},"x-order":1},"regionalFailover":{"description":"Locality routing settings for all gateways in the Workspace/Organization for which\\nthis is defined.\\n\\nExplicitly specify the region traffic will land on when endpoints in the local region become unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":2}}},"v2FlaggerDestination":{"description":"FlaggerDestination will route traffic based on a Flagger Canary resource.\\nThe Canary resource must exist in the control plane cluster and have service delegation set to true.","type":"object","required":["canary","namespace"],"properties":{"canary":{"description":"Name of the Canary resource that will manage the deployment.","type":"string","x-order":0},"namespace":{"description":"Namespace of the Canary resource that will manage the deployment.","type":"string","x-order":1}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":0}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTPDirectResponse":{"description":"Configures an HTTP response to be generated. This can be used to implement\\nhealth check paths where the gateways will directly reply with a preconfigured\\nresponse when traffic hits certain exposed paths.","type":"object","required":["status"],"properties":{"status":{"description":"Specifies the HTTP response status to be returned.","type":"integer","format":"int64","x-order":0},"body":{"$ref":"#/components/schemas/HTTPDirectResponseHTTPBody"}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPFaultInjection":{"description":"HTTPFaultInjection can be used to specify one or more faults to inject\\nwhile forwarding HTTP requests to the destination specified in a route.\\nFaults include aborting the HTTP request from downstream service, and/or\\ndelaying proxying of requests. A fault rule MUST HAVE delay or abort or\\nboth.\\nNote that delay and abort faults are independent of one another, even if\\nboth are specified simultaneously.","type":"object","properties":{"delay":{"$ref":"#/components/schemas/HTTPFaultInjectionDelay"},"abort":{"$ref":"#/components/schemas/HTTPFaultInjectionAbort"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPMirror":{"description":"HTTPMirror can be used to specify the destinations to mirror HTTP traffic in addition to the original destination.\\nMirrored traffic is on a best effort basis where the sidecar/gateway will not wait for the mirrored destinations\\nto respond before returning the response from the original destination.","type":"object","required":["port"],"properties":{"host":{"description":"The host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":0},"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"percentage":{"description":"Percentage of the traffic to be mirrored.\\nIf this field is absent, the max value 100% will be mirrored.","type":"number","format":"double","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute describes match conditions and actions for HTTP traffic routing to service destinations.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the route.","type":"string","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"description":"Destination host:port and subset where HTTP traffic should be directed.\\n**Note**: Only one of `destination` and `flagger` must be configured per route.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2},"flagger":{"$ref":"#/components/schemas/v2FlaggerDestination"},"fault":{"$ref":"#/components/schemas/v2HTTPFaultInjection"},"mirrors":{"description":"Mirror HTTP traffic to multiple destinations in addition to forwarding the\\nrequests to the intended destination. Mirrored traffic is on a best effort\\nbasis, so it won\'t wait for the mirrored destinations response to respond\\nto the intended destination.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPMirror"},"x-order":5}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":5}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IdentityMatch":{"description":"IdentityMatch defines the strategy for utilizing service identities during the evaluation of authorization (authz) rules.\\nIt specifies how the identity of a service or workload is verified and used in the context of authz policies.\\nThe strictness of identity verification progresses in the following order:\\nUNKNOWN &lt; PERMISSIVE &lt; PEER_CERTIFICATE &lt; SOURCE_IDENTITY.\\n\\n - UNKNOWN: UNKNOWN represents the default state when identityMatch is not explicitly set.\\nIn practice, it behaves identically to the PERMISSIVE mode, allowing for a flexible approach to\\nidentity verification. This mode is typically used as a fallback or when the specific identity verification\\nstrategy is undecided.\\n - PEER_CERTIFICATE: PEER_CERTIFICATE mode mandates the use of Mutual TLS (mTLS) certificates for identity verification.\\nSpecifically, it utilizes the SPIFFE(Secure Production Identity Framework For Everyone) IDs presented in\\npeer certificates as the basis for authz decision-making. This mode aligns with Istio\'s Principal match\\nauthorization policies, offering a secure method of asserting service identities through cryptographic certificates.\\nIt is suitable for environments where strong, certificate-based identity validation is required.\\n - PERMISSIVE: PERMISSIVE mode offers a flexible, transitional approach to identity verification, allowing the evaluation of authz\\nrules based on either SOURCE_IDENTITY or PEER_CERTIFICATE identities. This mode is designed to facilitate\\ngradual adoption of identity verification practices or to ease system upgrades. It is particularly useful\\nin mixed environments where some services use SPIFFE IDs and others use a different form of service identity.\\n\\nIn ALLOW rules contexts, PERMISSIVE mode authorizes workloads if either their SOURCE_IDENTITY or PEER_CERTIFICATE\\nmatches the allowed principals. This approach broadens the range of clients that can be permitted,\\noffering more flexibility during policy enforcement.\\n\\nConversely, in DENY rules contexts, PERMISSIVE mode restricts access to workloads if either their\\nSOURCE_IDENTITY or PEER_CERTIFICATE matches the denied principals. This results in a more conservative\\nset of clients being allowed, enhancing security by restricting access more broadly.\\n - SOURCE_IDENTITY: SOURCE_IDENTITY mode strictly uses the service identity for authz rules evaluation. This identity is propagated\\nfrom the originating client to the target service workload, which then assesses authz rules based on this received\\nidentity. The mode ensures that authz decisions are made based on the explicit identity of the requesting service,\\nfacilitating fine-grained access control and enhancing security by strictly adhering to the principle of least privilege.\\n\\nThis mode is optimal in environments that require strict enforcement of service identities,\\nwhere the assurance of the caller\'s identity is paramount for secure access control.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","PEER_CERTIFICATE","PERMISSIVE","SOURCE_IDENTITY"]},"v2InboundTrafficSetting":{"description":"Configuration for inbound traffic.","type":"object","properties":{"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"resilience":{"$ref":"#/components/schemas/v2DownstreamResilienceSettings"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2TcpKeepAliveSettings"}}},"v2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/v2API"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListAvailableProfilesResponse":{"description":"List of profiles that can be attached to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/v2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/gatewayv2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListProfilesResponse":{"description":"List of profiles belonging to a given resource.","type":"object","properties":{"profiles":{"description":"List of profiles.","type":"array","items":{"$ref":"#/components/schemas/v2Profile"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServiceTrafficSettingsResponse":{"description":"List of all Service Traffic Settings objects attached to the group.","type":"object","properties":{"serviceSettings":{"description":"List of Service Traffic Setting objects.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceTrafficSetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/v2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LoadBalancerSettings":{"description":"Defines Load Balancing policies to be applied on the client requests.","type":"object","properties":{"simple":{"$ref":"#/components/schemas/LoadBalancerSettingsSimpleLB"},"consistentHash":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLB"}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/telemetryv2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/v2NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"profiles":{"description":"List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2OutboundTrafficSetting":{"description":"Configuration for outbound traffic.","type":"object","properties":{"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"egress":{"$ref":"#/components/schemas/v2OutboundTrafficSettingEgressGateway"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients sending traffic to them.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":2}}},"v2OutboundTrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2Profile":{"description":"A `Profile` object can be created at Organization, Tenant, and Workspace levels. Once created, a profile can be\\nattached at its own level or down the hierarchy at Organization, Tenant, Workspace and Groups levels.\\nOnce attached, all the configurations provided in the profile and compatible with the attachment point will be applied,\\nthe others will be ignored.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"defaults":{"$ref":"#/components/schemas/v2ProfileConfig"},"mandates":{"$ref":"#/components/schemas/v2ProfileConfig"}}},"v2ProfileConfig":{"description":"ProfileConfig holds the configuration objects that can be used as defaults or mandates.","type":"object","properties":{"trafficSettings":{"$ref":"#/components/schemas/v2TrafficSetting"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"wafSettings":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmExtensions":{"description":"Wasm Extensions specifies all the WasmExtensions assigned to this profile\\nwith the specific configuration for each extension.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":3},"unsetFields":{"type":"array","title":"Unset fields specify fields that must not have any value.\\nIn Mandates, fields in this list must remain unset, even if subsequent evaluated Profile Mandates define them.\\nIn Defaults, fields in this list are removed if defined in previously evaluated Profile Defaults.\\nItems in this list are dot-separated paths to the fields, relative to the root of ProfileConfig.\\nField names are in camelCase, as in JSON/YAML.\\nPaths that navigate lists or maps unset the sub-path for all elements.\\nFor example:\\n- \\"trafficSettings.reachability.hosts\\"\\n- \\"trafficSettings.resilience.upstreamTrafficSettings.hosts\\"","items":{"type":"string"},"x-order":4}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"This field is DEPRECATED in favor of `upstreamTrafficSettings.resilience.connectionPool.http.requestTimeout`.\\nTimeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"tcpKeepalive":{"description":"Deprecated. This field will be removed in upcoming releases.\\nPlease use the `keep_alive` field instead.\\nIf enabled, sets SO_KEEPALIVE on the socket to enable TCP keepalive.","type":"boolean","x-order":2},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2ResilienceSettingsSensitivity"}}},"v2ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/v2RoleRule"},"x-order":4}}},"v2RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\nthe gateway routes traffic to an external service through a user-created service entry.\\nThe service entry should only be created in the gateway deployment namespace with the location set to MESH_EXTERNAL.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/v2SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/tsbsecurityv2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/gatewayv2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"description":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/tsbregistryv2Service"},"x-order":0}}},"v2ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceTrafficSetting":{"description":"A service traffic setting applies configuration to a service in a\\ntraffic group. Unset fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service","settings"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.\\n\\nOnly one service traffic setting can be given per service. Any conflicting configuration created\\nlater will be rejected by TSB.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"v2TcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"profiles":{"description":"List of profiles attached to the tenant to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficMode":{"description":"Traffic mode defines the type of configuration that has been configured on a Gateway server.\\n\\n - AUTO: AUTO mode indicates that the type of configuration is automatically detected from the underlying Gateway deployment.\\n - INGRESS: INGRESS mode specifies the configuration for managing incoming traffic into the mesh.\\nIn this mode, the Gateway server is responsible for handling incoming requests from external sources\\nand routing them to appropriate services within the mesh.\\n - EGRESS: EGRESS mode specifies the configuration for managing outgoing traffic from the mesh to external destinations.\\nIn this mode, the Gateway server controls traffic leaving the mesh and enforces policies and security measures\\nfor accessing external services.\\n - TRANSIT: TRANSIT mode specifies that the Gateway is configured to facilitate transit traffic between different clusters\\nwithin the mesh that are not directly reachable. This mode enables forwarding of traffic between clusters\\nvia the Gateway, allowing communication between services deployed in separate clusters.","type":"string","default":"AUTO","enum":["AUTO","INGRESS","EGRESS","TRANSIT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/v2TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.\\n\\nDEPRECATED. Moved to `outbound`.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":8},"inbound":{"$ref":"#/components/schemas/v2InboundTrafficSetting"},"outbound":{"$ref":"#/components/schemas/v2OutboundTrafficSetting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"v2UpstreamResilienceSettings":{"description":"UpstreamResilienceSettings controls the reliability knobs for client connections\\nto the upstream hosts.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsSensitivity"}}},"v2UpstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for the upstream host.","type":"object","properties":{"http":{"$ref":"#/components/schemas/UpstreamResilienceSettingsConnectionPoolSettingsHTTP"},"tcp":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsConnectionPoolSettingsTCP"}}},"v2UpstreamResilienceSettingsConnectionPoolSettingsTCP":{"description":"TCP Settings for outbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"maxConnections":{"description":"Maximum number of HTTP1 /TCP connections to the service.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":1},"connectTimeout":{"description":"TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Default is 10s.","type":"string","x-order":2}}},"v2UpstreamResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2UpstreamTrafficSettings":{"description":"Traffic settings for the clients that are downstreams to the defined\\nupstream hosts.","type":"object","properties":{"hosts":{"description":"List of hosts for which the settings will be created. Can contain wildcard hosts.\\nThe host should be a service from the service registry or a host declared by ServiceEntries.","type":"array","items":{"type":"string"},"x-order":0},"settings":{"$ref":"#/components/schemas/v2UpstreamTrafficSettingsSettings"}}},"v2UpstreamTrafficSettingsSettings":{"description":"Traffic settings to be applied to the clients of the upstream hosts.","type":"object","properties":{"resilience":{"$ref":"#/components/schemas/v2UpstreamResilienceSettings"},"loadBalancer":{"$ref":"#/components/schemas/v2LoadBalancerSettings"},"authentication":{"$ref":"#/components/schemas/tsbtrafficv2AuthenticationSettings"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.\\n\\n\\n\\n","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/extensionv2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"profiles":{"description":"List of profiles attached to the workspace to be used to propagate default and mandatory configurations down to the children.","type":"array","items":{"type":"string"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v3BuildVersion":{"description":"BuildVersion combines SemVer version of extension with free-form build information\\n(i.e. \'alpha\', \'private-build\') as a set of strings.","type":"object","properties":{"version":{"$ref":"#/components/schemas/v3SemanticVersion"},"metadata":{"type":"object","title":"Free-form build information.\\nEnvoy defines several well known keys in the source/common/version/version.h file","x-order":1}}},"v3ContextParams":{"description":"`xds.resource.listening_address`: The value is \\"IP:port\\" (e.g. \\"10.1.1.3:8080\\") which is\\n  the listening address of a Listener. Used in a Listener resource query.","type":"object","title":"Additional parameters that can be used to select resource variants. These include any\\nglobal context parameters, per-resource type client feature capabilities and per-resource\\ntype functional attributes. All per-resource type attributes will be `xds.resource.`\\nprefixed and some of these are documented below:","properties":{"params":{"type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v3ControlPlane":{"description":"Identifies a specific ControlPlane instance that Envoy is connected to.","type":"object","properties":{"identifier":{"description":"An opaque control plane identifier that uniquely identifies an instance\\nof control plane. This can be used to identify which control plane instance,\\nthe Envoy is connected to.","type":"string","x-order":0}}},"v3DiscoveryRequest":{"type":"object","title":"A DiscoveryRequest requests a set of versioned resources of the same type for\\na given Envoy node on some API.\\n[#next-free-field: 8]","properties":{"versionInfo":{"description":"The version_info provided in the request messages will be the version_info\\nreceived with the most recent successfully processed response or empty on\\nthe first request. It is expected that no new request is sent after a\\nresponse is received until the Envoy instance is ready to ACK/NACK the new\\nconfiguration. ACK/NACK takes place by returning the new API config version\\nas applied or the previous API config version respectively. Each type_url\\n(see below) has an independent version associated with it.","type":"string","x-order":0},"node":{"$ref":"#/components/schemas/corev3Node"},"resourceNames":{"description":"List of resources to subscribe to, e.g. list of cluster names or a route\\nconfiguration name. If this is empty, all resources for the API are\\nreturned. LDS/CDS may have empty resource_names, which will cause all\\nresources for the Envoy instance to be returned. The LDS and CDS responses\\nwill then imply a number of resources that need to be fetched via EDS/RDS,\\nwhich will be explicitly enumerated in resource_names.","type":"array","items":{"type":"string"},"x-order":2},"resourceLocators":{"description":"[#not-implemented-hide:]\\nAlternative to ``resource_names`` field that allows specifying dynamic\\nparameters along with each resource name. Clients that populate this\\nfield must be able to handle responses from the server where resources\\nare wrapped in a Resource message.\\nNote that it is legal for a request to have some resources listed\\nin ``resource_names`` and others in ``resource_locators``.","type":"array","items":{"$ref":"#/components/schemas/v3ResourceLocator"},"x-order":3},"typeUrl":{"description":"Type of the resource that is being requested, e.g.\\n\\"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\\". This is implicit\\nin requests made via singleton xDS APIs such as CDS, LDS, etc. but is\\nrequired for ADS.","type":"string","x-order":4},"responseNonce":{"description":"nonce corresponding to DiscoveryResponse being ACK/NACKed. See above\\ndiscussion on version_info and the DiscoveryResponse nonce comment. This\\nmay be empty only if 1) this is a non-persistent-stream xDS such as HTTP,\\nor 2) the client has not yet accepted an update in this xDS stream (unlike\\ndelta, where it is populated only for new explicit ACKs).","type":"string","x-order":5},"errorDetail":{"$ref":"#/components/schemas/googlerpcStatus"}}},"v3DiscoveryResponse":{"type":"object","title":"[#next-free-field: 7]","properties":{"versionInfo":{"description":"The version of the response data.","type":"string","x-order":0},"resources":{"description":"The response resources. These resources are typed and depend on the API being called.","type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":1},"canary":{"description":"* --terminate-on-canary-transition-failure. When set, Envoy is able to\\n  terminate if it detects that configuration is stuck at canary. Consider\\n  this example sequence of updates:\\n  - Management server applies a canary config successfully.\\n  - Management server rolls back to a production config.\\n  - Envoy rejects the new production config.\\n  Since there is no sensible way to continue receiving configuration\\n  updates, Envoy will then terminate and apply production config from a\\n  clean slate.\\n* --dry-run-canary. When set, a canary response will never be applied, only\\n  validated via a dry run.","type":"boolean","title":"[#not-implemented-hide:]\\nCanary is used to support two Envoy command line flags:","x-order":2},"typeUrl":{"description":"Type URL for resources. Identifies the xDS API when muxing over ADS.\\nMust be consistent with the type_url in the \'resources\' repeated Any (if non-empty).","type":"string","x-order":3},"nonce":{"description":"For gRPC based subscriptions, the nonce provides a way to explicitly ack a\\nspecific DiscoveryResponse in a following DiscoveryRequest. Additional\\nmessages may have been sent by Envoy to the management server for the\\nprevious version on the stream prior to this DiscoveryResponse, that were\\nunprocessed at response send time. The nonce allows the management server\\nto ignore any further DiscoveryRequests for the previous version until a\\nDiscoveryRequest bearing the nonce. The nonce is optional and is not\\nrequired for non-stream based xDS implementations.","type":"string","x-order":4},"controlPlane":{"$ref":"#/components/schemas/v3ControlPlane"}}},"v3EnvoyInternalAddress":{"type":"object","title":"The address represents an envoy internal listener.\\n[#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]","properties":{"serverListenerName":{"description":"Specifies the :ref:`name &lt;envoy_v3_api_field_config.listener.v3.Listener.name&gt;` of the\\ninternal listener.","type":"string","x-order":0},"endpointId":{"description":"Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a\\nsingle upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for\\nexample, may be set to the final destination IP for the target internal listener.","type":"string","x-order":1}}},"v3Extension":{"type":"object","title":"Version and identification for an Envoy extension.\\n[#next-free-field: 7]","properties":{"name":{"description":"This is the name of the Envoy filter as specified in the Envoy\\nconfiguration, e.g. envoy.filters.http.router, com.acme.widget.","type":"string","x-order":0},"category":{"type":"string","title":"Category of the extension.\\nExtension category names use reverse DNS notation. For instance \\"envoy.filters.listener\\"\\nfor Envoy\'s built-in listener filters or \\"com.acme.filters.http\\" for HTTP filters from\\nacme.com vendor.\\n[#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]","x-order":1},"typeDescriptor":{"type":"string","title":"[#not-implemented-hide:] Type descriptor of extension configuration proto.\\n[#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.]\\n[#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]","x-order":2},"version":{"$ref":"#/components/schemas/v3BuildVersion"},"disabled":{"description":"Indicates that the extension is present but was disabled via dynamic configuration.","type":"boolean","x-order":4},"typeUrls":{"description":"Type URLs of extension configuration protos.","type":"array","items":{"type":"string"},"x-order":5}}},"v3Pipe":{"type":"object","properties":{"path":{"description":"Unix Domain Socket path. On Linux, paths starting with \'@\' will use the\\nabstract namespace. The starting \'@\' is replaced by a null byte by Envoy.\\nPaths starting with \'@\' will result in an error in environments other than\\nLinux.","type":"string","x-order":0},"mode":{"description":"The mode for the Pipe. Not applicable for abstract sockets.","type":"integer","format":"int64","x-order":1}}},"v3ResourceLocator":{"description":"Specifies a resource to be subscribed to.","type":"object","properties":{"name":{"description":"The resource name to subscribe to.","type":"string","x-order":0},"dynamicParameters":{"description":"A set of dynamic parameters used to match against the dynamic parameter\\nconstraints on the resource. This allows clients to select between\\nmultiple variants of the same resource.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v3SemanticVersion":{"description":"Envoy uses SemVer (https://semver.org/). Major/minor versions indicate\\nexpected behaviors and APIs, the patch version field is used only\\nfor security fixes and can be generally ignored.","type":"object","properties":{"majorNumber":{"type":"integer","format":"int64","x-order":0},"minorNumber":{"type":"integer","format":"int64","x-order":1},"patch":{"type":"integer","format":"int64","x-order":2}}},"v3SocketAddress":{"type":"object","title":"[#next-free-field: 7]","properties":{"protocol":{"$ref":"#/components/schemas/v3SocketAddressProtocol"},"address":{"description":"The address for this socket. :ref:`Listeners &lt;config_listeners&gt;` will bind\\nto the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``\\nto bind to any address. [#comment:TODO(zuercher) reinstate when implemented:\\nIt is possible to distinguish a Listener address via the prefix/suffix matching\\nin :ref:`FilterChainMatch &lt;envoy_v3_api_msg_config.listener.v3.FilterChainMatch&gt;`.] When used\\nwithin an upstream :ref:`BindConfig &lt;envoy_v3_api_msg_config.core.v3.BindConfig&gt;`, the address\\ncontrols the source address of outbound connections. For :ref:`clusters\\n&lt;envoy_v3_api_msg_config.cluster.v3.Cluster&gt;`, the cluster type determines whether the\\naddress must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS\\n(``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized\\nvia :ref:`resolver_name &lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;`.","type":"string","x-order":1},"portValue":{"type":"integer","format":"int64","x-order":2},"namedPort":{"description":"This is only valid if :ref:`resolver_name\\n&lt;envoy_v3_api_field_config.core.v3.SocketAddress.resolver_name&gt;` is specified below and the\\nnamed resolver is capable of named port resolution.","type":"string","x-order":3},"resolverName":{"description":"The name of the custom resolver. This must have been registered with Envoy. If\\nthis is empty, a context dependent default applies. If the address is a concrete\\nIP address, no resolution will occur. If address is a hostname this\\nshould be set for resolution other than DNS. Specifying a custom resolver with\\n``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime.","type":"string","x-order":4},"ipv4Compat":{"description":"When binding to an IPv6 address above, this enables `IPv4 compatibility\\n&lt;https://tools.ietf.org/html/rfc3493#page-11&gt;`_. Binding to ``::`` will\\nallow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into\\nIPv6 space as ``::FFFF:&lt;IPv4-address&gt;``.","type":"boolean","x-order":5}}},"v3SocketAddressProtocol":{"type":"string","default":"TCP","enum":["TCP","UDP"]}}}}},"1_9_x":{"url":"service-bridge/generated/openapi/1.9.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.9.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/v2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/v2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/v2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/v2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/v2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/v2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Create a local User in TSB.\\nLocal users are like sercice accounts and are mostly used for internal purposes where\\nan authentication token can be issued by the IAM service to be used on behalf of the user.\\n\\nNote that local users do not exist in the Identity Provider and the normal login process will\\nnot allow them to access TSB.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n$hide_from_docs\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"Modify an existin user.\\n\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, and the process may automatically set some\\nproperties of the User resource. Modifications made using the TSB APIs may be replaced\\nby the data from the Identity Provider on every synchronization.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"Delete an existing user.\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, so deleting a user that is not a local one\\nmay be reverted if the change is not done accordingly in the Identity Provider.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"Applications"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/v2Metadata"},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2LocalAuthzRule"},"x-order":0}}},"AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/v2Locality"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ConnectionPoolSettingsHTTP":{"description":"HTTP Settings for outbound requests.","type":"object","properties":{"requestTimeout":{"description":"Timeout for HTTP requests. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Disabled if not set.","type":"string","x-order":0},"retries":{"$ref":"#/components/schemas/v2HTTPRetry"},"maxRequests":{"description":"Maximum number of active requests to the service.\\nApplicable to both HTTP/1.1 and HTTP2.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":2},"maxRequestsPerConnection":{"description":"Maximum number of requests per connection to the service.\\nIf set to 1, it disables keep alive. Default 0, meaning \\"unlimited\\", up to 2^29.","type":"integer","format":"int64","x-order":3}}},"ConnectionPoolSettingsTCP":{"description":"TCP Settings for outbound requests.","type":"object","properties":{"keepAlive":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"maxConnections":{"description":"Maximum number of HTTP1 /TCP connections to the service.\\nDefault 0, meaning \\"unlimited\\", up to 2^32 - 1.","type":"integer","format":"int64","x-order":1},"connectTimeout":{"description":"TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms. Default is 10s.","type":"string","x-order":2}}},"ConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ConsistentHashLBMagLev":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nIt can be used as a drop in replacement for `RingHash`. It has higher speed than RingHash with faster hash table lookups.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#maglev","required":["tableSize"],"properties":{"tableSize":{"description":"The table size for Maglev hashing. This helps in controlling the\\ndisruption when the backend hosts change.\\nIncreasing the table size reduces the amount of disruption.","type":"integer","format":"int64","x-order":0}}},"ConsistentHashLBRingHash":{"type":"object","title":"Implements consistent hashing to upstream hosts.\\nEach upstream host is mapped onto a circle (ring) by hashing its address, each request is then\\nrouted using some hash property of the request.\\nPlease refer https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/load_balancers#ring-hash","properties":{"minimumRingSize":{"description":"The minimum number of virtual nodes to use for the hash\\nring. Defaults to 1024. Larger ring sizes result in more granular\\nload distributions. If the number of hosts in the load balancing\\npool is larger than the ring size, each host will be assigned a\\nsingle virtual node.","type":"integer","format":"int64","x-order":0}}},"ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/v1alpha1ElasticSearchSettings"}}},"EgressAuthorizationSettingsHostDetails":{"description":"List of external hosts details.","type":"object","required":["host"],"properties":{"host":{"$ref":"#/components/schemas/v2StringMatch"},"paths":{"description":"The request paths allowed for access, e.g., [\\"/accounts\\", \\"/info*\\", \\"/user/profile/*\\"].\\nExact and prefix-based regular matches are supported.\\nIf not set, any path is allowed.","type":"array","items":{"type":"string"},"x-order":1},"methods":{"description":"The HTTP methods allowed by this rule, e.g., [\\"GET\\", \\"HEAD\\"].\\nIf not set, any method is allowed.","type":"array","items":{"type":"string"},"x-order":2}}},"ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"FailoverSettingsTopologyChoice":{"description":"TopologyChoice specifies the topology preference for traffic priority.\\n\\n - NONE: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - CLUSTER: Prefer traffic to stay in the cluster as much as possible.\\n - LOCALITY: Prefer traffic to stay in the region/zone/subzone as much as possible irrespective of the cluster.","type":"string","default":"NONE","enum":["NONE","CLUSTER","LOCALITY"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"GitOpsPushMode":{"description":"Push mode for GitOps component. Default: SYNC.\\n\\n - SYNC: In SYNC mode TSB K8s resources are validated and pushed to Management Plane synchronously,\\nblocking on resource creation until the resource is created successfully in the Management Plane.\\nThis is the default mode.\\n - ASYNC: In ASYNC mode TSB K8s resources are pushed to Management Plane asynchronously, without blocking on resource creation.\\nTo know if the resource was created successfully, check its K8s status.","type":"string","default":"SYNC","enum":["SYNC","ASYNC"]},"HTTPDirectResponseHTTPBody":{"description":"Specifies the content of the response body.","type":"object","properties":{"string":{"type":"string","title":"response body as a string","x-order":0},"bytes":{"description":"response body as base64 encoded bytes.","type":"string","format":"byte","x-order":1}}},"HTTPFaultInjectionAbort":{"description":"Abort specification is used to prematurely abort a request with a\\npre-specified error code.\\nThe _httpStatus_ field is used to indicate the HTTP status code to\\nreturn to the caller. The optional _percentage_ field can be used to only\\nabort a certain percentage of requests. If not specified, no request will be\\naborted.","type":"object","properties":{"percentage":{"description":"Percentage of requests to be aborted with the error code provided.\\nIf not specified, no request will be aborted.","type":"number","format":"double","x-order":0},"httpStatus":{"description":"HTTP status code to use to abort the HTTP request.","type":"integer","format":"int32","x-order":1},"grpcStatus":{"type":"string","title":"GRPC status code to use to abort the request. The supported\\ncodes are documented in https://github.com/grpc/grpc/blob/master/doc/statuscodes.md","x-order":2}}},"HTTPFaultInjectionDelay":{"description":"Delay specification is used to inject latency into the request\\nforwarding path.\\n\\nThe _fixedDelay_ field is used to indicate the amount of delay in seconds.\\nThe optional _percentage_ field can be used to only delay a certain\\npercentage of requests. If left unspecified, no request will be delayed.","type":"object","properties":{"percentage":{"description":"Percentage of requests on which the delay will be injected.\\nIf left unspecified, no request will be delayed.","type":"number","format":"double","x-order":0},"fixedDelay":{"description":"Add a fixed delay before forwarding the request. Format:\\n1h/1m/1s/1ms. MUST be &gt;=1ms.","type":"string","x-order":1}}},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"LoadBalancerSettingsConsistentHashLB":{"description":"Consistent Hash-based load balancing can be used to provide soft\\nsession affinity based on HTTP headers, cookies or other\\nproperties. The affinity to a particular destination host may be\\nlost when one or more hosts are added/removed from the destination\\nservice.\\n\\nNote: consistent hashing is less reliable at maintaining affinity than common\\n\\"sticky sessions\\" implementations, which often encode a specific destination in\\na cookie, ensuring affinity is maintained as long as the backend remains.\\nWith consistent hash, the guarantees are weaker; any host addition or removal can\\nbreak affinity for `1/backends` requests.\\n\\nWarning: consistent hashing depends on each proxy having a consistent view of endpoints.\\nThis is not the case when locality load balancing is enabled. Locality load balancing\\nand consistent hash will only work together when all proxies are in the same locality,\\nor a high level load balancer handles locality affinity.","type":"object","properties":{"httpHeaderName":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"httpCookie":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLBHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.\\nThis is applicable for both TCP and HTTP connections.","type":"boolean","x-order":2},"httpQueryParameterName":{"description":"Hash based on a specific HTTP query parameter.","type":"string","x-order":3},"ringHash":{"$ref":"#/components/schemas/ConsistentHashLBRingHash"},"maglev":{"$ref":"#/components/schemas/ConsistentHashLBMagLev"}}},"LoadBalancerSettingsConsistentHashLBHTTPCookie":{"description":"Describes a HTTP cookie that will be used as the hash key for the\\nConsistent Hash load balancer. If the cookie is not present, it will\\nbe generated.","type":"object","required":["name","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"LoadBalancerSettingsSimpleLB":{"description":"Standard load balancing algorithms that require no tuning.\\n\\n - UNSPECIFIED: No load balancing algorithm has been specified by the user.\\nAn appropriate default will be used.\\n - RANDOM: The random load balancer selects a random healthy host. The random\\nload balancer generally performs better than round robin if no health\\nchecking policy is configured.\\n - PASSTHROUGH: This option will forward the connection to the original IP address\\nrequested by the caller without doing any form of load\\nbalancing. This option must be used with care. It is meant for\\nadvanced use cases. Refer to Original Destination load balancer in\\nEnvoy for further details.\\n - ROUND_ROBIN: A basic round robin load balancing policy. This is generally unsafe\\nfor many scenarios (e.g. when enpoint weighting is used) as it can\\noverburden endpoints. In general, prefer to use LEAST_REQUEST as a\\ndrop-in replacement for ROUND_ROBIN.\\n - LEAST_REQUEST: The least request load balancer spreads load across endpoints, favoring\\nendpoints with the least outstanding requests. This is generally safer\\nand outperforms ROUND_ROBIN in nearly all cases. Prefer to use\\nLEAST_REQUEST as a drop-in replacement for ROUND_ROBIN.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","RANDOM","PASSTHROUGH","ROUND_ROBIN","LEAST_REQUEST"]},"LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"MetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"N2ACPEPSettings":{"description":"Settings for the Envoy Policy Enforcement Point (PEP) access decision calls.","type":"object","properties":{"disableTls":{"description":"Setting for disabling TLS for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"skipTlsVerify":{"description":"Skip TLS verification for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":1},"timeout":{"description":"Timeout in seconds for the PEP access decision calls to NGAC Cluster Server (PDP) (Default: 5s).","type":"string","x-order":2},"cache":{"$ref":"#/components/schemas/PEPSettingsCache"}}},"NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"OnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/TokenIssuerJwtTokenIssuer"}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"PEPSettingsCache":{"description":"PEP Cache for access decisions.","type":"object","properties":{"disabled":{"description":"Disable caching of access decisions from NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"ignoreNoCacheHeader":{"description":"Ignore the \'no-cache\' header.","type":"boolean","x-order":1},"ttl":{"description":"TTL for the cache (Default: 10s).","type":"string","x-order":2}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1}}},"RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/MetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/ServiceRouteStickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteStickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"TokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"UpstreamResilienceSettingsConnectionPoolSettings":{"description":"Connection pool settings for the upstream host.","type":"object","properties":{"http":{"$ref":"#/components/schemas/ConnectionPoolSettingsHTTP"},"tcp":{"$ref":"#/components/schemas/ConnectionPoolSettingsTCP"}}},"UpstreamTrafficSettingsSettings":{"description":"Traffic settings to be applied to the clients of the upstream hosts.","type":"object","properties":{"resilience":{"$ref":"#/components/schemas/v2UpstreamResilienceSettings"},"loadBalancer":{"$ref":"#/components/schemas/v2LoadBalancerSettings"}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Periodical interval at which the objects will be reconciled after they are successfully synchronized (created,\\nupdated, deleted) with the Management Plane.\\nThis parameter does not affect retry on unsuccessful operation which are retried with exponential backoff strategy\\n(staring with 3s and max delay 120s).\\nFormat: 1h/1m/1s/1ms. A value of 0 disables per-object reconciliation and uses the operator\'s global interval of 10h.\\nDefault: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5},"pushMode":{"$ref":"#/components/schemas/GitOpsPushMode"}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate. TSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"controlplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"controlplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"}}},"googlerpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports CNI configuration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"type":"object","properties":{"@type":{"type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\n The JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"rpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","required":["mode"],"properties":{"mode":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `SERVICE_ACCOUNT`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid Kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid Kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationSettingsMode":{"description":"A shortcut for defining the common authorization patterns.\\n\\n - UNSET: Represents an unset or default mode.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - SERVICE_ACCOUNT: The workload allows traffic from service accounts defined explicitly.","type":"string","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","SERVICE_ACCOUNT"]},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbsecurityv2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"tsbsecurityv2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2Service"},"x-order":1}}},"tsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/v2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/v1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/v1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/controlplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/v1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"n2ac":{"$ref":"#/components/schemas/v1alpha1N2AC"},"awsController":{"$ref":"#/components/schemas/v1alpha1AWSController"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/v1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4},"indexPrefix":{"description":"The prefix of the ElasticSearch indices and templates.\\nDefaults to `skywalking`.","type":"string","x-order":5}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across \\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version. \\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio \\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10}}},"v1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be \\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing k8s resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/OnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/OnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1N2AC":{"description":"Kubernetes settings for the N2AC components: Envoy PEP and NGAC discovery controller.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1},"pep":{"$ref":"#/components/schemas/N2ACPEPSettings"},"enabled":{"description":"Enable the ngac runtime enforcement. Disabled by default.","type":"boolean","x-order":3}}},"v1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"v1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/controlplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"v1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/v1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/v1alpha1LatticeSettings"}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/v1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/v1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":9,"readOnly":true}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"v2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/v2Authentication"}}},"v2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/AuthorizationLocalAuthz"}}},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":2}}},"v2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/v2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"v2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/v2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbsecurityv2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressAuthorizationSettings":{"description":"EgressAuthorizationSettings define rules for allowing specific service accounts to access external hosts.\\nBy default, when a host is configured for egress access on the Gateway, access is denied.","type":"object","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationSettings"},"to":{"description":"The set of hostnames exposed on the Gateway through which external hosts\\ncan be accessed.","type":"array","items":{"$ref":"#/components/schemas/EgressAuthorizationSettingsHostDetails"},"x-order":1},"identityMatch":{"$ref":"#/components/schemas/v2IdentityMatch"}}},"v2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2FailoverSettings":{"description":"Failover settings for all proxies connecting to a host exposed in this workspace/organization\\nbased on the settings definition scope. Note that this is a server side setting.","type":"object","properties":{"topologyChoice":{"$ref":"#/components/schemas/FailoverSettingsTopologyChoice"},"failoverPriority":{"description":"FailoverPriority specifies the failover priority for traffic. FailoverPriority is an ordered list of labels \\nused to sort endpoints to do priority based load balancing. \\nThis is to support traffic failover across different groups of endpoints.\\nInternally these labels will be matched on both the client and endpoints to determine the priorities for\\nthe respective endpoints based on clients.\\nNote: For a label to be considered for match, the previous labels must match, i.e. \\nnth label would be considered matched only if first n-1 labels match.\\nIf for a particular client-endpoint pair, all the n labels match, the endpoint will be considered P(0).bool\\nIf first n-1 labels match, the endpoint will be considered P(1) and so on.\\n\\nFor getting the labels to be populated on the endpoints generated by the TSB for multicluster and eastwest scenario, \\nyou will need to label the kubernetes service of your gateway or east-west exposed service\\nusing a label with prefix `failover.tetrate.io/`. \\nFor example `failover.tetrate.io/version=v1` should be the label present\\non the kubernetes service of remote gateway or exposed service for east west traffic.\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"failover.tetrate.io/version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```\\n\\nAnother way to label the endpoints for eastwest scenario is to create a ServiceRoute object for the service and\\nspecify the labels in the ServiceRoute object. If there is any pod with such label present in the remote cluster,\\nthe endpoints for it will have these labels and thus it could be used in failoverPriority API.\\n\\nFor example:\\nSuppose if one of your clusters has service reviews only with version v1 and a second cluster with reviews only with version v2,\\nThen use the below serviceroute object to populate service labels to the endpoints dynamically: \\n```yaml\\napiVersion: traffic.tsb.tetrate.io/v2\\nkind: ServiceRoute\\nmetadata:\\n  name: reviews\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  service: ns1/reviews.ns1.svc.cluster.local\\n  subsets:\\n  - name: v1\\n    labels:\\n      version: v1\\n  - name: v2\\n    labels:\\n      version: v2\\n```\\n\\nExample of failoverPriority using these labels:\\n```yaml\\nfailoverPriority:\\n- \\"version=v1\\"\\n- \\"failover.tetrate.io/domain\\"\\n```","type":"array","items":{"type":"string"},"x-order":1},"regionalFailover":{"description":"Locality routing settings for all gateways in the Workspace/Organization for which\\nthis is defined.\\n\\nExplicitly specify the region traffic will land on when endpoints in the local region become unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":2}}},"v2FlaggerDestination":{"description":"FlaggerDestination will route traffic based on a Flagger Canary resource.\\nThe Canary resource must exist in the control plane cluster and have service delegation set to true.","type":"object","required":["canary","namespace"],"properties":{"canary":{"description":"Name of the Canary resource that will manage the deployment.","type":"string","x-order":0},"namespace":{"description":"Namespace of the Canary resource that will manage the deployment.","type":"string","x-order":1}}},"v2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"egressAuthorization":{"description":"External services are onboarded into the mesh via service entry,\\nand these services are exposed on the Gateway for egress access.\\nBy default, access is denied for these hosts.\\nUsers can configure EgressAuthorizationSettings to specify which service accounts are allowed.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorizationSettings"},"x-order":10},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":0}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\npopulating the port will result in an error, as the server is considered only for egress.\\nTSB will automatically configure the mTLS port (15443) on the gateway to receive the mesh traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":8},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"}}},"v2HTTPDirectResponse":{"description":"Configures an HTTP response to be generated. This can be used to implement\\nhealth check paths where the gateways will directly reply with a preconfigured\\nresponse when traffic hits certain exposed paths.","type":"object","required":["status"],"properties":{"status":{"description":"Specifies the HTTP response status to be returned.","type":"integer","format":"int64","x-order":0},"body":{"$ref":"#/components/schemas/HTTPDirectResponseHTTPBody"}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPFaultInjection":{"description":"HTTPFaultInjection can be used to specify one or more faults to inject\\nwhile forwarding HTTP requests to the destination specified in a route.\\nFaults include aborting the HTTP request from downstream service, and/or\\ndelaying proxying of requests. A fault rule MUST HAVE delay or abort or\\nboth.\\nNote that delay and abort faults are independent of one another, even if\\nboth are specified simultaneously.","type":"object","properties":{"delay":{"$ref":"#/components/schemas/HTTPFaultInjectionDelay"},"abort":{"$ref":"#/components/schemas/HTTPFaultInjectionAbort"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPMirror":{"description":"HTTPMirror can be used to specify the destinations to mirror HTTP traffic in addition to the original destination.\\nMirrored traffic is on a best effort basis where the sidecar/gateway will not wait for the mirrored destinations\\nto respond before returning the response from the original destination.","type":"object","required":["port"],"properties":{"host":{"description":"The host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":0},"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"percentage":{"description":"Percentage of the traffic to be mirrored.\\nIf this field is absent, the max value 100% will be mirrored.","type":"number","format":"double","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute describes match conditions and actions for HTTP traffic routing to service destinations.","type":"object","required":["name"],"properties":{"name":{"description":"Name of the route.","type":"string","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"description":"Destination host:port and subset where HTTP traffic should be directed.\\n**Note**: Only one of `destination` and `flagger` must be configured per route.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2},"flagger":{"$ref":"#/components/schemas/v2FlaggerDestination"},"fault":{"$ref":"#/components/schemas/v2HTTPFaultInjection"},"mirrors":{"description":"Mirror HTTP traffic to multiple destinations in addition to forwarding the\\nrequests to the intended destination. Mirrored traffic is on a best effort\\nbasis, so it won\'t wait for the mirrored destinations response to respond\\nto the intended destination.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPMirror"},"x-order":5}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"directResponse":{"$ref":"#/components/schemas/v2HTTPDirectResponse"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":5}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IdentityMatch":{"description":"IdentityMatch defines the strategy for utilizing service identities during the evaluation of authorization (authz) rules.\\nIt specifies how the identity of a service or workload is verified and used in the context of authz policies.\\nThe strictness of identity verification progresses in the following order:\\nUNKNOWN &lt; PERMISSIVE &lt; PEER_CERTIFICATE &lt; SOURCE_IDENTITY.\\n\\n - UNKNOWN: UNKNOWN represents the default state when identityMatch is not explicitly set.\\nIn practice, it behaves identically to the PERMISSIVE mode, allowing for a flexible approach to\\nidentity verification. This mode is typically used as a fallback or when the specific identity verification\\nstrategy is undecided.\\n - PEER_CERTIFICATE: PEER_CERTIFICATE mode mandates the use of Mutual TLS (mTLS) certificates for identity verification.\\nSpecifically, it utilizes the SPIFFE(Secure Production Identity Framework For Everyone) IDs presented in\\npeer certificates as the basis for authz decision-making. This mode aligns with Istio\'s Principal match\\nauthorization policies, offering a secure method of asserting service identities through cryptographic certificates.\\nIt is suitable for environments where strong, certificate-based identity validation is required.\\n - PERMISSIVE: PERMISSIVE mode offers a flexible, transitional approach to identity verification, allowing the evaluation of authz\\nrules based on either SOURCE_IDENTITY or PEER_CERTIFICATE identities. This mode is designed to facilitate\\ngradual adoption of identity verification practices or to ease system upgrades. It is particularly useful\\nin mixed environments where some services use SPIFFE IDs and others use a different form of service identity.\\n\\nIn ALLOW rules contexts, PERMISSIVE mode authorizes workloads if either their SOURCE_IDENTITY or PEER_CERTIFICATE\\nmatches the allowed principals. This approach broadens the range of clients that can be permitted,\\noffering more flexibility during policy enforcement.\\n\\nConversely, in DENY rules contexts, PERMISSIVE mode restricts access to workloads if either their\\nSOURCE_IDENTITY or PEER_CERTIFICATE matches the denied principals. This results in a more conservative\\nset of clients being allowed, enhancing security by restricting access more broadly.\\n - SOURCE_IDENTITY: SOURCE_IDENTITY mode strictly uses the service identity for authz rules evaluation. This identity is propagated\\nfrom the originating client to the target service workload, which then assesses authz rules based on this received\\nidentity. The mode ensures that authz decisions are made based on the explicit identity of the requesting service,\\nfacilitating fine-grained access control and enhancing security by strictly adhering to the principle of least privilege.\\n\\nThis mode is optimal in environments that require strict enforcement of service identities,\\nwhere the assurance of the caller\'s identity is paramount for secure access control.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","PEER_CERTIFICATE","PERMISSIVE","SOURCE_IDENTITY"]},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/v2TcpKeepAliveSettings"}}},"v2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/v2API"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/v2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/v2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/v2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LoadBalancerSettings":{"description":"Defines Load Balancing policies to be applied on the client requests.","type":"object","properties":{"simple":{"$ref":"#/components/schemas/LoadBalancerSettingsSimpleLB"},"consistentHash":{"$ref":"#/components/schemas/LoadBalancerSettingsConsistentHashLB"}}},"v2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/LocalAuthzRuleHttpOperation"},"x-order":2}}},"v2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/v2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"This field is DEPRECATED in favor of `upstreamTrafficSettings.resilience.connectionPool.http.requestTimeout`.\\nTimeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"tcpKeepalive":{"description":"Deprecated. This field will be removed in upcoming releases.\\nPlease use the `keep_alive` field instead.\\nIf enabled, sets SO_KEEPALIVE on the socket to enable TCP keepalive.","type":"boolean","x-order":2},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2ResilienceSettingsSensitivity"}}},"v2ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":4}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.\\n\\nIf the `trafficMode`` flag is set to `EGRESS`` or the `trafficMode` is set to `AUTO`\\nand the gateway deployment is of type EGRESS,\\nthe gateway routes traffic to an external service through a user-created service entry.\\nThe service entry should only be created in the gateway deployment namespace with the location set to MESH_EXTERNAL.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/v2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/v2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"type":"string","title":"The canonical name of the service defined by user","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15}}},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"description":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"\\nIf empty, the host will be inferred from the Service Route service field.","type":"string","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh and has a proxy we can configure.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"v2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.\\n\\nDeprecated: use `trafficMode: TRANSIT` instead.","type":"boolean","x-order":5},"trafficMode":{"$ref":"#/components/schemas/v2TrafficMode"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"v2TcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"v2TcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/v2TcpKeepAlive"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficMode":{"description":"Traffic mode defines the type of configuration that has been configured on a Gateway server.\\n\\n - AUTO: AUTO mode indicates that the type of configuration is automatically detected from the underlying Gateway deployment.\\n - INGRESS: INGRESS mode specifies the configuration for managing incoming traffic into the mesh.\\nIn this mode, the Gateway server is responsible for handling incoming requests from external sources\\nand routing them to appropriate services within the mesh.\\n - EGRESS: EGRESS mode specifies the configuration for managing outgoing traffic from the mesh to external destinations.\\nIn this mode, the Gateway server controls traffic leaving the mesh and enforces policies and security measures\\nfor accessing external services.\\n - TRANSIT: TRANSIT mode specifies that the Gateway is configured to facilitate transit traffic between different clusters\\nwithin the mesh that are not directly reachable. This mode enables forwarding of traffic between clusters\\nvia the Gateway, allowing communication between services deployed in separate clusters.","type":"string","default":"AUTO","enum":["AUTO","INGRESS","EGRESS","TRANSIT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"upstreamTrafficSettings":{"description":"List of hosts and the associated traffic settings to be used by\\nthe clients that are downstreams to the defined upstream hosts.","type":"array","items":{"$ref":"#/components/schemas/v2UpstreamTrafficSettings"},"x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2UpstreamResilienceSettings":{"description":"UpstreamResilienceSettings controls the reliability knobs for client connections\\nto the upstream hosts.","type":"object","properties":{"connectionPool":{"$ref":"#/components/schemas/UpstreamResilienceSettingsConnectionPoolSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/v2UpstreamResilienceSettingsSensitivity"}}},"v2UpstreamResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"v2UpstreamTrafficSettings":{"description":"Traffic settings for the clients that are downstreams to the defined\\nupstream hosts.","type":"object","properties":{"hosts":{"description":"List of hosts for which the settings will be created. Can contain wildcard hosts.\\nThe host should be a service from the service registry or a host declared by ServiceEntries.","type":"array","items":{"type":"string"},"x-order":0},"settings":{"$ref":"#/components/schemas/UpstreamTrafficSettingsSettings"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/v2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\nPlease use FailoverSettings instead. If FailoverSettings is set, it takes precedence over this field.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"failoverSettings":{"$ref":"#/components/schemas/v2FailoverSettings"}}}}}}},"1_8_x":{"url":"service-bridge/generated/openapi/1.8.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.8.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/v2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/v2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/ClusterState"},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/config":{"post":{"description":"The API is for control plane cluster to get the configurations\\nthat must be set in both management plane and control plane,\\nand that the control plane configurations must be in sync (or adjusted)\\naccording to management plane\'s changes at runtime.\\n\\nExamples:\\n- Telemetry data retention period set(changed) in management plane must be sync\'ed to control plane.\\n- A feature flag disabled in management plane must be sync\'ed to control plane and disabled in all control planes.\\n\\n$hide_from_docs","tags":["Clusters"],"summary":"Get the configurations for a cluster.","operationId":"Clusters_GetClusterConfig","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterConfig"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/v2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/v2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/v2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/v2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Create a local User in TSB.\\nLocal users are like sercice accounts and are mostly used for internal purposes where\\nan authentication token can be issued by the IAM service to be used on behalf of the user.\\n\\nNote that local users do not exist in the Identity Provider and the normal login process will\\nnot allow them to access TSB.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n$hide_from_docs\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"Modify an existin user.\\n\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, and the process may automatically set some\\nproperties of the User resource. Modifications made using the TSB APIs may be replaced\\nby the data from the Identity Provider on every synchronization.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"Delete an existing user.\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, so deleting a user that is not a local one\\nmay be reverted if the change is not done accordingly in the Identity Provider.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"Applications"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/v2Metadata"},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2LocalAuthzRule"},"x-order":0}}},"AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/v2Locality"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/v1alpha1ElasticSearchSettings"}}},"ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeepAliveSettingsTcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"MetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"N2ACPEPSettings":{"description":"Settings for the Envoy Policy Enforcement Point (PEP) access decision calls.","type":"object","properties":{"disableTls":{"description":"Setting for disabling TLS for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"skipTlsVerify":{"description":"Skip TLS verification for connections from Envoy PEP to NGAC Cluster Server (PDP).","type":"boolean","x-order":1},"timeout":{"description":"Timeout in seconds for the PEP access decision calls to NGAC Cluster Server (PDP) (Default: 5s).","type":"string","x-order":2},"cache":{"$ref":"#/components/schemas/PEPSettingsCache"}}},"NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"OnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/TokenIssuerJwtTokenIssuer"}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"PEPSettingsCache":{"description":"PEP Cache for access decisions.","type":"object","properties":{"disabled":{"description":"Disable caching of access decisions from NGAC Cluster Server (PDP).","type":"boolean","x-order":0},"ignoreNoCacheHeader":{"description":"Ignore the \'no-cache\' header.","type":"boolean","x-order":1},"ttl":{"description":"TTL for the cache (Default: 10s).","type":"string","x-order":2}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1}}},"RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/MetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/StickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"StickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"TcpKeepAliveSettingsTcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"TokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Interval at which the reconcile process will run.\\nThe reconcile process will read all TSB CRs that exist in the cluster and\\nreapply them to the management plane, to make sure the cluster CRs remain\\nas the source of truth. Format: 1h/1m/1s/1ms. A value of 0 disables the\\nreconcile loop. Default: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate. TSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"controlplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"controlplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is enabled by default. Set it to false to disable it.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"}}},"googlerpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports CNI configuration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"type":"object","properties":{"@type":{"type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\n The JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"rpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nOnly claims of type string, boolean, and integer are supported. Array type claims are not supported at this time.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2Service"},"x-order":1}}},"tsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/v2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1alpha1AWSController":{"description":"Kubernetes settings for the AWS Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1AWSSettings":{"description":"Global settings to AWS.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use with IAM role association. Required.\\nThis service account should have the proper permissions depending on which AWS services are enabled.\\n(Route53, Lattice, etc.)","x-order":0}}},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/v1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/v1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/controlplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/v1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"},"n2ac":{"$ref":"#/components/schemas/v1alpha1N2AC"},"awsController":{"$ref":"#/components/schemas/v1alpha1AWSController"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/v1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across \\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version. \\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IstioRevision"},"x-order":1},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio \\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is enabled by default. Set it to false to disable it.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10}}},"v1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be \\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing k8s resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1LatticeSettings":{"description":"Settings specific to Lattice.","type":"object","properties":{"enabled":{"description":"Enable/disable the Lattice integration controller. Default: false.","type":"boolean","x-order":0}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/OnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/OnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1N2AC":{"description":"Kubernetes settings for the N2AC components: Envoy PEP and NGAC discovery controller.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1},"pep":{"$ref":"#/components/schemas/N2ACPEPSettings"},"enabled":{"description":"Enable the ngac runtime enforcement. Disabled by default.","type":"boolean","x-order":3}}},"v1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"v1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/controlplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"v1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs.tetrate.io/service-express/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"},"aws":{"$ref":"#/components/schemas/v1alpha1AWSSettings"},"lattice":{"$ref":"#/components/schemas/v1alpha1LatticeSettings"}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"type":"string","title":"Service account name to use for IAM role. Required. Deprecated, user AWSIntegrationSettings instead.\\n$hide_from_docs","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"List of domains to limit possible target zones by a domain suffix. Default is empty list with means consider all resources as DNS target.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"},"enabled":{"description":"Enable/disable the Route53 integration controller. Default: false.","type":"boolean","x-order":8}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/v1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/v1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":9,"readOnly":true}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"},"oidc":{"$ref":"#/components/schemas/v2OIDCConfig"}}},"v2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/v2Authentication"}}},"v2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/AuthorizationLocalAuthz"}}},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":2}}},"v2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"}}},"v2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"v2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Deprecated: This flag is still honored for backward compatibility but will be ignored in future releases.\\nIt is advisable not to set it, as all clusters can now host both Tier1 and IngressGateways.\\n\\nIndicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/v2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"v2ClusterConfig":{"type":"object","title":"Cluster configurations.\\n$hide_from_docs","properties":{"observability":{"$ref":"#/components/schemas/v2ClusterObservabilityConfig"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterObservabilityConfig":{"type":"object","title":"The observability configurations for a cluster.\\n$hide_from_docs","properties":{"retentionPeriodDays":{"description":"The retention period of telemetry metrics data in days.","type":"integer","format":"int32","x-order":0},"tracesRetentionPeriodDays":{"description":"The retention period of telemetry traces data in days.","type":"integer","format":"int32","x-order":1},"apiEndpointMetricsEnabled":{"description":"Whether the API endpoint metrics feature is enabled in MP,\\nif this feature is disabled in MP, all CP must disable this\\nfeature too because this feature requires MP to create indices,\\nif this feature is enabled in MP, CP clusters can choose whether\\nto enable it or not as per their needs.","type":"boolean","x-order":2}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":0}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.","type":"boolean","x-order":8}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute is used to set HTTP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of HTTPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where HTTP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":4}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/KeepAliveSettingsTcpKeepAliveSettings"}}},"v2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/v2API"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/v2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/v2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/v2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/LocalAuthzRuleHttpOperation"},"x-order":2}}},"v2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/v2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v2OIDCAuthType":{"description":"Configures how client_id and client_secret are sent in OAuth client to OAuth server requests.\\n\\n - DEFAULT_AUTH_TYPE: If no authentication type is specified, the default authentication type will be used.\\nCurrently, the default authentication type is set to `BASIC_AUTH` because it is widely supported by the majority of OIDC providers\\n - URL_ENCODED_BODY: The `client_id` and `client_secret` will be sent in the URL encoded request body.\\nThis type should only be used when Auth server does not support Basic authentication.\\n - BASIC_AUTH: The `client_id` and `client_secret` will be sent using HTTP Basic authentication scheme.","type":"string","default":"DEFAULT_AUTH_TYPE","enum":["DEFAULT_AUTH_TYPE","URL_ENCODED_BODY","BASIC_AUTH"]},"v2OIDCConfig":{"type":"object","title":"Configure OIDC authentication for a given hostname","required":["clientId","clientTokenSecret","redirectUri","provider"],"properties":{"grantType":{"$ref":"#/components/schemas/v2OIDCGrantType"},"clientId":{"description":"The client_id to be used in the authorize calls.\\nThis value will be URL encoded when sent to the OAuth server.","type":"string","x-order":1},"clientTokenSecret":{"description":"The name of the Kubernetes secret containing the client secret.\\n\\nKubernetes generic opaque secret should contain `istio_generic_secret` key with base64 encoded client_secret as value. \\n\\nFor example\\n---\\napiVersion: v1\\nmetadata:\\n  name: bar\\n  namespace: foo\\ndata:\\n  istio_generic_secret: e2Jhc2U2NF9lbmNvZGVkX3Rva2VuX3NlY3JldH0=\\nkind: Secret\\ntype: Opaque\\n\\nThe secret must be present in the same namespace as the gateway or sidecar deployment\\nfor which the configuration is being applied for.\\nThe (gateway/ sidecar) deployment must also have RBAC permissions to view secrets\\nin the current namespace. For gateways this is already configured, while for sidecar\\nthe permission should be added if not already present.\\n\\nThe secret token stored will be URL encoded when sent to the OAuth server.","type":"string","x-order":2},"redirectUri":{"description":"It can also be formulated from request parameters\\nFor example: %REQ(x-forwarded-proto)%://%REQ(:authority)%/callback\\n\\nThis URI should not contain any query parameters.","type":"string","title":"The redirect URI passed to the authorization endpoint","x-order":3},"provider":{"$ref":"#/components/schemas/v2OIDCProviderConfig"},"authType":{"$ref":"#/components/schemas/v2OIDCAuthType"},"authScopes":{"type":"array","title":"Optional list of OAuth scopes to be claimed in the authorization request.\\nIf not specified, defaults to `user` scope.\\nOAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3","items":{"type":"string"},"x-order":6},"redirectPathMatcher":{"description":"Matching criteria used to determine whether a path appears to be the\\nresult of a redirect from the authorization server.\\nThe query and fragment string (if present) are removed in the URL path portion.\\nFor example, the path `/data` will match URI header `/data#fragment?param=value`.\\n\\nIf not provided, default is derived from redirect_uri path\\nOnly exact match is configurable","type":"string","x-order":7},"signoutPath":{"description":"The path to sign a user out, clearing their credential cookies.\\n\\nIf not provided, default is `/signout`\\nOnly exact match is configurable","type":"string","x-order":8}}},"v2OIDCGrantType":{"description":"- DEFAULT_GRANT_TYPE: If no grant type is explicitly specified, the default grant type will be used.\\nThe specific behavior of the default grant type may vary based on the type of workload to which the authentication settings are applied.\\nCurrently, only `AUTHORIZATION_CODE` is available, so this will be in effect in the future when additional grant types are introduced.\\n - AUTHORIZATION_CODE: Use authorization code flow","type":"string","title":"Configures authentication flow to be used","default":"DEFAULT_GRANT_TYPE","enum":["DEFAULT_GRANT_TYPE","AUTHORIZATION_CODE"]},"v2OIDCProviderConfig":{"description":"OIDCProviderConfig defines the OIDC Provider configuration.\\n\\nIt has two modes `dynamic` and `static` meaning if the configuration\\nhas to be derived from the Issuer\'s Well-Known endpoint dynamically\\nor is statically configured.\\nTo use `dynamic` configuration only `issuer` field should be set. If any other\\nfield along with `issuer` is set then the configuration will be treated as `static`.\\n\\nFor AUTHORIZATION_CODE grant type, fields that are needed if configuration is `static`:\\n1. Issuer\\n2. AuthorizationEndpoint\\n3. TokenEndpoint\\n4. oneof (JwksURI or Jwks)","type":"object","required":["issuer"],"properties":{"issuer":{"description":"The OIDC Provider\'s [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).","type":"string","x-order":0},"authorizationEndpoint":{"description":"The OIDC Provider\'s [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":1},"tokenEndpoint":{"description":"The OIDC Provider\'s [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).\\nIf not provided, it will be discovered from the provider\'s [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).","type":"string","x-order":2},"jwksUri":{"description":"URI for the OIDC provider\'s JSON Web Key Sets. This can be found in the OIDC provider\'s configuration response.\\nThe JWKS are used for token verification.","type":"string","x-order":3},"jwks":{"description":"JSON string with the OIDC provider\'s JSON Web Key Sets. In general the URI for the Key Set is the preferred\\nmethod for configuring JWKS. This setting is provided in case the provider doesn\'t publish JWKS via a\\npublic URI.","type":"string","x-order":4}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"Timeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"tcpKeepalive":{"description":"Deprecated. This field will be removed in upcoming releases.\\nPlease use the `keep_alive` field instead.\\nIf enabled, sets SO_KEEPALIVE on the socket to enable TCP keepalive.","type":"boolean","x-order":2},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/ResilienceSettingsSensitivity"}}},"v2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":4}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"description":" - OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate\\nis optional. Unlike SIMPLE mode, A client certificate will\\nstill be explicitly requested during handshake, but the client\\nis not required to send a certificate. If a client certificate\\nis presented, it will be validated. ca_certificates should\\nbe specified for validating client certificates.","type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL","OPTIONAL_MUTUAL"]},"v2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/v2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/v2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"type":"string","title":"The canonical name of the service defined by user","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15}}},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"type":"string","title":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh and has a proxy we can configure.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"v2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.","type":"boolean","x-order":5}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/v2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"}}}}}}},"1_7_x":{"url":"service-bridge/generated/openapi/1.7.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.7.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"This action will also create a service account with permissions to manage this cluster.\\nThis service account (aka cluster service account) can be used in the ControlPlane installation to\\nauthenticate it through the ManagementPlane.\\n\\nAs part of the response, a template will be provided (in the field `installTemplate`) with minimum\\nconfiguration to be able to install the TSB Operator in the cluster running as ControlPlane.\\nThis data is not stored and will be only available in the response of this action.","tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/v2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Flag to return the install template required to install this cluster.\\nThis will generate a new API key pair for the cluster service account.","name":"includeInstallTemplate","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/v2Locality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"state":{"$ref":"#/components/schemas/ClusterState"},"tier1Cluster":{"description":"Indicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string"},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/tsbv2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/v2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Force the deletion of internal groups even if they are protected against deletion.","name":"forceDeleteProtectedGroups","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/v2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateways"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateways_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateways"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateways_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given gateway group.","operationId":"Gateways_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"update the given gateway group.","operationId":"Gateways_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateways_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateways"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateways_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateways_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/v2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateways_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateways_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateways_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateways"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateways_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateways_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateways_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateways_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateways_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateways"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateways_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateways_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateways"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateways_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"operationId":"Gateways_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateways_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways":{"get":{"tags":["Gateways"],"summary":"List all Gateway objects in the gateway group.","operationId":"Gateways_ListGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateways"],"summary":"Create a Gateway object in the gateway group.","operationId":"Gateways_CreateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway.","type":"object","required":["name","gateway"],"properties":{"gateway":{"$ref":"#/components/schemas/v2Gateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/unifiedgateways/{unifiedgateway}":{"get":{"tags":["Gateways"],"summary":"Get the details of the given Gateway object.","operationId":"Gateways_GetGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateways"],"summary":"Modify the given Gateway object.","operationId":"Gateways_UpdateGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"}},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"}},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateways"],"summary":"Delete the given Gateway object.","operationId":"Gateways_DeleteGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Unifiedgateway name.","name":"unifiedgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Force the deletion of the object even if deletion protection is enabled.\\nIf this is set, then the object and all its children will be deleted even if any of them\\nhas the deletion protection enabled.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Create a local User in TSB.\\nLocal users are like sercice accounts and are mostly used for internal purposes where\\nan authentication token can be issued by the IAM service to be used on behalf of the user.\\n\\nNote that local users do not exist in the Identity Provider and the normal login process will\\nnot allow them to access TSB.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n$hide_from_docs\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"Modify an existin user.\\n\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, and the process may automatically set some\\nproperties of the User resource. Modifications made using the TSB APIs may be replaced\\nby the data from the Identity Provider on every synchronization.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"Delete an existing user.\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, so deleting a user that is not a local one\\nmay be reverted if the change is not done accordingly in the Identity Provider.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Force the deletion of internal resources even if they are protected against deletion.","name":"force","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"Applications"},{"name":"WasmExtensions"},{"name":"Gateways"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/v2Metadata"},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"AuthenticationRules":{"type":"object","properties":{"jwt":{"description":"List of rules how to authenticate an HTTP request from a JWT Token attached to it.\\nA JWT Token, if present in the HTTP request, must satisfy one of the rules defined here.\\nThe order in which rules are being checked at runtime might differ from the order\\nin which they are defined here.\\nIf the JWT Token doesn\'t satisfy any of the rules, the request will be rejected.\\nIf the JWT Token does satisfy one of the rules, the identity of the request\\nwill be extracted from the JWT Token.\\n\\nNotice that an HTTP request without a JWT Token attached to it will NOT be rejected\\nbased on the rules defined here. Remember to define HTTP request authorization settings\\nto achieve that.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"x-order":0}}},"AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2LocalAuthzRule"},"x-order":0}}},"AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"BackendRedisSettings":{"type":"object","title":"Configuration for the External Redis Backend Database","required":["uri"],"properties":{"uri":{"description":"The Redis Database URI. The value of the URI decides the scope\\nfor ratelimiting across multiple clusters.","type":"string","x-order":0}}},"CertManagerSettingsCertManagerCAInjector":{"description":"CertManagerCAInjector represents the settings used for cert-manager CAInjector installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerSpec":{"description":"CertManagerSpec represents the settings used for cert-manager controller installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsCertManagerStartupAPICheck":{"description":"CertManagerStartupAPICheck represents the settings used for cert-manager startup API check job installation in the clusters.\\nDEPRECATED. StartupAPICheck is disabled.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesJobComponentSpec"}}},"CertManagerSettingsCertManagerWebhookSpec":{"description":"CertManagerWebhookSpec represents the settings used for cert-manager Webhook installation in the clusters.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"CertManagerSettingsManaged":{"description":"- AUTO: TSB will check if a pre-existing cert-manager installation is found in the cluster and only\\ninstall and manage cert-manager if it is not found.\\nThe pre-installed cert-manager should support signing requests raised through Kubernetes CSR\\n - EXTERNAL: EXTERNAL represents that TSB will rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR\\n - INTERNAL: INTERNAL represents that TSB will install and manage cert-manager in the cluster.\\nIn case a pre-existing installation is found, the operator will not install cert-manager and fail.","type":"string","title":"If INTERNAL, TSB will install and manage cert-manager. In case a pre-existing installation is found, the operator will not install cert-manager and fail.\\nIf EXTERNAL, TSB would rely on a pre installed cert-manager for use.\\nPre installed cert-manager should support signing requests raised through Kubernetes CSR","default":"AUTO","enum":["AUTO","EXTERNAL","INTERNAL"]},"ClusterInstallTemplate":{"description":"InstallTemplate provides templates ready to be used in the ControlPlane (cluster onboard) installation.","type":"object","properties":{"message":{"type":"string","title":"can provide useful information to the user","x-order":0,"readOnly":true},"helm":{"$ref":"#/components/schemas/v1alpha1Values"}}},"ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4},"discoveredLocality":{"$ref":"#/components/schemas/v2Locality"}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"ControlPlaneSpecMeshObservability":{"description":"Configure how the mesh should be observed, which observability functionalities should be\\nenabled to observe your registered services in the mesh, and the store properties\\nthat TSB will use to persist application observability data like metrics, traces,\\nlogs.\\nIf omitted, the operator will assume\\na demo installation and for your convenience install a demo grade mesh observability\\nsetting.\\nSelect one of the `MeshObservability` settings to see complete examples.","type":"object","properties":{"demoSettings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"},"settings":{"$ref":"#/components/schemas/commonMeshObservabilitySettings"}}},"ControlPlaneSpecTelemetryStore":{"description":"Configure the store that TSB will use to persist application telemetry data.\\nSelect one of the `TelemetryStore` settings to see complete examples.","type":"object","properties":{"elastic":{"$ref":"#/components/schemas/v1alpha1ElasticSearchSettings"}}},"ElasticSearchSettingsProtocol":{"description":"The list of supported protocols to communicate with Elasticsearch.","type":"string","default":"https","enum":["https","http"]},"FilterSettingsAWSZoneType":{"description":"AWS Route53 Zone type filters.\\n\\n - NONE: No filter.\\n - PUBLIC: Filter public zones.\\n - PRIVATE: Filter private zones.","type":"string","default":"NONE","enum":["NONE","PUBLIC","PRIVATE"]},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"JWTClaimToHeader":{"description":"This message specifies the detail for copying claim to header.","type":"object","required":["header","claim"],"properties":{"header":{"description":"The name of the header to be created. The header will be overridden if it already exists in the request.","type":"string","x-order":0},"claim":{"description":"The name of the claim to be copied from. Only claim of type string/int/bool is supported.\\nThe header will not be there if the claim does not exist or the type of the claim is not supported.","type":"string","x-order":1}}},"JWTJWTHeader":{"description":"This message specifies a header location to extract JWT token.","type":"object","required":["name"],"properties":{"name":{"description":"The HTTP header name.","type":"string","x-order":0},"prefix":{"description":"The prefix that should be stripped before decoding the token.\\nFor example, for `Authorization: Bearer &lt;token&gt;`, prefix=`Bearer ` with a space at the end.\\nIf the header doesn\'t have this exact prefix, it is considered invalid.","type":"string","x-order":1}}},"K8sObjectOverlayPathValue":{"type":"object","properties":{"path":{"description":"Path of the form a.[key1:value1].b.[:value2]\\nWhere [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value\\nselector to identify a list element in a leaf list.\\nAll path intermediate nodes must exist.","type":"string","x-order":0},"value":{"description":"Value to add, delete or replace.\\nFor add, the path should be a new leaf.\\nFor delete, value should be unset.\\nFor replace, path should reference an existing node.\\nAll values are strings but are converted into appropriate type based on schema.","x-order":1}}},"KeepAliveSettingsTcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"MeshExpansionSettingsGateway":{"description":"A custom mesh expansion gateway. This is required when the workload can\'t access the default gateway directly via the external IP or hostname.","type":"object","required":["host","port"],"properties":{"host":{"description":"Mesh expansion gateway host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port mesh expansion gateway is listening on.","type":"integer","format":"int32","x-order":1}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"MetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"OnboardingPlaneEndpoint":{"description":"Configuration of the endpoint exposing `Workload Onboarding API` to\\n`Workload Onboarding Agents`.","type":"object","required":["hosts","secretName"],"properties":{"hosts":{"description":"List of hosts included in the TLS certificate.","type":"array","items":{"type":"string"},"x-order":0},"secretName":{"description":"Name of the secret that holds TLS certificate chain and private key.","type":"string","x-order":1}}},"OnboardingPlaneLocalRepository":{"description":"Configuration of the local repository with `DEB` and `RPM` packages\\nof the `Workload Onboarding Agent` and `Istio Sidecar`.","type":"object"},"OnboardingPlaneTokenIssuer":{"description":"Configuration of the built-in `Workload Onboarding Token Issuer`.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/TokenIssuerJwtTokenIssuer"}}},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitServerBackend":{"description":"External Backend Database types. This points to the backend\\nused by the ratelimit server as a key/value store.","type":"object","properties":{"redis":{"$ref":"#/components/schemas/BackendRedisSettings"}}},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1}}},"RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"Route53SettingsFilterSettings":{"description":"Filter settings for route53 controller.","type":"object","properties":{"annotationFilter":{"description":"Filter out (remove) targets that matches annotation using label selector semantics. Optional.\\n*NOTE*: The annotation value currently cannot be longer thant 63 characters.","type":"string","x-order":0},"labelFilter":{"description":"Filter out (remove) targets that matches label selector. Optional.","type":"string","x-order":1},"excludeDomain":{"description":"Exclude subdomains. Optional.","type":"array","items":{"type":"string"},"x-order":2},"zoneType":{"$ref":"#/components/schemas/FilterSettingsAWSZoneType"},"zoneTagFilter":{"description":"When using the AWS provider, filter for zones with this tag. Optional, format: key=value.","type":"array","items":{"type":"string"},"x-order":4},"zoneIdFilter":{"description":"When using the AWS provider, filter for zones with this ID. Optional.","type":"array","items":{"type":"string"},"x-order":5}}},"Route53SettingsPolicy":{"description":"Policy that defines how DNS records are managed.\\n\\n - SYNC: Allow full synchronization.\\n - UPSERT_ONLY: Don\'t allow delete DNS records.\\n - CREATE_ONLY: Allow only creating DNS records.","type":"string","default":"SYNC","enum":["SYNC","UPSERT_ONLY","CREATE_ONLY"]},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecretsClusterServiceAccount":{"description":"Cluster service account used to authenticate to the Management Plane.","type":"object","properties":{"clusterFQN":{"description":"TSB FQN of the onboarded cluster resource. This will be generate tokens for all Control Plane agents.","type":"string","x-order":0},"JWK":{"description":"Literal JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":1},"encodedJWK":{"description":"Base64-encoded JWK used to generate and sign the tokens for all the Control Plane agents.","type":"string","x-order":2}}},"SecretsElasticSearch":{"description":"Secrets to reach the Elasticsearch.","type":"object","properties":{"username":{"description":"The username to access Elasticsearch.","type":"string","x-order":0},"password":{"description":"The password to access Elasticsearch.","type":"string","x-order":1},"cacert":{"description":"Elasticsearch CA cert TLS used by control plane to verify TLS connection.","type":"string","x-order":2}}},"SecretsTSB":{"description":"Secrets to reach the TSB Management Plane.","type":"object","properties":{"cacert":{"description":"CA certificate used to verify TLS certs exposed the Management Plane (front envoy).","type":"string","x-order":0}}},"SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"type":"string","title":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.\\n","x-order":0,"readOnly":true},"publicKey":{"type":"string","title":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":1,"readOnly":true},"privateKey":{"type":"string","title":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.\\n","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/en-us/howto/service-accounts\\n","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/MetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/StickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"StickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"TcpKeepAliveSettingsTcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"TokenIssuerJwtTokenIssuer":{"description":"Configuration of the built-in JWT Token Issuer.","type":"object","properties":{"expiration":{"description":"Expiration is the duration issued tokens are valid for.\\nDefaults to `1h`.","type":"string","x-order":0}}},"TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"XCPCentralAuthMode":{"description":"- UNKNOWN: Default when unset, do not use\\n - MUTUAL_TLS: GRPC stream is encrypted with mutual TLS\\n - JWT: XCP Edges present a JWT bearer token in the GRPC headers","type":"string","title":"Authentication mode for connections from XCP Edges to XCP Central","default":"UNKNOWN","enum":["UNKNOWN","MUTUAL_TLS","JWT"]},"XCPEdge":{"description":"Secrets for the XCP Edge component.","type":"object","properties":{"cert":{"description":"Edge certificate used for mTLS with XCP Central.","type":"string","x-order":0},"key":{"description":"Key of the Edge certificate used for mTLS with XCP Central.","type":"string","x-order":1},"token":{"description":"JWT token used to authenticate XCP Edge against the XCP Central.","type":"string","x-order":2}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"commonCertManagerSettings":{"description":"CertManagerSettings represents the settings used for the cert-manager installation. TSB supports installing and managing\\nthe lifecycle of the cert-manager installation.","type":"object","properties":{"managed":{"$ref":"#/components/schemas/CertManagerSettingsManaged"},"certManagerSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerSpec"},"certManagerWebhookSpec":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerWebhookSpec"},"certManagerCaInjector":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerCAInjector"},"certManagerStartupapicheck":{"$ref":"#/components/schemas/CertManagerSettingsCertManagerStartupAPICheck"}}},"commonConfigProtection":{"type":"object","title":"ConfigProtection contains settings for enabling/disabling config protection\\nover XCP created resources.\\nConfig protections are disabled by default.\\nExample:\\n```yaml\\nconfigProtection:\\n  enableAuthorizedUpdateDeleteOnXcpConfigs: true\\n  enableAuthorizedCreateUpdateDeleteOnXcpConfigs: true\\n  authorizedUsers:\\n    - user1\\n    - system:serviceaccount:ns1:serviceaccount-1\\n```","properties":{"enableAuthorizedUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to delete or update\\nthe XCP/Istio API resources created by XCP.","type":"boolean","x-order":0},"enableAuthorizedCreateUpdateDeleteOnXcpConfigs":{"description":"When enabled, no other user or svc account except AuthorizedUsers would be allowed to create, delete or update\\nthe XCP/Istio API resources. This acts as a superset of the enableAuthorizedUpdateDeleteOnXcpConfigs.","type":"boolean","x-order":1},"authorizedUsers":{"description":"List of usernames of authorized users or svc accounts to create/update/delete XCP configs when config protection is enabled.","type":"array","items":{"type":"string"},"x-order":2}}},"commonCustomCertProviderSettings":{"description":"CustomCertProviderSettings represents the settings used for the custom certificate provider. Users can configure the CSR signer\\nrequired for certificate signing and point to the CA bundle to be used to validate the certificates.","type":"object","required":["csrSignerName","caBundleSecretName"],"properties":{"csrSignerName":{"description":"Name of Kubernetes CSR signer to be used to sign the CSR request by different TSB components for internal purposes.","type":"string","x-order":0},"caBundleSecretName":{"description":"Configure the CABundleSecretName to be used to verify the signed CSR request by different TSB components. If not specified,\\nTSB would use the secret with the name ca-bundle-management-plane in the management plane namespace or ca-bundle-control-plane\\nin the control plane namespace. The secret should contain the file ca.crt with the cert data.","type":"string","x-order":1}}},"commonGitOps":{"description":"The GitOps component configures the features that allow integrating the Management Plane and/or the\\nControl Plane cluster with Continuous Deployment pipelines.","type":"object","properties":{"enabled":{"description":"The GitOps component is in beta and disabled by default.\\nIf Management and Control Planes are installed in the same cluster, Continuous Deployment Integration\\nshould only be enabled in one of both planes. However, if the GitOps component is enabled in both planes,\\nonly the Control Plane GitOps component will remain enabled. The Management Plane GitOps component\\nwill not be enabled, even though it is explicitly enabled.","type":"boolean","x-order":0},"reconcileInterval":{"description":"Interval at which the reconcile process will run.\\nThe reconcile process will read all TSB CRs that exist in the cluster and\\nreapply them to the management plane, to make sure the cluster CRs remain\\nas the source of truth. Format: 1h/1m/1s/1ms. A value of 0 disables the\\nreconcile loop. Default: 10m.","type":"string","x-order":1},"batchWindow":{"description":"When configured, all admission requests will be paused for the configured duration.\\nOnce the window interval is closed, all paused admission requests will be sent together\\nto the Management Plane as a single request.\\nBatching of requests is disabled by default and should be enabled only if there is high concurrency\\nand ordering of resources could be an issue. By configuring a batch window the concurrency\\nand ordering issues may be mitigated, although it will introduce a constant latency to all requests\\nof the configured time window.\\nWhen enabled, it is recommended to use a small value, for example 1 second.","type":"string","x-order":2},"managementplaneRequestTimeout":{"description":"The GitOps component performs operations against the management plane through the k8s webhook.\\nThis allows configuring the duration of each operation in order to fail early if it takes too much.\\nThis value cannot be lower than `webhook_timeout` due to the request being tied to the ones received\\nby the k8s webhook.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 25s.","type":"string","x-order":3},"reconcileRequestTimeout":{"description":"The GitOps component performs operations against the management plane internal reconcile loop.\\nThis allows configuring the duration of each operation to fail early if it takes too long.\\nFormat: 1h/1m/1s/1m. Any value &lt;= 0 will be reset to the default value. Default: 2m.","type":"string","x-order":4},"webhookTimeout":{"description":"Timeout that will be set in the k8s gitops webhook resource.\\nFormat: 1h/1m/1s/1m. Default: 30s. Allowed values must be between 0s and 30s.","type":"string","x-order":5}}},"commonInternalCertProvider":{"description":"InternalCertProvider describes the certificate provider configuration for TSB internal purposes like kubernetes webhook certificate. TSB supports cert-manager out of the box.","type":"object","properties":{"certManager":{"$ref":"#/components/schemas/commonCertManagerSettings"},"custom":{"$ref":"#/components/schemas/commonCustomCertProviderSettings"}}},"commonMeshObservabilitySettings":{"description":"Configure mesh observability.\\nThe following examples enable the analysis and generation of RED metrics for each\\nendpoint of your registered services.\\n\\nNotice that both, ManagementPlane and ControlPlane, need to be aligned with this configuration.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ManagementPlane\\nmetadata:\\n  name: managementplane\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshObservability:\\n    settings:\\n      apiEndpointMetricsEnabled: true\\n```","type":"object","properties":{"apiEndpointMetricsEnabled":{"description":"Toggle to process, analyze, and generate api endpoints RED metrics.\\nBy default `false` which means disabled.\\nIf you want to analyze all your request and generate RED metrics for\\neach endpoint of your registered services in the mesh, set it to `true`.","type":"boolean","x-order":0}}},"commonv1alpha1Image":{"description":"Values for the TSB operator image.","type":"object","properties":{"registry":{"description":"Registry used to download the operator image.","type":"string","x-order":0},"tag":{"description":"The tag of the operator image.","type":"string","x-order":1}}},"controlplanev1alpha1OnboardingPlane":{"description":"Configure `Workload Onboarding Plane` component.","type":"object","properties":{"instance":{"$ref":"#/components/schemas/v1alpha1OnboardingPlaneInstance"}}},"controlplanev1alpha1XCP":{"description":"Kubernetes settings for the XCP component.","type":"object","properties":{"centralAuthMode":{"$ref":"#/components/schemas/XCPCentralAuthMode"},"configProtection":{"$ref":"#/components/schemas/commonConfigProtection"},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"revision":{"description":"$hide_from_docs\\nConfigures the istio revision tag.\\nIf configured, istio upgrade will not be in-place upgrade. A new istio\\ncontrol plane with the configured revision will be deployed. Selectively\\nsidecars and gateways could be moved to newer control plane. Note that it\\nis not the istio version. Istio version is fixed for a particular tsb\\nversion and that is not a configurable setting. Revision should be\\nconfigured to human readable value for example tsb-1-5. For further\\nreference,\\nhttps://istio.io/latest/blog/2020/multiple-control-planes/#configuring\\nDeprecated: replaced by isolation_boundaries, where each isolation boundary can have\\nmulitple revisions.","type":"string","x-order":3},"isolationBoundaries":{"description":"Configures Isolated Istio environments along with Istio revisions for each environment.\\nIsolationBoundaries can be empty when the feature flag IstioIsolationBoundaries is disabled.\\nOnce enabled, isolation boundaries can be configured.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IsolationBoundary"},"x-order":4},"enableHttpMeshInternalIdentityPropagation":{"description":"Enables HTTP mesh internal service identity propagation across gateway hops, utilizing the propagated identity\\nfor evaluating TSB RBAC rules. Users should enable this feature when they want to create RBAC rules around\\nrequest\'s origin client identity for east west traffic. The most common case for this would be when using\\nauthorization features such as ALLOW/DENY rules mode and ServiceSecuritySettings in cross-cluster environment.\\nThis feature is disabled by default.","type":"boolean","x-order":5},"centralProvidedCaCert":{"description":"If true, obtain the CA cert for Istio from XCP central.\\nTo enable it, the XCP Central needs to be configured with `certIssuer.clusterIntermediateCASettings: {}`.","type":"boolean","x-order":6},"logLevels":{"description":"Loglevel for XCP.\\nSupported log level: \\"none\\", \\"fatal\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":7}}},"corev1Toleration":{"description":"The pod this Toleration is attached to tolerates any taint that matches\\nthe triple &lt;key,value,effect&gt; using the matching operator &lt;operator&gt;.","type":"object","properties":{"key":{"type":"string","title":"Key is the taint key that the toleration applies to. Empty means match all taint keys.\\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.\\n+optional","x-order":0},"operator":{"type":"string","title":"Operator represents a key\'s relationship to the value.\\nValid operators are Exists and Equal. Defaults to Equal.\\nExists is equivalent to wildcard for value, so that a pod can\\ntolerate all taints of a particular category.\\n+optional","x-order":1},"value":{"type":"string","title":"Value is the taint value the toleration matches to.\\nIf the operator is Exists, the value should be empty, otherwise just a regular string.\\n+optional","x-order":2},"effect":{"type":"string","title":"Effect indicates the taint effect to match. Empty means match all taint effects.\\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\\n+optional","x-order":3},"tolerationSeconds":{"type":"string","format":"int64","title":"TolerationSeconds represents the period of time the toleration (which must be\\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\\nit is not set, which means tolerate the taint forever (do not evict). Zero and\\nnegative values will be treated as 0 (evict immediately) by the system.\\n+optional","x-order":4}}},"extensionv2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"}}},"googlerpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"installkubernetesAffinity":{"type":"object","title":"The scheduling constraints for the pod.\\nhttps://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity","properties":{"nodeAffinity":{"$ref":"#/components/schemas/installkubernetesNodeAffinity"},"podAffinity":{"$ref":"#/components/schemas/installkubernetesPodAffinity"},"podAntiAffinity":{"$ref":"#/components/schemas/installkubernetesPodAntiAffinity"}}},"installkubernetesCapabilities":{"description":"See k8s.io.api.core.v1.Capabilities.","type":"object","properties":{"add":{"type":"array","items":{"type":"string"},"x-order":0},"drop":{"type":"array","items":{"type":"string"},"x-order":1}}},"installkubernetesConfigMapKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesCrossVersionObjectReference":{"type":"object","properties":{"kind":{"type":"string","x-order":0},"name":{"type":"string","x-order":1},"apiVersion":{"type":"string","x-order":2}}},"installkubernetesDeployment":{"type":"object","title":"The Kubernetes resource configuration for all Deployments","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"replicaCount":{"type":"integer","format":"int64","title":"Number of desired pods.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentspec-v1-apps","x-order":3},"resources":{"$ref":"#/components/schemas/installkubernetesResources"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6},"hpaSpec":{"$ref":"#/components/schemas/installkubernetesHorizontalPodAutoscalerSpec"},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"installkubernetesDeploymentStrategy":{"type":"object","title":"The deployment strategy to use to replace existing pods with new ones.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps","properties":{"type":{"type":"string","x-order":0},"rollingUpdate":{"$ref":"#/components/schemas/installkubernetesRollingUpdateDeployment"}}},"installkubernetesEnvVar":{"type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1},"valueFrom":{"$ref":"#/components/schemas/installkubernetesEnvVarSource"}}},"installkubernetesEnvVarSource":{"type":"object","properties":{"fieldRef":{"$ref":"#/components/schemas/installkubernetesObjectFieldSelector"},"resourceFieldRef":{"$ref":"#/components/schemas/installkubernetesResourceFieldSelector"},"configMapKeyRef":{"$ref":"#/components/schemas/installkubernetesConfigMapKeySelector"},"secretKeyRef":{"$ref":"#/components/schemas/installkubernetesSecretKeySelector"}}},"installkubernetesExternalMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"metricSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesHorizontalPodAutoscalerSpec":{"type":"object","title":"Horizontal Pod Autoscaler automatically scales the number of pods in a\\ndeployment based on a specified metric. Kubernetes periodically adjusts the\\nnumber of replicas in a deployment to match the observed metric to the target\\nspecified. This mirrors the Kubernetes spec except from the top level\\n`scaleTargetRef` field, which we set for you. The version of Horizontal Pod\\nAutoscaler currently used is\\n`[v2beta1](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#horizontalpodautoscaler-v2beta1-autoscaling)`.\\nhttps://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/","properties":{"minReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":0},"maxReplicas":{"type":"integer","format":"int32","title":"Must be set in order to create the HPA resource in Kubernetes","x-order":1},"metrics":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesMetricSpec"},"x-order":2}}},"installkubernetesLocalObjectReference":{"description":"LocalObjectReference contains enough information to let you locate the\\nreferenced object inside the same namespace.","type":"object","properties":{"name":{"description":"Name of the referent.","type":"string","x-order":0}}},"installkubernetesMetricSpec":{"type":"object","properties":{"type":{"type":"string","x-order":0},"object":{"$ref":"#/components/schemas/installkubernetesObjectMetricSource"},"pods":{"$ref":"#/components/schemas/installkubernetesPodsMetricSource"},"resource":{"$ref":"#/components/schemas/installkubernetesResourceMetricSource"},"external":{"$ref":"#/components/schemas/installkubernetesExternalMetricSource"}}},"installkubernetesMetricTarget":{"type":"object","title":"MetricTarget provides compatibility with k8s autoscaling/v2 API","properties":{"type":{"type":"string","x-order":0},"averageUtilization":{"type":"integer","format":"int32","x-order":1},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"value":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesNodeAffinity":{"type":"object","title":"Group of node affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"$ref":"#/components/schemas/installkubernetesNodeSelector"},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","title":"The scheduler will prefer to schedule pods to nodes that satisfy the\\naffinity expressions specified by this field, but it may choose a node that\\nviolates one or more of the expressions.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#preferredschedulingterm-v1-core","items":{"$ref":"#/components/schemas/installkubernetesPreferredSchedulingTerm"},"x-order":1}}},"installkubernetesNodeSelector":{"type":"object","properties":{"nodeSelectorTerms":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"},"x-order":0}}},"installkubernetesNodeSelectorRequirement":{"type":"object","properties":{"key":{"type":"string","x-order":0},"operator":{"type":"string","x-order":1},"values":{"type":"array","items":{"type":"string"},"x-order":2}}},"installkubernetesNodeSelectorTerm":{"type":"object","properties":{"matchExpressions":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":0},"matchFields":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesNodeSelectorRequirement"},"x-order":1}}},"installkubernetesObjectFieldSelector":{"type":"object","properties":{"apiVersion":{"type":"string","x-order":0},"fieldPath":{"type":"string","x-order":1}}},"installkubernetesObjectMetricSource":{"type":"object","properties":{"target":{"$ref":"#/components/schemas/installkubernetesCrossVersionObjectReference"},"metricName":{"type":"string","x-order":1},"targetValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"},"averageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesPodAffinity":{"type":"object","title":"Group of inter-pod affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodAffinityTerm":{"type":"object","properties":{"labelSelector":{"$ref":"#/components/schemas/v1LabelSelector"},"namespaces":{"type":"array","items":{"type":"string"},"x-order":1},"topologyKey":{"type":"string","x-order":2}}},"installkubernetesPodAntiAffinity":{"type":"object","title":"Group of inter-pod anti-affinity scheduling rules.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podantiaffinity-v1-core","properties":{"requiredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"},"x-order":0},"preferredDuringSchedulingIgnoredDuringExecution":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesWeightedPodAffinityTerm"},"x-order":1}}},"installkubernetesPodSecurityContext":{"description":"See k8s.io.api.core.v1.PodSecurityContext.","type":"object","properties":{"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":1},"runAsNonRoot":{"type":"boolean","x-order":2},"supplementalGroups":{"type":"array","items":{"type":"integer","format":"int64"},"x-order":3},"fsGroup":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"sysctls":{"type":"array","items":{"$ref":"#/components/schemas/installkubernetesSysctl"},"x-order":6},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"fsGroupChangePolicy":{"type":"string","x-order":8},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesPodsMetricSource":{"type":"object","properties":{"metricName":{"type":"string","x-order":0},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"selector":{"$ref":"#/components/schemas/v1LabelSelector"}}},"installkubernetesPreferredSchedulingTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"preference":{"$ref":"#/components/schemas/installkubernetesNodeSelectorTerm"}}},"installkubernetesResourceFieldSelector":{"type":"object","properties":{"containerName":{"type":"string","x-order":0},"resource":{"type":"string","x-order":1},"divisor":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesResourceMetricSource":{"type":"object","properties":{"name":{"type":"string","x-order":0},"targetAverageUtilization":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"targetAverageValue":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"target":{"$ref":"#/components/schemas/installkubernetesMetricTarget"}}},"installkubernetesResources":{"description":"Mirrors k8s.io.api.core.v1.ResourceRequirements for unmarshalling.","type":"object","properties":{"limits":{"type":"object","additionalProperties":{"type":"string"},"x-order":0},"requests":{"type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"installkubernetesRollingUpdateDeployment":{"description":"Mirrors k8s.io.api.apps.v1.RollingUpdateDeployment for unmarshalling.","type":"object","properties":{"maxUnavailable":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"maxSurge":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"}}},"installkubernetesSELinuxOptions":{"description":"See k8s.io.api.core.v1.SELinuxOptions.","type":"object","properties":{"user":{"type":"string","x-order":0},"role":{"type":"string","x-order":1},"type":{"type":"string","x-order":2},"level":{"type":"string","x-order":3}}},"installkubernetesSeccompProfile":{"description":"See k8s.io.api.core.v1.SeccompProfile.","type":"object","properties":{"type":{"type":"string","x-order":0},"localhostProfile":{"type":"string","x-order":1}}},"installkubernetesSecretKeySelector":{"type":"object","properties":{"localObjectReference":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"key":{"type":"string","x-order":1},"optional":{"type":"boolean","x-order":2}}},"installkubernetesSecurityContext":{"description":"See k8s.io.api.core.v1.SecurityContext.","type":"object","properties":{"capabilities":{"$ref":"#/components/schemas/installkubernetesCapabilities"},"privileged":{"type":"boolean","x-order":1},"seLinuxOptions":{"$ref":"#/components/schemas/installkubernetesSELinuxOptions"},"windowsOptions":{"$ref":"#/components/schemas/installkubernetesWindowsSecurityContextOptions"},"runAsUser":{"type":"integer","format":"int64","x-order":4},"runAsGroup":{"type":"integer","format":"int64","x-order":5},"runAsNonRoot":{"type":"boolean","x-order":6},"readOnlyRootFilesystem":{"type":"boolean","x-order":7},"allowPrivilegeEscalation":{"type":"boolean","x-order":8},"procMount":{"type":"string","x-order":9},"seccompProfile":{"$ref":"#/components/schemas/installkubernetesSeccompProfile"}}},"installkubernetesService":{"type":"object","title":"The Kubernetes resource configuration for a Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"ports":{"type":"array","title":"List of ports exposed by the component\'s service.\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#serviceport-v1-core","items":{"$ref":"#/components/schemas/installkubernetesServicePort"},"x-order":1},"type":{"type":"string","title":"Determines how the Service is exposed. Valid options are ExternalName,\\nClusterIP, NodePort, and LoadBalancer.\\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types","x-order":2},"labels":{"type":"object","title":"Labels are an unstructured key value map stored with the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels","additionalProperties":{"type":"string"},"x-order":3}}},"installkubernetesServiceAccount":{"type":"object","title":"Settings related to the component service account","properties":{"imagePullSecrets":{"type":"array","title":"List of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":0}}},"installkubernetesServicePort":{"type":"object","properties":{"name":{"type":"string","x-order":0},"protocol":{"type":"string","x-order":1},"port":{"type":"integer","format":"int32","x-order":2},"targetPort":{"$ref":"#/components/schemas/operatorv1alpha1IntOrString"},"nodePort":{"type":"integer","format":"int32","x-order":4}}},"installkubernetesSysctl":{"description":"See k8s.io.api.core.v1.Sysctl.","type":"object","properties":{"name":{"type":"string","x-order":0},"value":{"type":"string","x-order":1}}},"installkubernetesWeightedPodAffinityTerm":{"type":"object","properties":{"weight":{"type":"integer","format":"int32","x-order":0},"podAffinityTerm":{"$ref":"#/components/schemas/installkubernetesPodAffinityTerm"}}},"installkubernetesWindowsSecurityContextOptions":{"description":"See k8s.io.api.core.v1.WindowsSecurityContextOptions.","type":"object","properties":{"gmsaCredentialSpecName":{"type":"string","x-order":0},"gmsaCredentialSpec":{"type":"string","x-order":1},"runAsUserName":{"type":"string","x-order":2}}},"kubernetesCNI":{"type":"object","title":"Configure Istio\'s CNI plugin\\nFor further details see: https://istio.io/docs/setup/additional-setup/cni/","properties":{"binaryDirectory":{"description":"Directory on the host to install the CNI binary.\\nMust be the same as the environment\u2019s `--cni-bin-dir` setting (kubelet\\nparameter).","type":"string","x-order":0},"configurationDirectory":{"description":"Directory on the host to install the CNI config.\\nMust be the same as the environment\u2019s `--cni-conf-dir` setting (kubelet\\nparameter).","type":"string","x-order":1},"chained":{"description":"Whether to deploy the configuration file as a plugin chain or as a\\nstandalone file in the configuration directory. Some Kubernetes flavors\\n(e.g. OpenShift) do not support the chain approach.","type":"boolean","x-order":2},"configurationFileName":{"description":"Leave unset to auto-find the first file in the `cni-conf-dir` (as kubelet\\ndoes). Primarily used for testing install-cni plugin configuration. If set,\\n`install-cni` will inject the plugin configuration into this file in the\\n`cni-conf-dir`.","type":"string","x-order":3},"clusterRole":{"description":"The ClusterRole Istio CNI will bind to in the ControlPlane namespace.\\nThis is useful if you use Pod Security Policies and want to allow\\n`istio-cni` to run as privileged Pods.","type":"string","x-order":4},"revision":{"description":"The revisioned istio-operator that will reconcile the Istio CNI component.\\nA revision can only be specified when Isolation Boundaries are enabled and\\nconfigured with at least one revision.\\nRevision specified here must be an enabled revision under `xcp.isolationBoundaries`.\\nIf not provided, it defaults to the latest enabled\\nrevision based on their corresponding tsbVersion. If multiple such revisions\\nare found, revision names are alphabetically sorted and the first revision\\nis considered as the default.","type":"string","x-order":5}}},"kubernetesGlobalDeployment":{"type":"object","title":"The Kubernetes resource configuration for a Deployment","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the deployment.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":4},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalJob":{"type":"object","title":"The Kubernetes resource configuration for all CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":2},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesGlobalService":{"type":"object","title":"The Kubernetes resource configuration for all the Service","properties":{"annotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"kubernetesJob":{"type":"object","title":"The Kubernetes resource configuration for a CronJob or Job","properties":{"podAnnotations":{"type":"object","title":"Pod annotations are an unstructured key value map stored with the pod.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0},"env":{"type":"array","title":"Environment variables for all containers in the job.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":1},"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"tolerations":{"type":"array","title":"Tolerations are applied to pods, and allow (but do not require) the pods to\\nschedule onto nodes with matching taints. Taints and tolerations work\\ntogether to ensure that pods are not scheduled onto inappropriate nodes.\\nOne or more taints are applied to a node; this marks that the node should\\nnot accept any pods that do not tolerate the taints.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":3},"podSecurityContext":{"$ref":"#/components/schemas/installkubernetesPodSecurityContext"},"containerSecurityContext":{"$ref":"#/components/schemas/installkubernetesSecurityContext"}}},"kubernetesKubernetesComponentSpec":{"description":"KubernetesComponentSpec is a common set of Kubernetes resource configuration\\nfor components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":3}}},"kubernetesKubernetesIstioComponentSpec":{"description":"KubernetesIstioComponentSpec is the common set of Kubernetes resource\\nconfiguration for Istio. It differs from the standard component specs in that\\nit supports CNI configuration.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"CNI":{"$ref":"#/components/schemas/kubernetesCNI"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesJobComponentSpec":{"description":"KubernetesJobComponentSpec is a common set of Kubernetes resource\\nconfiguration for components with a job associated with them.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/installkubernetesDeployment"},"service":{"$ref":"#/components/schemas/installkubernetesService"},"job":{"$ref":"#/components/schemas/kubernetesJob"},"serviceAccount":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"overlays":{"type":"array","title":"Post-render overlays to mutate Kubernetes manifests\\nhttps://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#K8sObjectOverlay","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":4}}},"kubernetesKubernetesSpec":{"description":"KubernetesSpec is a common set of Kubernetes resource configuration for the\\ninstall CRs, that will be common to all of its components.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/kubernetesGlobalDeployment"},"service":{"$ref":"#/components/schemas/kubernetesGlobalService"},"account":{"$ref":"#/components/schemas/installkubernetesServiceAccount"},"job":{"$ref":"#/components/schemas/kubernetesGlobalJob"}}},"operatorv1alpha1IntOrString":{"description":"IntOrString is a type that can hold an int32 or a string.  When used in\\nJSON or YAML marshalling and unmarshalling, it produces or consumes the\\ninner type.  This allows you to have, for example, a JSON field that can\\naccept a name or number.","type":"object","properties":{"type":{"type":"string","format":"int64","x-order":0},"intVal":{"type":"integer","format":"int32","x-order":1},"strVal":{"type":"string","x-order":2}}},"protobufAny":{"type":"object","properties":{"@type":{"type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\n The JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"rpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3},"outputPayloadToHeader":{"description":"This field specifies the header name to output a successfully verified JWT payload to the\\nbackend. The forwarded data is `base64_encoded(jwt_payload_in_JSON)`. If it is not specified,\\nthe payload will not be emitted.","type":"string","x-order":4},"outputClaimToHeaders":{"description":"This field specifies a list of operations to copy the claim to HTTP headers on a successfully verified token.\\nThis differs from the `output_payload_to_header` by allowing outputting individual claims instead of the whole payload.\\nThe header specified in each operation in the list must be unique. Nested claims of type string/int/bool is supported as well.\\n```\\n  outputClaimToHeaders:\\n  - header: x-my-company-jwt-group\\n    claim: my-group\\n  - header: x-test-environment-flag\\n    claim: test-flag\\n  - header: x-jwt-claim-group\\n    claim: nested.key.group\\n```\\n[Experimental] This feature is a experimental feature.\\n\\n[TODO:Update the status whenever this feature is promoted.]","type":"array","items":{"$ref":"#/components/schemas/JWTClaimToHeader"},"x-order":5},"fromHeaders":{"description":"1) The Authorization header using the Bearer schema,\\n       e.g. Authorization: Bearer &lt;token&gt;. (see\\n       [Authorization Request Header\\n       Field](https://tools.ietf.org/html/rfc6750#section-2.1))\\n\\n    2) The `access_token` query parameter (see\\n    [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3))\\n\\nList of header locations from which JWT is expected. For example, below is the location spec\\nif JWT is expected to be found in `x-jwt-assertion` header, and have `Bearer ` prefix:\\n\\n```yaml\\n  fromHeaders:\\n  - name: x-jwt-assertion\\n    prefix: \\"Bearer \\"\\n```\\n\\nNote: Multiple tokens present on the same request are not supported. \\nThe behaviour of authorization policies when there is more than one user identity is undefined","type":"array","title":"This field specifies the locations to extract JWT token.\\nIf no explicit location is specified the following default\\nlocations are tried in order:","items":{"$ref":"#/components/schemas/JWTJWTHeader"},"x-order":6}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":7},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"tsbv2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2Service"},"x-order":1}}},"tsbv2Service":{"type":"object","title":"A Kubernetes or a VM service. These are automatically discovered by\\nthe Service Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"hostname":{"description":"The hostname by which this service is accessed. Can correspond to the\\nhostname of an internal service or that of a virtual host on a gateway.","type":"string","x-order":0},"namespace":{"description":"namespace associated with the service.","type":"string","x-order":1},"selector":{"description":"label selectors associated with the service.","type":"object","additionalProperties":{"type":"string"},"x-order":2},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/ServicePort"},"x-order":3},"kubernetesServiceIp":{"description":"For services running on Kubernetes, the cluster IP of the service in the\\ncluster.","type":"string","x-order":4},"kubernetesExternalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list\\nof lb hostnames or IPs assigned to the service. For services of type\\nnodePort, this field contains the IP addresses of the nodes in the cluster.","type":"array","items":{"type":"string"},"x-order":5},"numKubernetesEndpoints":{"description":"The number of kubernetes pods providing this service. Note that a\\nservice could be hosted on both pods and VMs.","type":"integer","format":"int64","x-order":6},"numVmEndpoints":{"description":"The number of VMs providing this service.","type":"integer","format":"int64","x-order":7},"meshExternal":{"type":"boolean","title":"indicates that this is an external service (service entry MESH_EXTERNAL\\nlocation)","x-order":8},"gatewayHost":{"description":"Indicates that this is a service representing a gateway host (used for\\nmulti-cluster scenarios).","type":"boolean","x-order":9},"numHops":{"description":"The number of hops from the advertising cluster to the ingress\\ngateway that is exposing the gateway host. If the advertiser is the\\ncluster owning the ingress gateway host, the hops is 0. If the\\nadvertiser is a tier1 cluster exposing gateways via internal or\\nexternal Servers, the path hops is 1.","type":"integer","format":"int64","x-order":10},"kubernetesServiceFqdn":{"description":"If this is a gateway host service, this field will indicate the kubernetes\\nservice that is running as a gateway and exposing this host to the outside\\nworld.","type":"string","x-order":11},"name":{"type":"string","title":"Name assigned to the service","x-order":12},"subsets":{"type":"array","title":"Name of subsets defined for this service","items":{"type":"string"},"x-order":13},"canonicalName":{"description":"17 to match xcp api and make conversion easier.","type":"string","title":"The canonical name of the service defined by labels\\n(value of service.istio.io/canonical-name)","x-order":14},"workloads":{"description":"Workloads implementing the Service.","type":"array","items":{"$ref":"#/components/schemas/v2Workload"},"x-order":15},"tier1GatewayHost":{"description":"Indicates that this is a service representing a gateway host acting as a\\ntier1 gateway. This field is being introduced specifically for the\\nhostnames exposed through Tier1Gateway\'s ExternalServers. Fo all other\\nhostnames that are exposed exposed on IngessGateways or Tier1Gateway\'s\\nInternalServers gateway_host field is set to true because that is used for\\nmulticluster routing setup. For ExternalServer hostnames multicluster\\ncluster routing is not setup and hence UI on finding gateway_host as false\\nshows these hostnames as internal services incorrectly. To help UI, this\\nfield is being introduced. UI would look for either gateway_host or\\ntier1_gateway_host to decide if the hostname is a gateway hostname.","type":"boolean","x-order":16},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":17}}},"tsbv2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"typesv2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v1LabelSelector":{"type":"object","title":"A label selector is a label query over a set of resources. The result of matchLabels and\\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\\nlabel selector matches no objects.\\n+structType=atomic","properties":{"matchLabels":{"type":"object","title":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\\nmap is equivalent to an element of matchExpressions, whose key field is \\"key\\", the\\noperator is \\"In\\", and the values array contains only \\"value\\". The requirements are ANDed.\\n+optional","additionalProperties":{"type":"string"},"x-order":0},"matchExpressions":{"type":"array","title":"matchExpressions is a list of label selector requirements. The requirements are ANDed.\\n+optional","items":{"$ref":"#/components/schemas/v1LabelSelectorRequirement"},"x-order":1}}},"v1LabelSelectorRequirement":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that\\nrelates the key and values.","type":"object","properties":{"key":{"type":"string","title":"key is the label key that the selector applies to.\\n+patchMergeKey=key\\n+patchStrategy=merge","x-order":0},"operator":{"description":"operator represents a key\'s relationship to a set of values.\\nValid operators are In, NotIn, Exists and DoesNotExist.","type":"string","x-order":1},"values":{"type":"array","title":"values is an array of string values. If the operator is In or NotIn,\\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\\nthe values array must be empty. This array is replaced during a strategic\\nmerge patch.\\n+optional","items":{"type":"string"},"x-order":2}}},"v1alpha1ControlPlaneComponentSet":{"description":"The set of components that make up the control plane. Use this to override application settings\\nor Kubernetes settings for each individual component.","type":"object","properties":{"collector":{"$ref":"#/components/schemas/v1alpha1OpenTelemetryCollector"},"oap":{"$ref":"#/components/schemas/v1alpha1Oap"},"xcp":{"$ref":"#/components/schemas/controlplanev1alpha1XCP"},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"rateLimitServer":{"$ref":"#/components/schemas/v1alpha1RateLimitServer"},"hpaAdapter":{"$ref":"#/components/schemas/v1alpha1HpaAdapter"},"onboarding":{"$ref":"#/components/schemas/v1alpha1Onboarding"},"satellite":{"$ref":"#/components/schemas/v1alpha1Satellite"},"ngac":{"$ref":"#/components/schemas/v1alpha1NGAC"},"gitops":{"$ref":"#/components/schemas/commonGitOps"},"internalCertProvider":{"$ref":"#/components/schemas/commonInternalCertProvider"},"defaultKubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesSpec"},"wasmfetcher":{"$ref":"#/components/schemas/v1alpha1WASMFetcher"},"defaultLogLevel":{"description":"The default log level for all components if the per component log level config is not specified.\\nNote that the supported log level for different components can be different.","type":"string","x-order":13},"route53Controller":{"$ref":"#/components/schemas/v1alpha1Route53Controller"}}},"v1alpha1ControlPlaneSpec":{"description":"ControlPlaneSpec defines the desired installed state of control plane components.\\nSpecifying a minimal ControlPlaneSpec with hub, clusterName, and managementPlane set\\nwill create an installation with sensible defaults.","type":"object","required":["hub","managementPlane","telemetryStore"],"properties":{"hub":{"description":"TSB container hub path e.g. docker.io/tetrate.","type":"string","x-order":0},"imagePullSecrets":{"description":"Pull secrets can be specified globally for all components, or defined into the `kubeSpec.serviceAccount`\\nof every component if needed. In case both are defined, the most specific one (the one defined at the component)\\nlevel is used.\\n\\nList of references to secrets in the same namespace to use for pulling any\\nimages in pods that reference this ServiceAccount. ImagePullSecrets are\\ndistinct from Secrets because Secrets can be mounted in the pod, but\\nImagePullSecrets are only accessed by the kubelet. More info:\\nhttps://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod\\nhttps://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#service_account-v1-core","type":"array","items":{"$ref":"#/components/schemas/installkubernetesLocalObjectReference"},"x-order":1},"components":{"$ref":"#/components/schemas/v1alpha1ControlPlaneComponentSet"},"providerSettings":{"$ref":"#/components/schemas/v1alpha1ProviderSettings"},"managementPlane":{"$ref":"#/components/schemas/v1alpha1ManagementPlaneSettings"},"meshExpansion":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettings"},"telemetryStore":{"$ref":"#/components/schemas/ControlPlaneSpecTelemetryStore"},"meshObservability":{"$ref":"#/components/schemas/ControlPlaneSpecMeshObservability"},"tier1Cluster":{"description":"**DEPRECATED**: This should not be set through Control plane API\\nInstead use TSB Cluster API.\\nIndicates that this cluster is used for tier1 gateways.\\nTier one clusters can only contain tier 1 gateways.\\nNon-tier1 clusters contain tier2 gateways but not tier 1.","type":"boolean","x-order":8}}},"v1alpha1EKSSettings":{"description":"Settings specific to Elastic Kubernetes Service (EKS).","type":"object","properties":{"useNlbByDefault":{"description":"When true, gateways will be configured to use NLBs with cross zone load\\nbalancing enabled when the load balancer type is not configured. When\\nfalse, no additional annotations will be added.","type":"boolean","x-order":0}}},"v1alpha1ElasticSearchSettings":{"description":"Configure an Elasticsearch connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  telemetryStore:\\n    elastic:\\n      host: elastic\\n      port: 5678\\n      protocol: https\\n      selfSigned: true\\n      version: 7\\n```","type":"object","required":["host","port"],"properties":{"host":{"description":"Elasticsearch host address (can be hostname or IP address).","type":"string","x-order":0},"port":{"description":"Port Elasticsearch is listening on.","type":"integer","format":"int32","x-order":1},"protocol":{"$ref":"#/components/schemas/ElasticSearchSettingsProtocol"},"selfSigned":{"description":"Use Self-Signed certificates. The Self-signed CA bundle and key must be in a secret called es-certs.","type":"boolean","x-order":3},"version":{"description":"DEPRECATED: Major version of the Elasticsearch cluster.\\nCurrently supported Elasticsearch major versions are `6`, `7`, and `8`.","type":"integer","format":"int32","x-order":4}}},"v1alpha1HpaAdapter":{"description":"Kubernetes settings for the OAP (SkyWalking) HPA adapter component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1IsolationBoundary":{"description":"IsolationBoundary is an isolated Istio environment which can spread across \\nmultiple revisioned control plane clusters.\\n\\nExample:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: prod\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.0\\n  - name: staging\\n    revisions:\\n    - name: v1_6_3\\n      istio:\\n        tsbVersion: 1.6.3\\n    - name: v1_6_1\\n      istio:\\n        tsbVersion: 1.6.1\\n        disable: true\\n  ```\\n\\nThe `tsbVersion` field can be left empty, which would then default to the\\ncurrent TSB released version. \\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    istio:\\n    - revisions: stable\\n  ```\\n\\nFor instance, if isolation boundaries are being added in TSB `1.6.1`, the default\\nwould looks something like this:\\n\\n  ```yaml\\n  isolationBoundaries:\\n  - name: global\\n    revisions:\\n    - name: stable\\n      istio:\\n        tsbVersion: 1.6.1\\n  ```","type":"object","required":["name","revisions"],"properties":{"name":{"description":"Name of the IsolationBoundary.","type":"string","x-order":0},"revisions":{"description":"Configure multiple Istio Revisions under the IsolationBoundary.\\nOnce IstioIsolationBoundaries is enabled, for any IsolationBoundary\\nconfigured - there must be atleast one IstioRevision.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1IstioRevision"},"x-order":1}}},"v1alpha1Istio":{"description":"Mesh and Kubernetes settings for Istio.","type":"object","properties":{"tsbVersion":{"description":"Specifies the tsb release version. This is used by the tsb control plane\\noperator in determining the xcp version, which would eventually decide Istio \\nversion.\\n\\nIf not provided explicitly, this defaults to the current tsb version.","type":"string","x-order":0},"mountInternalWasmExtensions":{"description":"When this flag is set, the TSB internal WASM extensions will be mounted into the\\nSidecar, Ingress and Egress gateway pods automatically. These extensions will be loaded\\nas local files instead of being downloaded from a remote OCI registry or HTTP endpoint.\\nThis is currently disabled by default, but in future releases this flag will be enabled\\nby default.","type":"boolean","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesIstioComponentSpec"},"traceSamplingRate":{"description":"The percentage of traces Envoy will sample.","type":"number","format":"double","x-order":3},"defaultWorkloadCertTTL":{"description":"The default TTL of issued workload certificates.\\nThis sets both the default client-side CSR TTL and the default server-side\\nissued certificate TTL.","type":"string","x-order":4},"maxWorkloadCertTTL":{"description":"The maximum TTL that can be set in issued workload certificates.","type":"string","x-order":5},"trustDomain":{"description":"The trust domain corresponds to the trust root of a system. Refer to\\n[SPIFFE-ID](https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#21-trust-domain).\\nIf omitted, TSB will configure the trust domain as\\n`CLUSTER_NAME.tsb.local`, where `CLUSTER_NAME` is the name of the cluster\\nobject in TSB for this control plane.","type":"string","x-order":6},"baseOverlays":{"description":"The overlays applied to the Istio base component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":7},"pilotOverlays":{"description":"The overlays applied to the Istio pilot component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":8},"cniOverlays":{"description":"The overlays applied to the Istio CNI component.\\nSee https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioComponentSetSpec.\\nWhen this is specified, the overlay in `kubeSpec.overlays` are ignored.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1K8sObjectOverlay"},"x-order":9},"logLevels":{"description":"Specifies the global logging level settings for the Istio control plane components.","type":"object","additionalProperties":{"type":"string"},"x-order":10}}},"v1alpha1IstioRevision":{"description":"Istio control plane settings for a specific revision.","type":"object","required":["name","istio"],"properties":{"name":{"description":"Name of the IstioRevision. Must be unique at cluster level, across Isolation\\nBoundaries. The IstioRevision name is used to deploy revisioned Istio control-plane\\ncomponents.\\n\\nNotice that the value constraints here are stricter than the ones in Istio.\\nApparently, Istio validation rules allow values that lead to internal failures\\nat runtime, e.g. values with capital letters or values longer than 56 characters.\\nStricter validation rules here are meant to prevent those hidden pitfalls.","type":"string","x-order":0},"istio":{"$ref":"#/components/schemas/v1alpha1Istio"},"disable":{"description":"If set to `true`, Istio control plane deployment with this revision will be \\ncleaned up from the cluster. This field can be used to clean up revisioned\\ncontrol plane deployment while retaining the configurations in the CR. After\\ncleanup, it can be again set to `false` to re-deploy revisioned control plane.\\nBy default the value is set to `false`.","type":"boolean","x-order":2}}},"v1alpha1JwtAuthenticationConfiguration":{"description":"JwtAuthenticationConfiguration specifies configuration of the workload\\nauthentication by means of an [OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"issuers":{"description":"List of permitted JWT issuers.\\n\\nIf a workload authenticates itself by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nthe issuer of that token must be present in this list, otherwise\\nauthentication attempt will be declined.","type":"array","items":{"$ref":"#/components/schemas/v1alpha1JwtIssuer"},"x-order":0}}},"v1alpha1JwtIssuer":{"description":"JwtIssuer specifies configuration associated with a JWT issuer.","type":"object","required":["issuer","shortName"],"properties":{"issuer":{"description":"JWT `Issuer` identifier.\\n\\nThe value must be a case sensitive URL using the https scheme that contains\\nscheme, host, and optionally, port number and path components and no query\\nor fragment components.\\n\\nE.g., `https://mycompany.corp`, `https://accounts.google.com`,\\n`https://sts.windows.net/9edbd6c9-0e5b-4cfd-afec-fdde27cdd928/`, etc.\\n\\nSee https://openid.net/specs/openid-connect-core-1_0.html#IDToken","type":"string","x-order":0},"jwksUri":{"description":"URL of the JSON Web Key Set document.\\n\\nSource of public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nE.g., `https://mycompany.corp/jwks.json`.\\n\\nWhen unspecified, URL the JSON Web Key Set document will be resolved using\\n[OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nprotocol.","type":"string","x-order":1},"jwks":{"description":"Inlined JSON Web Key Set document.\\n\\nSpecifies public keys the `Workload Onboarding Plane` should use\\nto validate the signature of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"string","x-order":2},"shortName":{"description":"Unique short name associated with the issuer.\\n\\nThe value must consist of lower case alphanumeric characters and hyphen (`-`).\\n\\nSince this value will be included into the auto-generated name of the\\n`WorkloadAutoRegistration` resource, keep it as short as possible.\\n\\nE.g., `my-corp`, `prod`, `test`, etc.","type":"string","x-order":3},"tokenFields":{"$ref":"#/components/schemas/v1alpha1JwtTokenFields"}}},"v1alpha1JwtTokenField":{"description":"JwtTokenField specifies a custom field included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","required":["jsonPath"],"properties":{"jsonPath":{"description":"Simple JSON Path which is evaluated against custom claims of the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken)\\nto produce the value of the field.\\n\\nE.g., `.custom_attributes`, `.google.compute_engine`, etc.\\n\\nJSON Path must start either from `.` or from `$`. Use of `$` is mandatory\\nwhen followed by the array notation.\\n\\nE.g., `$[\'custom_attributes\']`, `$[\'google\'].compute_engine`, etc.\\n\\nSpecial symbols (such as `.` or ` `) in property names must be escaped.\\n\\nE.g., `.custom\\\\.attributes`, `$[\'custom\\\\.attributes\']`, etc.\\n\\nSee https://goessner.net/articles/JsonPath/","type":"string","x-order":0}}},"v1alpha1JwtTokenFields":{"description":"JwtTokenFields specifies custom fields included into the\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).","type":"object","properties":{"attributes":{"$ref":"#/components/schemas/v1alpha1JwtTokenField"}}},"v1alpha1K8sObjectOverlay":{"description":"Patch for an existing k8s resource.","type":"object","properties":{"apiVersion":{"description":"Resource API version.","type":"string","x-order":0},"kind":{"description":"Resource kind.","type":"string","x-order":1},"name":{"description":"Name of resource.\\nNamespace is always the component namespace.","type":"string","x-order":2},"patches":{"description":"List of patches to apply to resource.","type":"array","items":{"$ref":"#/components/schemas/K8sObjectOverlayPathValue"},"x-order":3}}},"v1alpha1ManagementPlaneSettings":{"description":"Configure the management plane connection.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  managementPlane:\\n    host: tsb.tetrate.io\\n    port: 8443\\n    selfSigned: true\\n    clusterName: control-plane-cluster\\n```","type":"object","required":["host","port","clusterName"],"properties":{"host":{"description":"Management plane host address (can be hostname or IPv4/IPv6 address).","type":"string","x-order":0},"port":{"description":"Port management plane is listening on.","type":"integer","format":"int32","x-order":1},"selfSigned":{"description":"Management plane uses a self signed or private TLS certificate.\\nIf true, the CA bundle used to verify the MP\'s TLS certificate must be in\\na secret `mp-certs` under the key `ca.crt`.","type":"boolean","x-order":2},"clusterName":{"description":"The name of the Cluster object that was created in the Management Plane representing this Control Plane\\ncluster.","type":"string","x-order":3}}},"v1alpha1MeshExpansionSettings":{"description":"Configure mesh expansion to connect workloads external to Kubernetes to the mesh.\\n\\nTo enable mesh expansion set it to an empty object:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion: {}\\n```\\n\\nIf external workloads are unable to communicate with the default mesh expansion gateway via external IPs or hostnames,\\nthen you must specify the gateway that enables them to do so. This custom gateway must be configured to forward this communication\\nto the VM gateway service:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    customGateway:\\n      host: customgateway.tetrate.io\\n      port: 15443\\n```\\n\\nTo automate onboarding of workloads from auto-scaling groups of VMs, you need\\nto enable the `Workload Onboarding Plane`.\\n\\n`Workload Onboarding Agent`, a component that you install next to the workload,\\nwill connect to the `Workload Onboarding Plane` to authenticate itself, ask\\npermission to join the mesh, register the workload into the mesh and retrieve\\nboot configuration required to start `Istio Sidecar`.\\n\\nAll communication between the `Workload Onboarding Agent` and the\\n`Workload Onboarding Plane` must occur over TLS.\\n\\nTherefore, to enable `Workload Onboarding Plane` you must provide a TLS\\ncertificate for the endpoint that exposes `Workload Onboarding API` to\\n`Workload Onboarding Agents`.\\n\\nMake sure that TLS certificate is signed by the certificate authority known\\nto `Workload Onboarding Agents`.\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      tokenIssuer:\\n        jwt:\\n          expiration: 1h\\n      localRepository: {}\\n```\\n\\nTo onboard workloads from custom on-premise environments, you can leverage support for\\n[OIDC ID Tokens](https://openid.net/specs/openid-connect-core-1_0.html#IDToken).\\n\\nIf workloads in your custom environment can authenticate themselves by means of an\\n[OIDC ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken),\\nyou can define a list of JWT issuers permitted by the `Workload Onboarding Plane`.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        authentication:\\n          jwt:\\n            issuers:\\n            - issuer: \\"https://mycompany.corp\\"\\n              jwksUri: \\"https://mycompany.corp/jwks.json\\"\\n              shortName: \\"mycorp\\"\\n              tokenFields:\\n                attributes:\\n                  jsonPath: .custom_attributes\\n```\\n\\nTo ensure there will be no traffic loss when an onboarded workload gets\\nshutdown, you can configure the time period to delay the shutdown for\\nafter deregistering the workload from the mesh, which will give\\nenough time to reconfigure all affected mesh nodes to not load balance\\nrequests to the deregistered workload before it becomes unavailable.\\n\\nFor example,\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  meshExpansion:\\n    onboarding:\\n      endpoint:\\n        hosts:\\n        - onboarding.example.org\\n        secretName: onboarding-tls-cert\\n      localRepository: {}\\n      workloads:\\n        deregistration:\\n          propagationDelay: 15s\\n```","type":"object","properties":{"customGateway":{"$ref":"#/components/schemas/MeshExpansionSettingsGateway"},"onboarding":{"$ref":"#/components/schemas/v1alpha1MeshExpansionSettingsOnboardingPlane"}}},"v1alpha1MeshExpansionSettingsOnboardingPlane":{"description":"Configuration of the `Workload Onboarding Plane`.","type":"object","required":["endpoint"],"properties":{"uid":{"description":"Unique identifier of this particular installation of the `Workload Onboarding Plane`.\\n\\nIs used in the workload authentication flow to prevent replay attacks\\nthat abuse compromised workload credentials intended for a different\\ninstallation of the `Workload Onboarding Plane`.\\n\\nDefaults to an auto-generated UUID.","type":"string","x-order":0},"endpoint":{"$ref":"#/components/schemas/OnboardingPlaneEndpoint"},"tokenIssuer":{"$ref":"#/components/schemas/OnboardingPlaneTokenIssuer"},"localRepository":{"$ref":"#/components/schemas/OnboardingPlaneLocalRepository"},"workloads":{"$ref":"#/components/schemas/v1alpha1WorkloadConfiguration"}}},"v1alpha1NGAC":{"description":"Kubernetes settings for the NGAC component.","type":"object","properties":{"enabled":{"description":"NGAC is an experimental component. If enabled is false, this component will\\nnot be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"v1alpha1Oap":{"description":"Kubernetes settings for the OAP (SkyWalking) component.","type":"object","properties":{"streamingLogEnabled":{"description":"Feature flag to determine whether on-demand streaming logs should be\\nenabled.","type":"boolean","x-order":0},"onDemandEnvoyMetricsEnabled":{"description":"Feature flag to determine whether on-demand envoy metrics should be\\nenabled. If enabled, the envoy proxy will provide a set of metrics that can\\nbe queried using the metrics service. OAP will provide a query API that can\\nbe used to collect envoy proxy metrics for specific pods. This is only for\\ntemporary and real-time queries that can be used, for example, for\\napplication troubleshooting use cases. These metrics are not persisted.","type":"boolean","x-order":1},"storageIndexMergingEnabled":{"description":"Feature flag to determine whether metrics/meter and records should be shard into multi-physical indices, or\\ninstead if they should be merged into a single physical index.\\nBy default \\"false\\", metric/meter and records are sharded into multi-physical indices.\\nInstead of sharding, if enabled by setting it to \\"true\\", metrics/meter and records will be merged\\ninto one physical index template `metrics-all` and `records-all`.\\nThis feature flag must be set on all clusters and have the same value as the management plane\'s one,\\notherwise control plane observability data could be written to the wrong or not existing index.\\nIn this storage mode, user can adjust each concrete index should have to scale out by setting\\n`storageSpecificIndexSettings` field in the management plane install manifest.","type":"boolean","x-order":2},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OAP component.\\nSupported log level: \\"all\\", \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"fatal\\", \\"off\\" and \\"trace\\".","type":"string","x-order":4}}},"v1alpha1Onboarding":{"description":"Settings for the `Workload Onboarding` component.","type":"object","properties":{"operator":{"$ref":"#/components/schemas/v1alpha1OnboardingOperator"},"repository":{"$ref":"#/components/schemas/v1alpha1OnboardingRepository"},"plane":{"$ref":"#/components/schemas/controlplanev1alpha1OnboardingPlane"}}},"v1alpha1OnboardingOperator":{"description":"Kubernetes settings for the `Workload Onboarding Operator` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingPlaneInstance":{"description":"Kubernetes settings for the `Workload Onboarding Plane Instance` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log level: \\"none\\", \\"error\\", \\"warn\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v1alpha1OnboardingRepository":{"description":"Kubernetes settings for the `Workload Onboarding Repository` component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1OpenTelemetryCollector":{"description":"Kubernetes settings for the OpenTelemetryCollector component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for OTEL collector component.\\nSupported log level: \\"debug\\", \\"info\\", \\"warn\\", \\"error\\", \\"dpanic\\", \\"panic\\", and \\"fatal\\".","type":"string","x-order":1}}},"v1alpha1Operator":{"description":"Operator values for the TSB operator application.","type":"object","properties":{"deployment":{"$ref":"#/components/schemas/v1alpha1OperatorDeployment"},"service":{"$ref":"#/components/schemas/v1alpha1OperatorService"},"serviceAccount":{"$ref":"#/components/schemas/v1alpha1OperatorServiceAccount"}}},"v1alpha1OperatorDeployment":{"description":"Values for the TSB operator deployment.","type":"object","properties":{"affinity":{"$ref":"#/components/schemas/installkubernetesAffinity"},"annotations":{"type":"object","title":"Custom collection of annotations to add to the deployment.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":1},"env":{"type":"array","title":"Custom collection of environment vars to add to the container.\\nhttps://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/","items":{"$ref":"#/components/schemas/installkubernetesEnvVar"},"x-order":2},"podAnnotations":{"description":"Custom collection of annotations to add to the pod.","type":"object","additionalProperties":{"type":"string"},"x-order":3},"replicaCount":{"description":"Number of replicas managed by the deployment.","type":"integer","format":"int32","x-order":4},"strategy":{"$ref":"#/components/schemas/installkubernetesDeploymentStrategy"},"tolerations":{"type":"array","title":"Toleration collection applying to the pod scheduling.\\nhttps://kubernetes.io/docs/concepts/configuration/taint-and-toleration/","items":{"$ref":"#/components/schemas/corev1Toleration"},"x-order":6}}},"v1alpha1OperatorService":{"description":"Values for the TSB operator service.","type":"object","properties":{"annotations":{"type":"object","title":"Custom collection of annotations to add to the service.\\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/","additionalProperties":{"type":"string"},"x-order":0}}},"v1alpha1OperatorServiceAccount":{"description":"Values for the TSB operator service account.","type":"object","properties":{"annotations":{"description":"Custom collection of annotations to add to the service account.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"imagePullSecrets":{"description":"Collection of secrets names required to be able to pull images from the registry.","type":"array","items":{"type":"string"},"x-order":1},"pullSecret":{"type":"string","title":"A Docker config JSON to be stored in a secret to be used as an image pull secret. If this secret is provided,\\nit will be included in the operator service account as reference.\\nhttps://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line","x-order":2},"pullUsername":{"description":"Used along pull password and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":3},"pullPassword":{"description":"Used along pull username and the provided image registry to generate a Docker config JSON that\\nwill be stored as a pull secret.","type":"string","x-order":4}}},"v1alpha1ProviderSettings":{"description":"Configure Kubernetes provider specific settings.\\n\\nFor example to configure EKS to use network load balancers (NLB) by default:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    eks:\\n      useNlbByDefault: true\\n\\n```\\n\\nTo configure Route53 the only option that you must specify is the Service Account name to use for IAM role.\\nYou should create the Service Account before enabling the Route53 integration controller. You can do that using `eksctl`. Example:\\n\\n```bash\\n   SA_NAME=route53-controller\\n   CP_NAMESPACE=istio-system\\n   eksctl create iamserviceaccount \\\\\\n   --cluster $EKS_CLUSTER_NAME \\\\\\n   --name $SA_NAME \\\\\\n   --namespace $CP_NAMESPACE \\\\\\n   --attach-policy-arn $POLICY_ARN \\\\\\n   --approve\\n```\\n\\nwhere:\\n* $EKS_CLUSTER_NAME is the name of the EKS cluster.\\n* $SA_NAME is the name of the Service Account to create.\\n* $CP_NAMESPACE is the namespace where the Control Plane is installed. Usually istio-system.\\n* $POLICY_ARN is the ARN of the policy to attach to the Service Account - the policy should allow the Service Account\\n  to manage Route53 resources.\\n\\nMore details can be found in the [Publishing a Service docs](https://docs-preview.tetrate.io/service-express/Tech-Preview/getting-started/publish-service)\\n\\nAfter creating the Service Account you can enable the Route53 integration controller using the following configuration:\\n\\n```yaml\\napiVersion: install.tetrate.io/v1alpha1\\nkind: ControlPlane\\nmetadata:\\n  name: controlplane\\n  namespace: istio-system\\nspec:\\n  providerSettings:\\n    route53:\\n      serviceAccountName: $SA_NAME\\n```","type":"object","properties":{"eks":{"$ref":"#/components/schemas/v1alpha1EKSSettings"},"route53":{"$ref":"#/components/schemas/v1alpha1Route53Settings"}}},"v1alpha1RateLimitServer":{"type":"object","title":"Configuration settings for the RateLimit Server","required":["backend"],"properties":{"backend":{"$ref":"#/components/schemas/RateLimitServerBackend"},"domain":{"description":"The domain field allows ratelimits to be namespaced to\\na certain domain. To support common ratelimits across multiple clusters\\nset this string to a common value, across them. This assumes that the same\\nbackend (uri) is being used.\\nBy default the domain is set to the name of the control plane cluster.","type":"string","x-order":1},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Controller":{"description":"Kubernetes settings for the Route53 Integration Controller component.","type":"object","properties":{"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"}}},"v1alpha1Route53Settings":{"description":"Settings for integration with Route53 service.","type":"object","required":["serviceAccountName"],"properties":{"serviceAccountName":{"description":"Service account name to use for IAM role. Required.","type":"string","x-order":0},"namespaceSelector":{"$ref":"#/components/schemas/v1alpha1Route53SettingsNamespaceSelector"},"policy":{"$ref":"#/components/schemas/Route53SettingsPolicy"},"domainFilter":{"description":"Limit possible target zones by a domain suffix; specify multiple times for multiple domains. Optional.","type":"array","items":{"type":"string"},"x-order":3},"interval":{"description":"Duration of interval between individual synchronizations. Default: 60s.","type":"string","x-order":4},"ttl":{"description":"Default TTL (in seconds) value for DNS records. Default: 300.","type":"string","format":"int64","x-order":5},"evaluateTargetHealth":{"description":"Control whether to evaluate the health of a DNS target. Default: true.","type":"boolean","x-order":6},"filterSettings":{"$ref":"#/components/schemas/Route53SettingsFilterSettings"}}},"v1alpha1Route53SettingsNamespaceSelector":{"description":"NamespaceSelector specifies which namespaces controller will watch.","type":"object","properties":{"namespace":{"description":"Specifies the namespace to watch for resources. Mutually exclusive with `ignore_namespaces`.\\nIf not specified (\\"\\"), all namespaces will be watched which is the default.","type":"string","x-order":0},"ignoreNamespaces":{"description":"Comma separated list of namespaces to ignore when watching for DNS endpoints. When using this option remember\\nto include the name of the namespace in which Control Plane is installed. If Management Plane is installed in the same cluster\\ninclude the namespace name in this option as well.\\nMutually exclusive with `namespace`.\\nDefault: the namespace where the controller is running, usually `istio-system`.","type":"string","x-order":1}}},"v1alpha1Satellite":{"description":"Kubernetes settings for the Satellite (SkyWalking-Satellite) component.","type":"object","properties":{"enabled":{"description":"Satellite is an optional component. If enabled is false, this component\\nwill not be installed.","type":"boolean","x-order":0},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevel":{"description":"Specifies the log level for the component.\\nSupported log level: \\"panic\\", \\"fatal\\", \\"info\\", \\"warn\\", \\"error\\", \\"debug\\" and \\"trace\\".","type":"string","x-order":2}}},"v1alpha1Secrets":{"description":"Secrets available in the ControlPlane installation.","type":"object","properties":{"tsb":{"$ref":"#/components/schemas/SecretsTSB"},"elasticsearch":{"$ref":"#/components/schemas/SecretsElasticSearch"},"xcp":{"$ref":"#/components/schemas/v1alpha1SecretsXCP"},"clusterServiceAccount":{"$ref":"#/components/schemas/SecretsClusterServiceAccount"}}},"v1alpha1SecretsXCP":{"description":"Secrets to reach the XCP Central in the Management Plane.","type":"object","properties":{"autoGenerateCerts":{"description":"Enabling this will auto generate XCP Edge certificate if mTLS is enabled to authenticate to XCP Central. Requires cert-manager.","type":"boolean","x-order":0},"rootca":{"description":"CA certificate of XCP components.","type":"string","x-order":1},"rootcakey":{"description":"Key of the CA certificate of XCP components.","type":"string","x-order":2},"edge":{"$ref":"#/components/schemas/XCPEdge"}}},"v1alpha1Values":{"description":"Values available for the TSB Control Plane chart.\\nThis is an alpha API, so future versions could include breaking changes.","type":"object","properties":{"image":{"$ref":"#/components/schemas/commonv1alpha1Image"},"spec":{"$ref":"#/components/schemas/v1alpha1ControlPlaneSpec"},"secrets":{"$ref":"#/components/schemas/v1alpha1Secrets"},"operator":{"$ref":"#/components/schemas/v1alpha1Operator"}}},"v1alpha1WASMFetcher":{"description":"Settings for the WASM Fetcher component.","type":"object","properties":{"cacheDisableInsecureRegistries":{"description":"Denies insecure registries to be used for fetching WASM modules. Defaults to `false`.","type":"boolean","x-order":0},"cacheExpiration":{"description":"WASM Module cache expiration time. Defaults to `24h`.","type":"string","x-order":1},"cacheMaxRetries":{"description":"Maximum number of retries when fetching WASM modules from the OCI registry. Defaults to `5`.","type":"integer","format":"int32","x-order":2},"cachePurgeInterval":{"description":"WASM cache purge interval to periodically clean up the stale WASM modules. Defaults to `1h`.","type":"string","x-order":3},"cacheRequestTimeout":{"description":"Specifies the timeout used when retrieving the WASM plugin from the OCI registry. Defaults to `15s`.","type":"string","x-order":4},"kubeSpec":{"$ref":"#/components/schemas/kubernetesKubernetesComponentSpec"},"logLevels":{"description":"The log level configuration by scopes.\\nSupported log levels: \\"none\\", \\"error\\", \\"info\\", \\"debug\\".","type":"object","additionalProperties":{"type":"string"},"x-order":6}}},"v1alpha1WorkloadAuthenticationConfiguration":{"description":"WorkloadAuthenticationConfiguration specifies configuration of the workload\\nauthentication.","type":"object","properties":{"jwt":{"$ref":"#/components/schemas/v1alpha1JwtAuthenticationConfiguration"}}},"v1alpha1WorkloadConfiguration":{"description":"WorkloadConfiguration specifies configuration of the workload handling.","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/v1alpha1WorkloadAuthenticationConfiguration"},"deregistration":{"$ref":"#/components/schemas/v1alpha1WorkloadDeregistrationConfiguration"}}},"v1alpha1WorkloadDeregistrationConfiguration":{"description":"WorkloadDeregistrationConfiguration specifies configuration of the workload\\nderegistration.","type":"object","properties":{"propagationDelay":{"description":"Estimated amount of time it takes to propagate the unregistration event\\nacross all affected mesh nodes.\\n\\nDuring this time interval affected proxies will continue making requests\\nto the deregistered workload until the respective configuration update\\narrives.\\n\\nTo prevent traffic loss, `Workload Onboarding Agent` SHOULD delay shutdown\\nof the the workload\'s sidecar for that time period.\\n\\nAs a rule of thumb, this value should remain relatively small, e.g. under\\n15 seconds. The reason for this is that shutdown flow on the workload\'s side\\nis time-boxed. E.g., on VMs there is a stop timeout enforced by SystemD,\\nwhile on AWS ECS there is a stop timeout enforced by ECS Agent. If you pick\\na delay value that is too big, `Workload Onboarding Agent` will delay\\nshutdown of the sidecar for too long; as a result sidecar risks to get\\nterminated abruptly instead of graceful connection draining.\\n\\nDefaults to `10s`.","type":"string","x-order":0}}},"v2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\n\\nList of ingress gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true},"httpServers":{"description":"List of gateways servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":9,"readOnly":true}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nanother application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/AuthenticationJWT"},"rules":{"$ref":"#/components/schemas/AuthenticationRules"}}},"v2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/v2Authentication"}}},"v2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/AuthorizationLocalAuthz"}}},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":2}}},"v2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"}}},"v2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"v2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"secretName":{"description":"TLS key source from a Kubernetes Secret.\\nThis is applicable for gateway workloads.","type":"string","x-order":2},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":3}}},"v2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Indicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/tsbv2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/v2Locality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/ClusterState"},"serviceAccount":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"installTemplate":{"$ref":"#/components/schemas/ClusterInstallTemplate"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.\\n\\nDeprecated: The `network` field is deprecated and will be removed in future releases.\\nOnly `labels` matching against the cluster object is supported.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/v2ConfigEventsEvent"},"x-order":0}}},"v2ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"v2ConfigGenerationMetadata":{"description":"`ConfigGenerationMetadata` allows to setup extra metadata that will be added in the final Istio generated configurations.\\nLike new labels or annotations.\\nDefining the config generation metadata in tenancy resources (like organization, tenant, workspace or groups) works as default\\nvalues for those configs that belong to it.\\nDefining same config generation metadata in configuration resources (like ingress gateways, service routes, etc.) will replace the\\nones defined in the tenancy resources.","type":"object","properties":{"labels":{"description":"Set of key value paris that will be added into the `metadata.labels` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"annotations":{"description":"Set of key value paris that will be added into the `metadata.annotations` field of the Istio generated configurations.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExposedBy":{"description":"The exposer of an HTTPEndpoint.","type":"object","properties":{"service":{"description":"The FQN of the service in the service registry that is exposing a concrete endpoint.","type":"string","x-order":0,"readOnly":true},"clusterGroup":{"$ref":"#/components/schemas/v2ExposedByClusters"}}},"v2ExposedByCluster":{"description":"ExposedByCluster is a cluster or set of clusters identified by the labels that are\\nexposing an endpoint.","type":"object","properties":{"name":{"description":"The name of the cluster exposing the endpoint. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as an exposer. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"The weight for traffic to a cluster exposing the endpoint.","type":"integer","format":"int64","x-order":2}}},"v2ExposedByClusters":{"description":"ExposedByClusters represents the clusters that are exposing a concrete endpoint.","type":"object","properties":{"clusters":{"description":"The clusters that contain gateways exposing the HTTPEndpoint.","type":"array","items":{"$ref":"#/components/schemas/v2ExposedByCluster"},"x-order":0}}},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2Gateway":{"description":"The `Gateway` configuration combines the functionalities of both the existing `Tier1Gateway` and `IngressGateway`,\\nproviding a unified approach for configuring a workload as a gateway in the mesh.\\n\\nEach server within the `Gateway` is configured to route requests to either destination clusters or services,\\nbut configuring one server to route requests to a destination cluster and another server to route requests to a service\\nis not supported.\\n\\nTo ensure consistency and compatibility, the `Gateway` configuration requires that all servers within the gateway\\neither forward traffic to other clusters, similar to a `Tier1Gateway`, or route traffic to specific services, similar\\nto an `IngressGateway`.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, rate limiting, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HTTP"},"x-order":5},"tls":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLS"},"x-order":6},"tcp":{"description":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS.","type":"array","items":{"$ref":"#/components/schemas/v2TCP"},"x-order":7},"wasmPlugins":{"description":"WasmPlugins specifies all the WasmExtensionAttachment assigned to this Gateway\\nwith the specific configuration for each plugin. This custom configuration\\nwill override the one configured globally to the plugin.\\nEach plugin has a global configuration including priority\\nthat will condition the execution of the assigned plugins.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":0}}},"v2GlobalTrafficSelector":{"description":"GlobalTrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled. This setting applies to all WASM\\nExtension attachments. These selectors can be overridden at attachments.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTP":{"description":"`HTTP` describes the properties of a HTTP server exposed on gateway.","type":"object","required":["name","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed at the gateway workload(pod).\\nIf the k8s service, which is fronting the workload pod, has TargetPort as 8443 for the Port 443,\\nthis could be configured as 8443 or 443.\\n\\nTwo servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRoutingConfig"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.","type":"boolean","x-order":8}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"DEPRECATED: For new created APIs, the exposed servers will be available at httpServers.\\nFor APIs created before version 1.7, will still be available in this field.\\nThe FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true},"exposedBy":{"$ref":"#/components/schemas/v2ExposedBy"}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute is used to set HTTP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of HTTPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where HTTP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HostsReachability":{"description":"`HostsReachability` defines the list of gateway hosts that this workspace can reach.\\nIn multicluster deployments, hosts are reachable to all namespaces(`*`) by default.\\nHowever, this may not always be necessary, as clients may only be present in a few namespaces.\\nBy configuring this, a list of namespaces can be limited to the namespaces configured in the workspace.\\nWorkspaces with no hosts reachability configuration are considered to have reachable to all hosts.","type":"object","required":["hostnames"],"properties":{"hostnames":{"description":"The Gateway hostname that can be one of the following. Hostnames should match hosts configured in the Gateway.\\n\\n- Exact hostnames.\\nFor example, `echo.tetrate.io`.\\n\\n- Prefix hostnames.\\nFor example, `echo`. Hosts starting with `echo` are considered.\\n\\n- Regex hostnames.\\nFor example, `^echo.*io$`. Hosts starting with `echo` and ending with `io` are considered.\\n\\n- List can be empty `[]`.\\nWorkspaces with explicitly empty hostnames are considered to not want to see any hosts.","type":"array","items":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouteRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"disableExternalAuthorization":{"description":"If set to true, external authorization is disabled on this route\\nwhen the hostname is configured with external authorization.","type":"boolean","x-order":4}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpRoutingConfig":{"description":"`HttpRoutingConfig` defines a list of HTTP route rules that determine how incoming requests are routed.","type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/v2HttpRouteRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/KeepAliveSettingsTcpKeepAliveSettings"}}},"v2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/v2API"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/v2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListGatewaysResponse":{"description":"List of all Gateway objects in the gateway group.","type":"object","properties":{"gateways":{"description":"List of all Gateway objects.","type":"array","items":{"$ref":"#/components/schemas/v2Gateway"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"List of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/tsbv2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/v2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/LocalAuthzRuleHttpOperation"},"x-order":2}}},"v2Locality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/v2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":4},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"v2PortSelector":{"description":"PortSelector is the criteria for specifying if a policy can be applied to\\na listener having a specific port.","type":"object","required":["number"],"properties":{"number":{"type":"integer","format":"int64","title":"Port number","x-order":0}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"Timeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"tcpKeepalive":{"description":"Deprecated. This field will be removed in upcoming releases.\\nPlease use the `keep_alive` field instead.\\nIf enabled, sets SO_KEEPALIVE on the socket to enable TCP keepalive.","type":"boolean","x-order":2},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/ResilienceSettingsSensitivity"}}},"v2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":4}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2RouteTo":{"description":"RouteTo defines the how the traffic has been forwarded for the given request.\\nOne of `ClusterDestination` or `ServiceDestination` must be specified.","type":"object","properties":{"clusterDestination":{"$ref":"#/components/schemas/v2RouteToClusters"},"serviceDestination":{"$ref":"#/components/schemas/v2RouteToService"}}},"v2RouteToClusters":{"description":"RouteToClusters represents the clusters where the request\\nneeds to be routed to from the gateway.","type":"object","properties":{"clusters":{"description":"The destination clusters that contain ingress gateways exposing the hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":0}}},"v2RouteToService":{"description":"RouteToService represents the service running in clusters.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;`.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port.","type":"integer","format":"int64","x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"},"minProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"maxProtocolVersion":{"$ref":"#/components/schemas/v2TLSProtocol"},"cipherSuites":{"type":"array","title":"List of cipher suites to be used for TLS connections.\\nExamples of cipher suites:\\n- \\"TLS_RSA_WITH_AES_256_CBC_SHA\\"\\n- \\"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\\"\\n- \\"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\\"\\n- \\"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256\\"\\n- \\"TLS_RSA_WITH_3DES_EDE_CBC_SHA\\"","items":{"type":"string"},"x-order":5},"subjectAltNames":{"description":"List of Subject Alternative Names (SAN) from the client\'s certificate that are accepted\\nfor client identity verification during the TLS handshake.","type":"array","items":{"type":"string"},"x-order":6}}},"v2ServerTLSSettingsTLSMode":{"type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/v2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/v2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"type":"string","title":"The canonical name of the service defined by user","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15}}},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"type":"string","title":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"},"x-order":6},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh and has a proxy we can configure.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"v2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCP":{"description":"A TCP server exposed in a gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway.","type":"object","required":["name","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nIf the `transit` flag is set to true, populating the `port` will lead to an error,\\nas the server is considered internal to the mesh. TSB will automatically \\nconfigure mTLS port(15443) for east-west multicluster traffic.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2RouteTo"},"transit":{"description":"If set to true, the server is configured to be exposed within the mesh.\\nThis configuration enables forwarding traffic between two clusters that are not directly reachable.","type":"boolean","x-order":5}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLS":{"description":"A TLS server exposed in a gateway. For TLS servers, the gateways do not terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The \\"hostname:port\\" must be unique across all gateways in the cluster in order for\\nmulticluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2RouteTo"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLSProtocol":{"description":"Enumeration for TLS protocol versions.","type":"string","default":"TLS_AUTO","enum":["TLS_AUTO","TLSV1_0","TLSV1_1","TLSV1_2","TLSV1_3"]},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":5},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficSelector":{"description":"TrafficSelector provides a mechanism to select a specific traffic flow\\nfor which this Wasm Extension will be enabled.\\nWhen all the sub conditions in the TrafficSelector are satisfied, the\\ntraffic will be selected.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2WorkloadMode"},"ports":{"description":"Criteria for selecting traffic by their destination port.\\nMore specifically, for the outbound traffic, the destination port would be\\nthe port of the target service. On the other hand, for the inbound traffic,\\nthe destination port is the port bound by the server process in the same Pod.\\n\\nIf one of the given `ports` is matched, this condition is evaluated to true.\\nIf not specified, this condition is evaluated to true for any port.","type":"array","items":{"$ref":"#/components/schemas/v2PortSelector"},"x-order":1}}},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/v2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["url"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Deprecated. Use the `url` field instead.\\nRepository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret that contains a docker pull secret which is to be used\\nto authenticate against the registry when pulling the image.\\nIf TSB is configured to use the WASM download proxy, this secret must exist in\\nthe `istio-system` namespace of each cluster that has applications that use the\\nextension. If the downlaod proxy is disabled, the secret must exist in each\\napplication namespace that is using the extension.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"},"url":{"description":"URL of a Wasm module or OCI container. If no scheme is present, defaults to oci://, referencing an OCI image.\\nOther valid schemes are file:// for referencing .wasm module files present locally within the proxy container,\\nand http[s]:// for .wasm module files hosted remotely.","type":"string","x-order":13},"match":{"$ref":"#/components/schemas/v2GlobalTrafficSelector"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.\\nMatch configuration allows you to specify which traffic is sent through the Wasm\\nextension. Users can select the traffic based on different workload modes and ports.\\n\\n```yaml\\napiVersion: gateway.tsb.tetrate.io/v2\\nkind: IngressGateway\\nmetadata:\\n  name: ingress-bookinfo\\n  group: g1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  workloadSelector:\\n  namespace: ns1\\n  labels:\\n    app: gateway\\n  extension:\\n  - fqn: hello-world # fqn of imported extensions in TSB\\n    config:\\n      foo: bar\\n    match:\\n    - ports:\\n      - number: 80\\n      mode: CLIENT_AND_SERVER\\n  http:\\n  - name: bookinfo\\n    port: 80\\n    hostname: bookinfo.com\\n    routing:\\n      rules:\\n      - route:\\n        host: ns1/productpage.ns1.svc.cluster.local\\n```","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1},"match":{"description":"Specifies the criteria to determine which traffic is passed to WasmExtension.\\nIf a traffic satisfies any of TrafficSelectors,\\nthe traffic passes to the WasmExtension.","type":"array","items":{"$ref":"#/components/schemas/v2TrafficSelector"},"x-order":2}}},"v2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"v2WorkloadMode":{"description":"WorkloadMode allows selection of the role of the underlying workload in\\nnetwork traffic. A workload is considered as acting as a SERVER if it is\\nthe destination of the traffic (that is, traffic direction, from the\\nperspective of the workload is *inbound*). If the workload is the source of\\nthe network traffic, it is considered to be in CLIENT mode (traffic is\\n*outbound* from the workload).\\n\\n - UNDEFINED: Default value, which will be interpreted by its own usage.\\n - CLIENT: Selects for scenarios when the workload is the\\nsource of the network traffic. In addition,\\nif the workload is a gateway, selects this.\\n - SERVER: Selects for scenarios when the workload is the\\ndestination of the network traffic.\\n - CLIENT_AND_SERVER: Selects for scenarios when the workload is either the\\nsource or destination of the network traffic.","type":"string","default":"UNDEFINED","enum":["UNDEFINED","CLIENT","SERVER","CLIENT_AND_SERVER"]},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/typesv2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7},"deletionProtectionEnabled":{"description":"When set, prevents the resource from being deleted. In order to delete the resource this\\nproperty needs to be set to `false` first.","type":"boolean","x-order":8},"configGenerationMetadata":{"$ref":"#/components/schemas/v2ConfigGenerationMetadata"}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7},"hostsReachability":{"$ref":"#/components/schemas/v2HostsReachability"}}}}}}},"1_6_x":{"url":"service-bridge/generated/openapi/1.6.x/openapiv3.json","themeId":"theme-redoc","isSpecFile":false,"spec":{"openapi":"3.0.0","info":{"description":"Tetrate Service Bridge API.","title":"Tetrate Service Bridge API","contact":{"name":"Tetrate Service Bridge","url":"https://www.tetrate.io/tetrate-service-bridge/"},"version":"1.6.x"},"paths":{"/v2/admin/rbac/policy":{"get":{"tags":["Policy"],"summary":"Get the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_GetRBACPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the global RBAC access policy.\\nThe global RBAC access policy configures who can manage the Role objects in TSB.","operationId":"Policy_SetRBACPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/admin/root/policy":{"get":{"tags":["Policy"],"summary":"Get the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_GetRootPolicy","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the root access policy.\\nThe root access policy configures global permissions for the platform. Subjects\\nassigned to a root policy will be granted the permissions described in the policy\\nto all objects ion TSB.","operationId":"Policy_SetRootPolicy","requestBody":{"$ref":"#/components/requestBodies/v2AccessPolicy"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/lookup/services":{"post":{"tags":["Lookup"],"summary":"Get all the services in the registry that are part of the given selector.\\nThis method can be used to resolve the registered services that are part of a workspace\\nor group.\\nThis method can be also used to figure out how applying a selector could affect\\nthe platform and have an understanding of which of the existing services would be\\nincluded in the selection.","operationId":"Lookup_Services","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupRequest"}}},"description":"Request for all the services in the registry that are part of the given selector.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/callback":{"get":{"tags":["OIDC"],"summary":"Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.","operationId":"OIDC_Callback","parameters":[{"description":"OAuth2 Authorization Code.\\nWhen present this indicates the user authorized the request. TSB will use this code\\nto acquire a token from the OIDC token endpoint and complete the login flow.","name":"code","in":"query","schema":{"type":"string"}},{"description":"OAuth2 Error Code.\\nWhen present this indicates that either the authorization request has an error, the OIDC\\nprovider encountered an error or the user failed to log in. When set TSB will display information\\nto the user indicating what went wrong.\\n\\nStandard error codes can be found found here.\\nhttps://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1\\nhttps://openid.net/specs/openid-connect-core-1_0.html#AuthError","name":"error","in":"query","schema":{"type":"string"}},{"description":"The state parameter sent to the OIDC provider on the authorization request.","name":"state","in":"query","required":true,"schema":{"type":"string"}},{"description":"Optional error description sent by the OIDC provider when an error occurs.","name":"errorDescription","in":"query","schema":{"type":"string"}},{"description":"Optional error URI of a web page that includes additional information about the error.","name":"errorUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/oidc/login":{"get":{"tags":["OIDC"],"summary":"Login endpoint to start an OIDC Authentication flow.","operationId":"OIDC_Login","parameters":[{"description":"URl where the user will be redirected when the authentication flow completes.","name":"redirectUri","in":"query","schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations":{"get":{"tags":["Organizations"],"summary":"List all existing organizations.\\n$hide_from_docs","operationId":"Organizations_ListOrganizations","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Creates a new Organization in TSB.\\nOrganizations are the top-level construct in TSB and contain all the resources such as\\ntenants, workspaces and clusters.\\n$hide_from_docs","operationId":"Organizations_CreateOrganization","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateOrganizationRequest"}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}":{"get":{"tags":["Organizations"],"summary":"Get the details of an organization.","operationId":"Organizations_GetOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify an organization.\\nUpdate operations are protected against concurrent modifications of the resource. They are required\\nto provide the last version of the `etag` field as part of the update request payload.\\n$hide_from_docs","operationId":"Organizations_UpdateOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Organization"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete an organization.\\nNote that deleting resources in TSB is a recursive operation. Deleting an organization will delete all\\ntenants, clusters and all configurations that exist in it.\\n$hide_from_docs","operationId":"Organizations_DeleteOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters":{"get":{"tags":["Clusters"],"summary":"Get the list of all clusters that have been onboarded into the platform.","operationId":"Clusters_ListClusters","parameters":[{"description":"Flag to fetch the workload information for all the clusters as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListClustersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Clusters"],"summary":"Creates a new cluster object in TSB. This is needed during cluster onboarding to let the\\nmanagement plane know about the existence of a cluster.\\nOnce a cluster has been created and fully onboarded, the management plane will manage the\\nmesh for that cluster and keep this cluster entity up to date with the information that is\\nreported by the cluster agents.\\nThis method returns the created cluster, that will be continuously updated by the local\\ncluster agents. This entity can be monitored to have an overview of the resources (namespaces,\\nservices, etc) that are known to be running in the cluster.","operationId":"Clusters_CreateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a cluster and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","cluster"],"properties":{"cluster":{"$ref":"#/components/schemas/v2Cluster"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}":{"get":{"tags":["Clusters"],"summary":"Get the last known state for an onboarded cluster.\\nOnce a cluster has been onboarded into the platform, the agents will keep it up to date with\\nits runtime status. Getting the cluster object will return the last known snapshot of existing\\nnamespaces and services running in it.","operationId":"Clusters_GetCluster","parameters":[{"description":"Flag to fetch the workload information as well.\\nNote that by default workload information is not returned as it may be expensive to retrieve.","name":"fetchWorkloads","in":"query","schema":{"type":"boolean"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Clusters"],"summary":"Modify an existing cluster.\\nUpdates a cluster with the given data. Note that most of the data in the cluster is read-only and\\nautomatically populated by the local cluster agents.","operationId":"Clusters_UpdateCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"}},"locality":{"$ref":"#/components/schemas/ClusterLocality"},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/v2Namespace"},"readOnly":true},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string"},"state":{"$ref":"#/components/schemas/ClusterState"},"tier1Cluster":{"description":"Indicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean"},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Cluster"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Clusters"],"summary":"Unregisters a cluster from the platform.\\nDeleting a cluster will unregister it from the management plane, and the agents will stop receiving\\nconfiguration updates. Agent tokens for the cluster are revoked as well, so agents that are still\\nrunning will fail to report back cluster status to the management plane.\\nNote that unregistering the cluster is a management plane only operation. This does not uninstall\\nthe agents from the local cluster. Agents will continue running and the services that are deployed\\nin that cluster will be able to continue operating with the last applied configuration.\\nUnregistering a cluster from the management plane should not generate downtime to services that are\\nrunning on that cluster.","operationId":"Clusters_DeleteCluster","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_1","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_1","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/clusters/{cluster}:generateTokens":{"post":{"tags":["Clusters"],"summary":"Generate the tokens for the cluster agents so they can talk to the management plane.\\nOnce a cluster object has been registered in the management plane, this method can be used to\\ngenerate the JWT tokens that need to be configured in the local cluster agents in order to let\\nthem talk to the management plane.\\nThese tokens contain the necessary permissions to allow the agents to download the configuration\\nfor their cluster and to push cluster status updates to the management plane.","operationId":"Clusters_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Cluster name.","name":"cluster","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ClusterStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions":{"get":{"tags":["WasmExtensions"],"summary":"List the WASM extensions that are defined for the Organization.","operationId":"WasmExtensions_ListWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWasmExtensionResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["WasmExtensions"],"summary":"Creates a new WasmExtension object in TSB. This is needed to let the extensions run.\\nOnce a WasmExtension has been created, it can be assigned to IngressGateway and SecuritySetting.\\nThis method returns the created extension.","operationId":"WasmExtensions_CreateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a WasmExtension and make it available to be assigned to IngressGateway and SecuritySetting.","type":"object","required":["name","wasmExtension"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"wasmExtension":{"$ref":"#/components/schemas/v2WasmExtension"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}":{"get":{"tags":["WasmExtensions"],"summary":"Get a WASM extension","operationId":"WasmExtensions_GetWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["WasmExtensions"],"summary":"Modify an existing WasmExtension.\\nWhen modifying the details of an extension in use, such as the image property, enabled flag, phase,\\nor default configuration, a redeploy or reconfiguration of the extension may be triggered, affecting live\\ntraffic in all those places that reference the extension.\\nSimilarly, changes to the allowed_in property may trigger the removal of the extension from all places where\\nthe extension was in use that are not allowed to use it anymore, affecting live traffic on the\\nrelevant namespaces as well.","operationId":"WasmExtensions_UpdateWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["image"],"properties":{"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"}},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object"},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"image":{"description":"Repository and tag of the OCI image containing the WASM extension.","type":"string"},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret in the same namespace as the `WasmPlugin` that\\ncontains a docker pull secret which is to be used to authenticate\\nagainst the registry when pulling the image.","type":"string"},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32"},"source":{"type":"string","title":"Source to find the code for the WASM extension"},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WasmExtension"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["WasmExtensions"],"summary":"Delete a WasmExtension.\\nNote that deleting a WasmExtension will delete the extension itself, and also its assignments to IngressGateway and SecuritySetting.","operationId":"WasmExtensions_DeleteWasmExtension","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_2","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/extensions/{extension}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_2","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Extension name.","name":"extension","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts":{"get":{"tags":["Teams"],"summary":"List existing Service Accounts.","operationId":"Teams_ListServiceAccounts","parameters":[{"description":"The format in which the key pairs for each key will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceAccountsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create Service Account in TSB.\\nService Accounts are local to TSB and can be used to access the platform using\\nJWT tokens signed with the Service Account\'s private key for authentication.","operationId":"Teams_CreateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a ServiceAccount.\\n","required":["name","serviceAccount"],"properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceAccount":{"$ref":"#/components/schemas/v2ServiceAccount"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing Service Account.","operationId":"Teams_GetServiceAccount","parameters":[{"description":"The format in which the key pairs will be returned.\\nIf not set keys are returned in PEM format.","name":"keyEncoding","in":"query","schema":{"type":"string","enum":["PEM","JWK"],"default":"PEM"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Update the details of a service account.\\nUpdating the details of the service account does not regenerate its keys.","operationId":"Teams_UpdateServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"description":{"description":"A description of the resource.","type":"string"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n+protoc-gen-terraform:computed","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"readOnly":true}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete the given Service account.","operationId":"Teams_DeleteServiceAccount","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/jwks":{"get":{"tags":["Teams"],"summary":"Get all the public keys available in the service account and return them in a JWKS document.\\nSee: https://datatracker.ietf.org/doc/html/rfc7517\\nRequests to this endpoint require read permissions on the service account, or a token signed\\nwith one of the service account keys.","operationId":"Teams_GetServiceAccountJWKS","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2JWKS"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys":{"post":{"tags":["Teams"],"summary":"Generate a new key-pair for the service account.\\nNote that TSB does not store the generated private key, so the client must read it and\\nstore it securely.","operationId":"Teams_GenerateServiceAccountKey","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to generate a new key-pair for the Service Account.","type":"object","properties":{"keyEncoding":{"$ref":"#/components/schemas/KeyPairEncoding"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/keys/{id}":{"delete":{"tags":["Teams"],"summary":"Delete a key-pair associated the service account.","operationId":"Teams_DeleteServiceAccountKey","parameters":[{"description":"ID of the key-pair to delete.","name":"id","in":"path","required":true,"schema":{"type":"string"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceAccount"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_5","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/serviceaccounts/{serviceaccount}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_5","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceaccount name.","name":"serviceaccount","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services":{"get":{"tags":["Registration"],"summary":"List the services that have been registered in an organization","operationId":"Registration_ListServices","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServicesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Registration"],"summary":"Register the given service in the organization.\\nServices in the registry are deduplicated so that the same service running in different\\nclusters are represented as a single entity in the registry.\\nThe service returned by this method is the result of deduplicating the service.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_RegisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to register a service in a given parent (organization).","type":"object","required":["cluster","shortName","namespace","serviceType","state","source"],"properties":{"canonicalName":{"description":"optional canonical name that identify this service.","type":"string"},"cluster":{"description":"Name of the cluster where the service belongs to.\\nThis will be used to load the deduplication settings that have been configured for the cluster\\nwhere the service belongs.","type":"string"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"}},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"}},"namespace":{"description":"Namespace associated with the service. It will be used in deduplication logic.","type":"string"},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"}},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string"},"source":{"description":"Source of the service: Kubernetes, Istio, Consul, etc.","type":"string"},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"}},"state":{"$ref":"#/components/schemas/v2State"},"subsets":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Registration"],"summary":"Remove the given service from the organization registry.\\nThis API is currently only intended for internal use by the discovery agents.\\n$hide_from_docs","operationId":"Registration_UnregisterService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to unregister a service from the registry","required":["shortName","cluster","namespace"],"properties":{"cluster":{"description":"Name of the cluster of the service.","type":"string"},"namespace":{"description":"Namespace of the service.","type":"string"},"shortName":{"type":"string","title":"Name attribute of the service"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}":{"get":{"tags":["Registration"],"summary":"Get the details of a registered service","operationId":"Registration_GetService","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Service"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/groups":{"get":{"tags":["Lookup"],"summary":"Get all the groups that configure the given service in the registry.","operationId":"Lookup_Groups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GroupLookupResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_3","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/services/{service}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_3","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Service name.","name":"service","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings":{"get":{"tags":["Organizations"],"summary":"List all the settings objects that have been attached to the given Organization.","operationId":"Organizations_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListOrganizationSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Organizations"],"summary":"Create a settings object for the given organization.","operationId":"Organizations_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Organization Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}":{"get":{"tags":["Organizations"],"summary":"Get the details for the given settings object.","operationId":"Organizations_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Organizations"],"summary":"Modify the given settings in the given Organization.","operationId":"Organizations_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2OrganizationSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Organizations"],"summary":"Delete the given settings object from the Organization.","operationId":"Organizations_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_4","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_4","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/sync":{"post":{"description":"This method will update the state of users and groups in the organization and will create, modify, and\\ndelete groups according to the incoming request.\\nSync requests are assumed to be a full-sync and to contain all existing users and groups. Existing TSB users and groups\\nthat are not contained in a sync request will be deleted from the platform, as it will assume they have been removed\\nfrom the Identity Provider.","tags":["Organizations"],"summary":"SyncOrganization is used by processes that monitor the identity providers to synchronize\\nthe users and teams with the ones in TSB.","operationId":"Organizations_SyncOrganization","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to synchronize the users and teams in an organization from the configured identity provider.","type":"object","properties":{"sourceType":{"$ref":"#/components/schemas/v2SourceType"},"teams":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncTeam"}},"users":{"type":"array","items":{"$ref":"#/components/schemas/SyncOrganizationRequestSyncUser"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SyncOrganizationResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams":{"get":{"tags":["Teams"],"summary":"List all existing teams.","operationId":"Teams_ListTeams","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTeamsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Teams"],"summary":"Create a new team.","operationId":"Teams_CreateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a Team.\\n","required":["name","team"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"team":{"$ref":"#/components/schemas/v2Team"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing team.","operationId":"Teams_GetTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Teams"],"summary":"Modify an existing team.","operationId":"Teams_UpdateTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"}},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Team"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Teams"],"summary":"Delete a team.\\nNote that deleting a team only deletes the team itself, but not its members.","operationId":"Teams_DeleteTeam","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_6","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/teams/{team}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_6","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Team name.","name":"team","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants":{"get":{"tags":["Tenants"],"summary":"List all tenants that are available.","operationId":"Tenants_ListTenants","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a new tenant in the platform that will be the home for a set of resources.","operationId":"Tenants_CreateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a tenant.\\n","required":["name","tenant"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tenant":{"$ref":"#/components/schemas/v2Tenant"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}":{"get":{"tags":["Tenants"],"summary":"Get the details of an existing tenant.","operationId":"Tenants_GetTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the details of the given tenant.","operationId":"Tenants_UpdateTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tenant"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete a tenant from the platform.\\nDeleting a tenant will recursively delete all resources attached to the tenant, so use with\\ncaution.\\nIt will delete all workspaces and all settings that have been created in that tenant, so this\\noperation should be done carefully, when it\'s safe to do so.","operationId":"Tenants_DeleteTenant","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications":{"get":{"tags":["Applications"],"summary":"List all existing applications for the given tenant.","operationId":"Applications_ListApplications","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListApplicationsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Creates a new Application in TSB.","operationId":"Applications_CreateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an application and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","application"],"properties":{"application":{"$ref":"#/components/schemas/v2Application"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}":{"get":{"tags":["Applications"],"summary":"Get the details of an existing application.","operationId":"Applications_GetApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Applications"],"summary":"Modify an existing application.","operationId":"Applications_UpdateApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"readOnly":true},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nby another application, application creation/modification will fail.","type":"array","items":{"type":"string"}},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Application"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing Application.\\nNote that deleting resources in TSB is a recursive operation. Deleting a application will delete all\\nAPI objects that exist in it.","operationId":"Applications_DeleteApplication","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis":{"get":{"tags":["Applications"],"summary":"List all APIs attached to the given application.","operationId":"Applications_ListAPIs","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListAPIsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Applications"],"summary":"Attach a new API to the given application.","operationId":"Applications_CreateAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an API and register it in the management plane so configuration can\\nbe generated for it.","type":"object","required":["name","api"],"properties":{"api":{"$ref":"#/components/schemas/v2API"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}":{"get":{"tags":["Applications"],"summary":"Get the details of an API.","operationId":"Applications_GetAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2API"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Applications"],"summary":"Delete an existing API.","operationId":"Applications_DeleteAPI","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_10","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/apis/{api}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_10","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Api name.","name":"api","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_9","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/applications/{application}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_9","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Application name.","name":"application","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/extensions":{"get":{"tags":["Tenants"],"summary":"List all the WASM extensions that have been attached to the given tenant.","operationId":"Tenants_ListWasmExtensions","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantExtensionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings":{"get":{"tags":["Tenants"],"summary":"List all the settings objects that have made available to the given tenant.","operationId":"Tenants_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTenantSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Tenants"],"summary":"Create a settings object for the given tenant.","operationId":"Tenants_CreateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tenant Setting.","type":"object","required":["name","setting"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"setting":{"$ref":"#/components/schemas/v2TenantSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}":{"get":{"tags":["Tenants"],"summary":"Get the details for the given settings object.","operationId":"Tenants_GetSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Tenants"],"summary":"Modify the given settings in the given tenant.","operationId":"Tenants_UpdateSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TenantSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Tenants"],"summary":"Delete the given settings object from the tenant.","operationId":"Tenants_DeleteSetting","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_11","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_11","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_8","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_8","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces":{"get":{"tags":["Workspaces"],"summary":"List all existing workspaces for the given tenant.","operationId":"Workspaces_ListWorkspaces","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspacesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create a new workspace.\\nThe workspace will own exclusively the namespaces configured in the namespaces\\nselector for the workspace.","operationId":"Workspaces_CreateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace.","type":"object","required":["name","workspace"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"workspace":{"$ref":"#/components/schemas/v2Workspace"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}":{"get":{"tags":["Workspaces"],"summary":"Get the details of an existing workspace","operationId":"Workspaces_GetWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify an existing workspace","operationId":"Workspaces_UpdateWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Workspace"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete an existing workspace.\\nNote that deleting resources in TSB is a recursive operation. Deleting a workspace will delete all\\ngroups and configuration objects that exist in it.","operationId":"Workspaces_DeleteWorkspace","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups":{"get":{"tags":["Gateway"],"summary":"List all gateway groups that exist in the workspace.","operationId":"Gateway_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListGatewayGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Gateway"],"summary":"Create a new gateway group in the given workspace.","operationId":"Gateway_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Gateway Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}":{"get":{"tags":["Gateway"],"summary":"Get the details of the given gateway group.","operationId":"Gateway_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateway"],"summary":"update the given gateway group.","operationId":"Gateway_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateway"],"summary":"Delete the given gateway group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a gateway group will\\ndelete all configuration objects that exist in it.","operationId":"Gateway_DeleteGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways":{"get":{"tags":["Gateway"],"summary":"List all Egress Gateway objects in the gateway group.","operationId":"Gateway_ListEgressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListEgressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateway"],"summary":"Create an Egress Gateway object in the gateway group.","operationId":"Gateway_CreateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a EgressGateway.","type":"object","required":["name","egressGateway"],"properties":{"egressGateway":{"$ref":"#/components/schemas/v2EgressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}":{"get":{"tags":["Gateway"],"summary":"Get the details of the given Egress Gateway object.","operationId":"Gateway_GetEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateway"],"summary":"Modify the given Egress Gateway object.","operationId":"Gateway_UpdateEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2EgressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateway"],"summary":"Delete the given Egress Gateway object.","operationId":"Gateway_DeleteEgressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_15","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/egressgateways/{egressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_15","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Egressgateway name.","name":"egressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways":{"get":{"tags":["Gateway"],"summary":"List all Ingress Gateway objects in the gateway group.","operationId":"Gateway_ListIngressGateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIngressGatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateway"],"summary":"Create an Ingress Gateway object in the gateway group.","operationId":"Gateway_CreateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a IngressGateway.","type":"object","required":["name","ingressGateway"],"properties":{"ingressGateway":{"$ref":"#/components/schemas/v2IngressGateway"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}":{"get":{"tags":["Gateway"],"summary":"Get the details of the given Ingress Gateway object.","operationId":"Gateway_GetIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateway"],"summary":"Modify the given Ingress Gateway object.","operationId":"Gateway_UpdateIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"}},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"}},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2IngressGateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateway"],"summary":"Delete the given Ingress Gateway object.","operationId":"Gateway_DeleteIngressGateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_14","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/ingressgateways/{ingressgateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_14","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Ingressgateway name.","name":"ingressgateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_13","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_13","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_16","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tie1gateways/{tie1gateway}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_16","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tie1gateway name.","name":"tie1gateway","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways":{"get":{"tags":["Gateway"],"summary":"List all Tier1 Gateway objects that have been created in the gateway group.","operationId":"Gateway_ListTier1Gateways","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTier1GatewaysResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Gateway"],"summary":"Create a Tier1 Gateway object in the gateway group.","operationId":"Gateway_CreateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Tier1Gateway.","type":"object","required":["name","tier1Gateway"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"tier1Gateway":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/gatewaygroups/{gatewaygroup}/tier1gateways/{tier1gateway}":{"get":{"tags":["Gateway"],"summary":"get the details of the given Tier1 Gateway object.","operationId":"Gateway_GetTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Gateway"],"operationId":"Gateway_UpdateTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"}},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"}},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"}},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"}},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"}},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Tier1Gateway"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Gateway"],"summary":"Delete the given Tier1 Gateway object.","operationId":"Gateway_DeleteTier1Gateway","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Gatewaygroup name.","name":"gatewaygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tier1gateway name.","name":"tier1gateway","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups":{"get":{"tags":["IstioInternal"],"summary":"List all Istio internal groups in the given workspace.","operationId":"IstioInternal_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListIstioInternalGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["IstioInternal"],"summary":"Create a new Istio internal group in the given workspace.","operationId":"IstioInternal_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create an Istio internal group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}":{"get":{"tags":["IstioInternal"],"summary":"Get the details of the given Istio internal group.","operationId":"IstioInternal_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["IstioInternal"],"summary":"Modify a Istio internal group.","operationId":"IstioInternal_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["IstioInternal"],"summary":"Delete the given Istio internal group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a Istio internal group will\\ndelete all configuration objects that exist in it.","operationId":"IstioInternal_DeleteGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_18","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_18","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_17","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/istiointernalgroups/{istiointernalgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_17","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Istiointernalgroup name.","name":"istiointernalgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups":{"get":{"tags":["Security"],"summary":"List all security groups in the given workspace.","operationId":"Security_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecurityGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Security"],"summary":"Create a new security group in the given workspace.","operationId":"Security_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}":{"get":{"tags":["Security"],"summary":"Get the details of the given security group.","operationId":"Security_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify a security group.","operationId":"Security_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a security group will\\ndelete all configuration objects that exist in it.","operationId":"Security_DeleteGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings":{"get":{"tags":["Security"],"summary":"List all service security settings objects that have been attached to the security group.","operationId":"Security_ListServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a service security settings object in the security group.","operationId":"Security_CreateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Service Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/servicesettings/{servicesetting}":{"get":{"tags":["Security"],"summary":"Get the details of the given service security settings object.","operationId":"Security_GetServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given service security settings object.","operationId":"Security_UpdateServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given service security settings from the group.","operationId":"Security_DeleteServiceSecuritySettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Servicesetting name.","name":"servicesetting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings":{"get":{"tags":["Security"],"summary":"List all security settings objects that have been attached to the security group.","operationId":"Security_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSecuritySettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Security"],"summary":"Create a security settings object in the security group.","operationId":"Security_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Security Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}":{"get":{"tags":["Security"],"summary":"Get the details of the given security settings object.","operationId":"Security_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Security"],"summary":"Modify the given security settings object.","operationId":"Security_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"}},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2SecuritySetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Security"],"summary":"Delete the given security settings from the group.","operationId":"Security_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_20","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_20","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_19","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/securitygroups/{securitygroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_19","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Securitygroup name.","name":"securitygroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings":{"get":{"tags":["Workspaces"],"summary":"List all settings available for the given workspace.","operationId":"Workspaces_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListWorkspaceSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"tags":["Workspaces"],"summary":"Create default settings for a workspace.\\nDefault settings will apply to the services owned by the workspace, unless more\\nspecific settings are provided at the group level.","operationId":"Workspaces_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Workspace Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}":{"get":{"tags":["Workspaces"],"summary":"Get the details of a settings object for the given workspace.","operationId":"Workspaces_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"tags":["Workspaces"],"summary":"Modify the given workspace settings.","operationId":"Workspaces_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Default security and traffic settings for all proxy workloads in the workspace.\\n\\n\\n\\n","type":"object","properties":{"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"}},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2WorkspaceSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"tags":["Workspaces"],"summary":"Delete the given workspace settings.","operationId":"Workspaces_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_21","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_21","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_12","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_12","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups":{"get":{"tags":["Traffic"],"summary":"List all traffic groups in the given workspace.","operationId":"Traffic_ListGroups","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficGroupsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"description":"Groups will by default configure all the namespaces owned by their workspace, unless\\nexplicitly configured. If a specific set of namespaces is set for the group, it must be a\\nsubset of the namespaces defined by its workspace.","tags":["Traffic"],"summary":"Create a new traffic group in the given workspace.","operationId":"Traffic_CreateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Group.","type":"object","required":["name","group"],"properties":{"group":{"$ref":"#/components/schemas/v2Group"},"name":{"description":"The short name for the resource to be created.","type":"string"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given traffic group.","operationId":"Traffic_GetGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given traffic group.","operationId":"Traffic_UpdateGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Group"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given traffic group.\\nNote that deleting resources in TSB is a recursive operation. Deleting a traffic group will\\ndelete all configuration objects that exist in it.","operationId":"Traffic_DeleteGroup","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes":{"get":{"tags":["Traffic"],"summary":"List all service routes that have been attached to the traffic group.","operationId":"Traffic_ListServiceRoutes","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListServiceRoutesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a new service route in the given traffic group.","operationId":"Traffic_CreateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a ServiceRoute.","type":"object","required":["name","serviceRoute"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"serviceRoute":{"$ref":"#/components/schemas/v2ServiceRoute"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}":{"get":{"tags":["Traffic"],"summary":"Get the details of the given service route.","operationId":"Traffic_GetServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify a service route.","operationId":"Traffic_UpdateServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"}},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"}},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"}},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ServiceRoute"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given service route.","operationId":"Traffic_DeleteServiceRoute","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_24","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/serviceroutes/{serviceroute}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_24","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Serviceroute name.","name":"serviceroute","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings":{"get":{"tags":["Traffic"],"summary":"List all the settings objects that have been attached to the given traffic group.","operationId":"Traffic_ListSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListTrafficSettingsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Traffic"],"summary":"Create a settings object for the given traffic group.","operationId":"Traffic_CreateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"Request to create a Traffic Settings.","type":"object","required":["name","settings"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"settings":{"$ref":"#/components/schemas/v2TrafficSetting"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}":{"get":{"tags":["Traffic"],"summary":"Get the details for the given settings object.","operationId":"Traffic_GetSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Traffic"],"summary":"Modify the given settings in the given traffic group.","operationId":"Traffic_UpdateSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TrafficSetting"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Traffic"],"summary":"Delete the given settings object from the traffic group.","operationId":"Traffic_DeleteSettings","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_23","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/settings/{setting}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_23","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Setting name.","name":"setting","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_22","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/tenants/{tenant}/workspaces/{workspace}/trafficgroups/{trafficgroup}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_22","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"Tenant name.","name":"tenant","in":"path","required":true,"schema":{"type":"string"}},{"description":"Workspace name.","name":"workspace","in":"path","required":true,"schema":{"type":"string"}},{"description":"Trafficgroup name.","name":"trafficgroup","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users":{"get":{"tags":["Teams"],"summary":"List existing users.","operationId":"Teams_ListUsers","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListUsersResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"post":{"description":"Create a local User in TSB.\\nLocal users are like sercice accounts and are mostly used for internal purposes where\\nan authentication token can be issued by the IAM service to be used on behalf of the user.\\n\\nNote that local users do not exist in the Identity Provider and the normal login process will\\nnot allow them to access TSB.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_CreateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","title":"Request to create a User.\\n$hide_from_docs\\n","required":["name","user"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string"},"user":{"$ref":"#/components/schemas/v2User"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}":{"get":{"tags":["Teams"],"summary":"Get the details of an existing user.","operationId":"Teams_GetUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"put":{"description":"Modify an existin user.\\n\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, and the process may automatically set some\\nproperties of the User resource. Modifications made using the TSB APIs may be replaced\\nby the data from the Identity Provider on every synchronization.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_UpdateUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"firstName":{"description":"The first name of the user.","type":"string"},"lastName":{"description":"The last name of the user, if any.","type":"string"},"loginName":{"description":"The username used in the login credentials.","type":"string"},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2User"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}},"delete":{"description":"Delete an existing user.\\nThis operation is expected to be used only for LOCAL users. Users are periodically\\nsynchronized from the Identity Provider, so deleting a user that is not a local one\\nmay be reverted if the change is not done accordingly in the Identity Provider.\\n\\n$hide_from_docs","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_DeleteUser","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals":{"get":{"tags":["Approvals"],"summary":"GetPolicy returns the approval policy for the given resource.","operationId":"Approvals_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ApprovalPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["Approvals"],"summary":"SetPolicy enables authorization policy checks for the given resource and applies any provided\\nrequest or approval settings. If the resource has existing policies settings, they will be replaced.\\nOnce the policy is set, authorization checks will be performed for the given resource.","operationId":"Approvals_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_SetPolicyBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["Approvals"],"summary":"DeletePolicy deletes the approval policy configuration for the given resource. When deleted, authorization\\nchecks will no longer be performed, the resource will no longer accept approval requests and all existing approvals\\nwill be revoked.","operationId":"Approvals_DeletePolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:add":{"post":{"tags":["Approvals"],"summary":"AddApprovedAccess adds a new entry in the approved access list for the given resource.","operationId":"Approvals_AddApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/approved:delete":{"post":{"tags":["Approvals"],"summary":"DeleteApprovedAccess deletes an entry from the approved list for the given resource.","operationId":"Approvals_DeleteApprovedAccess_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/query":{"post":{"tags":["Approvals"],"operationId":"Approvals_QueryPolicies_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_QueryPoliciesBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryPoliciesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:add":{"post":{"tags":["Approvals"],"summary":"AddAccessRequest adds a new access request entry in the access request list for the given resource.\\nIf the policy approval mode is \\"ALLOW_REQUESTED\\", access is allowed immediately. If the policy approval\\nmode is \\"REQUIRE_APPROVAL\\" access will be pending until the request is approved.","operationId":"Approvals_AddAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:approve":{"post":{"tags":["Approvals"],"summary":"ApproveAccessRequest approves an existing access request for the given resource.\\nOnce approved, the request will be removed from the requested list and added to the approved list.\\nIf any of the permissions are changed, the requested permissions will be discarded and only the approved\\npermissions will be added to the approved list.","operationId":"Approvals_ApproveAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_AddApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/approvals/requested:delete":{"post":{"tags":["Approvals"],"summary":"DeleteAccessRequest removes an existing entry from the access request list for the given resource.\\nIf the request is already approved, the request no longer exists and this operation will return NotFound.\\nDeleting an approved request should be done using the DeleteApproved operation.","operationId":"Approvals_DeleteAccessRequest_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Approvals_DeleteApprovedAccessBody"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/permissions":{"get":{"tags":["Permissions"],"summary":"GetResourcePermission looks up permissions that are allowed for the current principal.\\non the given resource FQN. This is similar to QueryResourcePermission but limited to a single\\nresource FQN.","operationId":"Permissions_GetResourcePermissions_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2GetResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/policy":{"get":{"tags":["Policy"],"summary":"Get the access policy for the given resource.","operationId":"Policy_GetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["Policy"],"summary":"Set the access policy for the given resource.","operationId":"Policy_SetPolicy_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/Policy_SetPolicy_variant_1Body"},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/status":{"get":{"tags":["Status"],"summary":"Given a resource fully-qualified name of a resource returns its current status.","operationId":"Status_GetStatus_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ResourceStatus"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources":{"get":{"tags":["Sources"],"summary":"List the telemetry sources that are available for the requested parent. It will return telemetry sources that belong\\nto the requested parent and from all its child resources.","operationId":"Sources_ListSources_variant_7","parameters":[{"description":"The scope type that a telemetry source needs to match.\\nTelemetry sources that matches any requested scope type will be returned.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","name":"scopeTypes","in":"query","explode":true,"schema":{"type":"array","items":{"enum":["INVALID","SERVICE","INGRESS","RELATION"],"type":"string"}}},{"description":"Which resources the telemetry sources must belong to.\\nTelemetry sources that belongs to any requested resource will be returned.","name":"belongTos","in":"query","explode":true,"schema":{"type":"array","items":{"type":"string"}}},{"description":"Moment in time since we retrieve Telemetry Sources.","name":"existed.since","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Moment in time until we retrieve Telemetry Sources.","name":"existed.until","in":"query","schema":{"type":"string","format":"date-time"}},{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListSourcesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}":{"get":{"tags":["Sources"],"summary":"Get the details of an existing telemetry source.","operationId":"Sources_GetSource_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Source"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics":{"get":{"tags":["Metrics"],"summary":"List the telemetry metrics that are available for the requested telemetry source.","operationId":"Metrics_ListMetrics_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListMetricsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}/telemetry/sources/{source}/metrics/{metric}":{"get":{"tags":["Metrics"],"summary":"Get the details of an existing telemetry metric.","operationId":"Metrics_GetMetric_variant_7","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}},{"description":"Source name.","name":"source","in":"path","required":true,"schema":{"type":"string"}},{"description":"Metric name.","name":"metric","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Metric"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/organizations/{organization}/users/{user}:generateTokens":{"post":{"description":"Generate the tokens for a local user account so it can authenticate against management plane.\\nThis method will return an error if the user account is not of type MANUAL. Credentials for\\nnormal platform users must be configured in the corresponding Identity Provider.","tags":["Teams"],"summary":"Deprecated. This method will be removed in future versions of TSB. Use Service Accounts instead.","operationId":"Teams_GenerateTokens","parameters":[{"description":"Organization name.","name":"organization","in":"path","required":true,"schema":{"type":"string"}},{"description":"User name.","name":"user","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2TokenResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/googlerpcStatus"}}}}}}},"/v2/permissions/query":{"put":{"tags":["Permissions"],"summary":"QueryResourcePermission looks up permissions that are allowed for the current principal.\\nMultiple records can be queried with a single request. Query limit is 100, multiple requests\\nare required to lookup more than the limit.","operationId":"Permissions_QueryResourcePermissions","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsRequest"}}},"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2QueryResourcePermissionsResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac":{"get":{"tags":["RBAC"],"summary":"List all existing roles.","operationId":"RBAC_ListRoles","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2ListRolesResponse"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"post":{"tags":["RBAC"],"summary":"Create a new role.","operationId":"RBAC_CreateRole","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2CreateRoleRequest"}}},"description":"Request to create a Role.","required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}},"/v2/security/rbac/{rba}":{"get":{"tags":["RBAC"],"summary":"Get the details of the given role.","operationId":"RBAC_GetRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"put":{"tags":["RBAC"],"summary":"Modify a role.","operationId":"RBAC_UpdateRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.\\n\\n\\n\\n\\n","type":"object","properties":{"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"}}}}}},"required":true},"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2Role"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}},"delete":{"tags":["RBAC"],"summary":"Delete a role.\\nNRoles that are in use by policies attached to existing resources\\ncannot be deleted.","operationId":"RBAC_DeleteRole","parameters":[{"description":"Rba name.","name":"rba","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"type":"object"}}}},"default":{"description":"An unexpected error response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/rpcStatus"}}}}}}}},"tags":[{"name":"OAuth"},{"name":"OIDC"},{"name":"Applications"},{"name":"WasmExtensions"},{"name":"Gateway"},{"name":"IstioInternal"},{"name":"Metrics"},{"name":"Sources"},{"name":"Approvals"},{"name":"Permissions"},{"name":"Policy"},{"name":"RBAC"},{"name":"Lookup"},{"name":"Registration"},{"name":"Security"},{"name":"Traffic"},{"name":"Clusters"},{"name":"Organizations"},{"name":"Status"},{"name":"Teams"},{"name":"Tenants"},{"name":"Workspaces"}],"components":{"requestBodies":{"Policy_SetPolicy_variant_1Body":{"content":{"application/json":{"schema":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"}},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"Approvals_SetPolicyBody":{"content":{"application/json":{"schema":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode"],"properties":{"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"},"metadata":{"$ref":"#/components/schemas/v2Metadata"},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"}}}}}},"required":true},"Approvals_AddApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"AccessRequest is a request used for requesting or approving access to a resource.\\n\\nExample:\\nAccessRequest {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Access: []Access{{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["access"],"properties":{"access":{"$ref":"#/components/schemas/v2Access"},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml"}}}}},"required":true},"v2AccessPolicy":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/v2AccessPolicy"}}},"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","required":true},"Approvals_DeleteApprovedAccessBody":{"content":{"application/json":{"schema":{"description":"ResourceAndSubject is a resource and subject pair used for approval and deletion operations.\\n\\nExample:\\nResourceAndSubject {\\n  Resource: \\"organizations/demo/tenants/demo/applications/target\\",\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\"\\n}","type":"object","required":["subject"],"properties":{"subject":{"description":"Subject for which the access request is made.","type":"string"}}}}},"required":true},"Approvals_QueryPoliciesBody":{"content":{"application/json":{"schema":{"description":"QueryPoliciesRequest is the request message for QueryPolicies.\\n\\nExample:\\nQueryPoliciesRequest {\\n  Parent: \\"organizations/demo/tenants/demo\\",\\n  Types: []string{\\"applications\\"},\\n  IncludeDetails: true,\\n  IncludePermissions: true,\\n}","type":"object","required":["types"],"properties":{"includeDetails":{"description":"IncludeDetails indicates whether to include the details of the resources that are part of the policy.\\nWhen set to true, the name and description of the resource are included in the response.","type":"boolean"},"includePermissions":{"description":"IncludePermissions indicates whether to include the user level permissions on resources that are part of the policy.\\nWhen set to true, the user level permissions are included in the response.","type":"boolean"},"types":{"description":"Type is the type of the resources to query for policies.","type":"array","items":{"type":"string"}}}}}},"required":true}},"schemas":{"AggregatedStatusChildStatus":{"description":"`ChildStatus` contains the status details for a particular child resource,\\nand a human-friendly message further describing the status if it is an\\nerrored one.","type":"object","properties":{"status":{"$ref":"#/components/schemas/v2ResourceStatusStatus"},"message":{"description":"Contains the human-friendly message describing the status of the child resource.","type":"string","x-order":1}}},"ApprovalPolicyMode":{"description":" - UNRESTRICTED: Allows all subjects in the same policy class to access the resource.\\n - ALLOW_REQUESTED: Allows only the subjects in the request and approved list to access the resource.\\n - REQUIRE_APPROVAL: Allows only the subjects in the approved list to access the resource.","type":"string","default":"UNRESTRICTED","enum":["UNRESTRICTED","ALLOW_REQUESTED","REQUIRE_APPROVAL"]},"AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/v2LocalAuthzRule"},"x-order":0}}},"AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"ClusterLocality":{"description":"The region the cluster resides. Used for failover based routing when\\nconfigured in the workspace or global settings.","type":"object","required":["region"],"properties":{"region":{"description":"The geographic location of the cluster.","type":"string","x-order":0}}},"ClusterState":{"type":"object","title":"State represents the cluster info learned from the onboarded cluster","properties":{"lastSyncTime":{"type":"string","format":"date-time","title":"last time xcp edge(cp) synced with central(mp) in the UTC format","x-order":0},"provider":{"type":"string","title":"cluster provider. Ex: GKE, EKS, AKS","x-order":1},"istioVersions":{"description":"This shows currently running istio versions in the cluster.","type":"array","items":{"type":"string"},"x-order":2},"xcpVersion":{"type":"string","title":"xcp-edge version which is running at the cluster","x-order":3},"tsbCpVersion":{"type":"string","title":"TSB controlplane version","x-order":4}}},"ConfigEventsEdgeConfigState":{"type":"object","properties":{"status":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigStatus"},"reason":{"description":"Accompanying reason when status is not `APPLIED`.","type":"string","x-order":1}}},"ConfigEventsEdgeConfigStatus":{"description":" - UNKNOWN: `UNKNOWN` indicates an undefined status. Either the edge has not reported\\nthe status for the config or it is not available due to some delays or something else.\\nThis is a catch-all when we don\'t know what to do.\\n - APPLIED: `APPLIED` indicates that the config has been successfully applied at the edge.\\n - ERRORED: `ERRORED` indicates that some error occurred while applying config at an edge. This will be\\naccompanied by a message which specifies the reason for the error.\\n - IGNORED: `IGNORED` indicates that the config was ignored because of some misconfiguration in config yaml.\\nFor instance, applying `DIRECT` mode config within `BRIDGED` mode group.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","APPLIED","ERRORED","IGNORED"]},"ConfigEventsEvent":{"description":"Single `Event` event occurred in the configuration propagation flow.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ConfigEventsEventType"},"reason":{"description":"Optional code that extends the type of the occurred event.","type":"string","x-order":1},"message":{"description":"Optional message describing the reason in a human readable way.","type":"string","x-order":2},"timestamp":{"description":"Time of the event occurrence.","type":"string","format":"date-time","x-order":3},"etag":{"description":"The etag of the resource which configuration triggered this event.","type":"string","x-order":4},"edgesState":{"description":"Stores the `edge cluster name` to `EdgeConfigState` mapping. `EdgeConfigState` holds the\\n[status + reason] for a resource config that is being applied at edges.\\nReason accompanying the Status is useful for pin-pointed debugging at edge level.\\nFor instance, a config whose config status is something other than `APPLIED` is\\naccompanied by a reason telling why an error occurred while applying the config.\\nThis will help in debugging issues at an edge.","type":"object","additionalProperties":{"$ref":"#/components/schemas/ConfigEventsEdgeConfigState"},"x-order":5}}},"ConfigEventsEventType":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID is the zero value and should never be reached.\\n - TSB_ACCEPTED: TSB_ACCEPTED happens when the configuration has been validated and\\npersisted by TSB. Note that there is no TSB_REJECTED because in case of\\nan obvious syntax error, the client requests for the API will fail\\ndirectly. The configuration will not be persisted and therefore no\\nconfig status will be associated with it.\\n - MPC_ACCEPTED: MPC_ACCEPTED happens when MPC receives the configuration from TSB.\\nNote that there is no MPC_REJECTED because it\'s just a pass-through\\nto XCP.\\n - XCP_ACCEPTED: XCP_ACCEPTED happens when XCP validates the configuration and the XCP\\nresource is properly created.\\n - XCP_REJECTED: XCP_REJECTED happens when XCP reports that the configuration is not\\nvalid.\\n - MPC_FAILED: MPC_FAILED happens when MPC fails to process some configuration received\\nfrom TSB. These failures are prior to sending the translated\\nconfigurations to XCP.\\n - XCP_UNKNOWN: XCP_UNKNOWN happens when XCP reports that all edges are in UNKNOWN\\nstate.\\n - XCP_PARTIALLY_APPLIED: XCP_PARTIAL happens when XCP reports that at least one edge is in\\nAPPLIED state, and the rest are UNKNOWN.\\n - XCP_APPLIED: XCP_APPLIED happens when XCP reports that every edge is in APPLIED\\nstate.\\n - XCP_ERRORED: XCP_ERRORED happens when XCP reports that any edge is in ERRORED state.\\n - XCP_IGNORED: XCP_IGNORED happens when XCP reports that the config is IGNORED by all the edges.\\nOne of the cases where configs are ignored is when a BRIDGED mode config object\\nlike IngressGateway is part of a gateway group configured for the DIRECT mode\\nand vice versa. More generally, this happens when there is a mismatch between\\nthe mode where a config is valid and the mode configured for the group.\\n - MPC_DIRTY: MPC_DIRTY happens when a resource that is dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor instance, when a resource configuration affected by a STRICTER propagation\\nstrategy gets superseded (fully or partially) by a stricter resource configuration higher up\\nin the hierarchy. Concretely, if a security group\'s security settings (which\\nis in ACCEPTED configuration state) is affected\\nby a STRICTER propagation strategy, and for instance an organization\'s\\ndefault security settings (a resource higher up in the hierarchy)\\nhas been updated to restrict more the previously set authorization policy, then\\nthe previously ACCEPTED security group\'s security settings (a resource lower in\\nthe hierarchy) will become DIRTY if it is not stricter.","type":"string","default":"INVALID","enum":["INVALID","TSB_ACCEPTED","MPC_ACCEPTED","XCP_ACCEPTED","XCP_REJECTED","MPC_FAILED","XCP_UNKNOWN","XCP_PARTIALLY_APPLIED","XCP_APPLIED","XCP_ERRORED","XCP_IGNORED","MPC_DIRTY"]},"HeadersHeaderOperations":{"description":"HeaderOperations Describes the header manipulations to apply.","type":"object","properties":{"set":{"description":"Overwrite the headers specified by key with the given values.","type":"object","additionalProperties":{"type":"string"},"x-order":0},"add":{"description":"Append the given values to the headers specified by keys (will create a comma-separated list\\nof values).","type":"object","additionalProperties":{"type":"string"},"x-order":1},"remove":{"description":"Remove a the specified headers.","type":"array","items":{"type":"string"},"x-order":2}}},"IngressScopesIngressScope":{"description":"An ingress defines the telemetry source wingspan in the mesh of ingress\'s hostname.","type":"object","properties":{"type":{"$ref":"#/components/schemas/IngressScopesIngressScopeScopeType"},"scope":{"$ref":"#/components/schemas/IngressScopesIngressScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types HOSTNAME.","type":"string","x-order":2}}},"IngressScopesIngressScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"hostname":{"type":"string","title":"hostname is always a concrete value","x-order":0},"ingressService":{"type":"string","title":"ingress_service is always a concrete value","x-order":1},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":2}}},"IngressScopesIngressScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for an ingress\'s hostname.\\n\\n - HOSTNAME: A hostname telemetry source that belongs to a specific ingress instance in a cluster.\\n - GLOBAL: A global telemetry source of a hostname from an ingress across clusters.","type":"string","default":"INVALID","enum":["INVALID","HOSTNAME","GLOBAL"]},"JWKSJWK":{"type":"object","title":"JSON Web Key. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"alg":{"description":"The specific cryptographic algorithm used with the key.","type":"string","x-order":0},"kty":{"description":"The family of cryptographic algorithms used with the key.","type":"string","x-order":1},"use":{"description":"How the key was meant to be used; `sig` represents the signature.","type":"string","x-order":2},"n":{"description":"The modulus for the RSA public key.","type":"string","x-order":3},"e":{"description":"The exponent for the RSA public key.","type":"string","x-order":4},"kid":{"description":"The unique identifier for the key.","type":"string","x-order":5}}},"KeepAliveSettingsTcpKeepAliveSettings":{"description":"TCP Keep Alive Settings.","type":"object","properties":{"downstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"},"upstream":{"$ref":"#/components/schemas/TcpKeepAliveSettingsTcpKeepAlive"}}},"KeyPairEncoding":{"type":"string","title":"Format in which the keys in this keypair are encoded","default":"PEM","enum":["PEM","JWK"]},"ListSourcesRequestTimeRange":{"description":"TimeRange is a closed time range. If since or until are not provided they will not be used to filter.","type":"object","properties":{"since":{"description":"Moment in time since we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":0},"until":{"description":"Moment in time until we retrieve Telemetry Sources.","type":"string","format":"date-time","x-order":1}}},"LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"MetadataDetails":{"description":"Details is additional information about a resource.","type":"object","properties":{"name":{"description":"Name is the resources name.","type":"string","x-order":0},"description":{"description":"Description is the resources description.","type":"string","x-order":1}}},"MetricConfigMetricType":{"description":"MetricType denotes the relation of a metrics with a physical service instance.\\n\\n - SINGLE_INSTANCE: A single instance metric config belongs to an specific physical service instance.\\n - SUBSET: A subset metric config represents subsets across clusters or hostnames across clusters.\\n - GLOBAL: A global metric config represents all the physical services.\\n - ENDPOINT: An endpoint metric config represents an endpoint across clusters.\\n - ENDPOINT_INSTANCE: An endpoint instance metric config represents an endpoint in a specific cluster.","type":"string","default":"INVALID","enum":["INVALID","SINGLE_INSTANCE","SUBSET","GLOBAL","ENDPOINT","ENDPOINT_INSTANCE"]},"NamespaceScopingScope":{"description":" - GLOBAL: Global configures namespaces in this cluster to be considered global.\\nNamespaces that exist in other clusters with the same name will be\\nconsidered to be the same logical namespace.\\n - LOCAL: Configures local scoping for namespaces, so that namespaces with the same\\nname in different clusters will not be considered the same logical\\nnamespace.","type":"string","default":"GLOBAL","enum":["GLOBAL","LOCAL"]},"OrganizationSettingNetworkSettings":{"description":"Network related settings for clusters.","type":"object","properties":{"networkReachability":{"description":"Reachability between clusters on various networks. Each cluster\\nhas a \\"network\\" field representing a network boundary like a VPC\\non AWS/GCP/Azure. All clusters within the same network are\\nassumed to be reachable to each other for multi-cluster routing.\\nIn addition, you can specify additional connectivity between\\nvarious networks in the mesh here. For example on AWS, each VPC\\ncan be treated as a distinct network. VPCs that are reachable to\\none another (through peering or transit gateways) can be listed\\nas reachable networks. The key is the network name and the value\\nis a comma separated list of networks whose clusters are\\nreachable from this network. For instance, vpc01: vpc02,vpc03 means\\nthat the clusters in the network can reach those in vpc02 and vpc03.\\n\\nNote that reachability is **not** bidirectional. That is, if `vpc01: vpc02`\\nis specified, then `vpc01` can reach `vpc02`, but not the other way around.\\nHence, the workloads in clusters in `vpc01` can access the services\\nthrough the exposed gateway hostnames in clusters in `vpc02` . However,\\nthe workloads in clusters in `vpc02` cannot access the services exposed\\nthrough the gateway hostnames in `vpc01`.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"QueryResourcePermissionsResponseResult":{"type":"object","title":"Represents a result for the requested query","required":["request"],"properties":{"request":{"$ref":"#/components/schemas/v2Query"},"rules":{"description":"set of allowed RBAC rules that the current principal has on the matching resource.\\nIf the query produced no results, the rules set will be empty.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"RateLimitDimensionDestinationCluster":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"destination_cluster\\",\\n\\"&lt;routed target cluster&gt;\\")` where `destination_cluster` is the destination\\nenvoy cluster to which traffic is bound to.","type":"object"},"RateLimitDimensionHeader":{"type":"object","title":"RateLimit based on certain headers","required":["name"],"properties":{"name":{"description":"Name of the header to match on.","type":"string","x-order":0},"value":{"$ref":"#/components/schemas/v2StringMatch"},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionHeaderValueMatch":{"description":"Emit descriptor entry - a key-value pair of the form `(\\"header_match\\",\\n\\"&lt;descriptor_value&gt;\\")`, where `descriptor_value` is a user\\nspecified value corresponding to a header match event.","type":"object","required":["headers","descriptorValue"],"properties":{"headers":{"description":"Specifies a set of headers that the rate limit action should\\nmatch on. The action will check the request\u2019s headers against\\nall the specified headers in the config. A match will happen if\\nall the headers in the config are present in the request with\\nthe same values (or based on presence if the value field is not\\nin the config).  The header keys must be lowercase and use\\nhyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":0},"descriptorValue":{"description":"The value to use in the descriptor entry.","type":"string","x-order":1},"dontMatch":{"description":"If set to true, the condition will be met when the header value does not match.\\nDefault value is false.","type":"boolean","x-order":2}}},"RateLimitDimensionRequestHeaders":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"&lt;descriptor_key&gt;\\", \\"&lt;header_value_queried_from_header&gt;\\")`\\nwhere `descriptor_key` is a user specified key to emit when the\\nHTTP header is seen.","type":"object","required":["headerName","descriptorKey"],"properties":{"headerName":{"description":"The header name to be queried from the request headers. The header\u2019s\\nvalue is used to populate the value of the descriptor entry for the\\ndescriptor_key.","type":"string","x-order":0},"descriptorKey":{"description":"The key to use in the descriptor entry.","type":"string","x-order":1}}},"RateLimitDimensionSourceCluster":{"description":"Emit descriptor entry - a key-value pair of the form\\n`(\\"source_cluster\\", \\"&lt;local service cluster&gt;\\")` where `source_cluster`\\nis the source envoy cluster (corresponding to the `--service-cluster`\\nflag value set by Istio).","type":"object"},"RateLimitSettingsRateLimitValue":{"description":"RateLimitValue specifies the values that will be used\\nto determine the rate limit.","type":"object","required":["requestsPerUnit","unit"],"properties":{"requestsPerUnit":{"description":"Specifies the value of the rate limit.","type":"integer","format":"int64","x-order":0},"unit":{"$ref":"#/components/schemas/RateLimitValueUnit"}}},"RateLimitValueUnit":{"description":"Units of time.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","SECOND","MINUTE","HOUR","DAY"]},"ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"RelationScopeServiceRelation":{"description":"A relation between logical services.","type":"object","properties":{"source":{"description":"The source resource\'s fqn of the relation between two logical services.","type":"string","x-order":0},"target":{"description":"The target resource\'s fqn of the relation between two logical services.","type":"string","x-order":1}}},"RelationScopesRelationScope":{"type":"object","properties":{"type":{"$ref":"#/components/schemas/RelationScopesRelationScopeScopeType"},"scope":{"$ref":"#/components/schemas/RelationScopesRelationScopeScope"}}},"RelationScopesRelationScopeScope":{"type":"object","properties":{"serviceRelation":{"$ref":"#/components/schemas/RelationScopeServiceRelation"}}},"RelationScopesRelationScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for relation between resources.\\n\\n - SERVICE: A service telemetry source that belongs to a specific relation between logical services.","type":"string","default":"INVALID","enum":["INVALID","SERVICE"]},"ResilienceSettingsSensitivity":{"description":"Available sensitivity levels for the circuit breaker.\\n\\n - UNSET: Default values will be used.\\n - LOW: Tolerate up to 20 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - MEDIUM: Tolerate up to 10 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.\\n - HIGH: Tolerate up to 5 consecutive 5xx or connection failures from an\\nendpoint before ejecting it temporarily from the load balancing\\npool.","type":"string","default":"UNSET","enum":["UNSET","LOW","MEDIUM","HIGH"]},"ResourceStatusConfigResourceStatus":{"description":"Individual status for a configuration resource related to the Application/API.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resource":{"$ref":"#/components/schemas/v2ConfigResource"}}},"RoleResourceType":{"description":"The type of API resource for which the role is being created.","type":"object","required":["apiGroup"],"properties":{"apiGroup":{"description":"A specific API group such as traffic.tsb.tetrate.io/v2.","type":"string","x-order":0},"kinds":{"description":"Specific kinds of APIs under the API group. If omitted, the\\nrole will apply to all kinds under the group.","type":"array","items":{"type":"string"},"x-order":1}}},"RoleRule":{"type":"object","title":"A rule defines the set of api groups","required":["permissions"],"properties":{"types":{"description":"The set of API groups and the api Kinds within the group on which this rule is applicable.\\nIf omitted, the permissions will globally apply to all resource types.","type":"array","items":{"$ref":"#/components/schemas/RoleResourceType"},"x-order":0},"permissions":{"description":"The set of actions allowed for these APIs.\\nThe current version supports requires the kind, but this constraint will be relaxed in\\nupcoming releases so that rules can apply globally to an entire API group.","type":"array","items":{"$ref":"#/components/schemas/v2Permission"},"x-order":1}}},"RuleFrom":{"description":"From includes the target resource (and the workloads that belong to the resource)\\nwhich will be the source of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the source of a request.","type":"string","x-order":0}}},"RuleTo":{"description":"To includes the target resource (and the workloads that belong to the resource)\\nwhich will be destination of a request.","type":"object","properties":{"fqn":{"description":"The target resource identified by FQN which will be the destination of a request.","type":"string","x-order":0}}},"SecuritySettingAuthenticationMode":{"description":"AuthenticationMode indicates whether to accept only Istio mutual\\nTLS authenticated traffic or allow legacy plaintext traffic as\\nwell.\\n\\n - UNSET: Inherit from parent, if has one. Otherwise treated as OPTIONAL.\\n - OPTIONAL: Accept both plaintext and mTLS authenticated connections.\\n - REQUIRED: Accept only mutual TLS authenticated connections.","type":"string","default":"UNSET","enum":["UNSET","OPTIONAL","REQUIRED"]},"ServerTLSSettingsFileSource":{"description":"File path configuration of TLS keys and certificates.","type":"object","properties":{"serverCertificate":{"type":"string","title":"The path to the server cert file","x-order":0},"privateKey":{"type":"string","title":"The path to the server private key file","x-order":1},"caCertificates":{"type":"string","title":"The path to the file containing ca certs for verifying clients while using mutual TLS","x-order":2}}},"ServiceAccountKeyPair":{"description":"Represents key-pair associated to the service account.","type":"object","properties":{"id":{"description":"Unique identifier for this key-pair. This should be used as the `kid` (key id) when\\ngenerating JWT tokens that are signed with this key-pair.","type":"string","x-order":0,"readOnly":true},"publicKey":{"description":"The encoded public key associated with the service account.\\nThe encoding format is determined by the `encoding` field.","type":"string","x-order":1,"readOnly":true},"privateKey":{"description":"The encoded private key associated with the service account.\\nTSB does not store the private key and it is up to the client to store it safely.\\nThe encoding format is determined by the `encoding` field.","type":"string","x-order":2,"readOnly":true},"encoding":{"$ref":"#/components/schemas/KeyPairEncoding"},"defaultToken":{"type":"string","title":"A default access token that can be used to authenticate to TSB on behalf of the\\nservice account. TSB does not store this token and it is only returned when a\\nservice account key is created, similar to the private key. It is up to the client\\nto store the token for future use or to use the TSB CLI to generate new tokens as\\nexplained in: https://docs.tetrate.io/service-bridge/latest/en-us/howto/service-accounts","x-order":4,"readOnly":true}}},"ServiceMetricConfig":{"type":"object","title":"Configuration for metric aggregation","properties":{"name":{"description":"A user friendly name for this metric.","type":"string","x-order":0},"description":{"description":"A helpful description of what this metric represents.","type":"string","x-order":1},"aggregationKey":{"description":"An aggregation key that can be queried to get metrics for this service.","type":"string","x-order":2},"type":{"$ref":"#/components/schemas/MetricConfigMetricType"},"serviceDeployment":{"description":"The FQN of the service deployment related with this metric. Will be empty for group metrics.","type":"string","x-order":4},"parentMetric":{"type":"string","title":"The name of the metric config that aggregates this one in a higher level.\\nFor example, for a subset in a cluster metric, this field has the name of the metric of the same subset\\nacross the clusters","x-order":5}}},"ServicePort":{"type":"object","properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"kubernetesNodePort":{"description":"Indicates the node port attached to a physical deployment on a kubernetes\\ncluster.","type":"integer","format":"int64","x-order":2}}},"ServiceRoutePortLevelTrafficSettings":{"description":"PortLevelTrafficSettings explicitly defines the type of traffic for all of\\nthe ports exposed by a service for which routing rules need to be set.\\nDepending on whether HTTPRoutes or TCTRoutes are specified or not, the main\\nsubset weights are applied or not based on the following scenarios:\\n1. If HTTPRoutes or TCPRoutes are specified:\\n   a. Since Port is mandatory in MatchConditions, whenever a port is used\\n      in (HTTP/TCP) MatchCondition, it needs to be present in the global\\n      PortLevelTrafficSettings.\\n   b. When MatchConditions are present in the routes, then subset-weight\\n      combinations within routes will take effect instead of the global ones.\\n2. If the routes are not specified, then the traffic will be matched on\\n   ports specified in PortLevelTrafficSettings, and the routes will be set\\n   according to global subset-weight combinations.","type":"object","required":["port","trafficType"],"properties":{"port":{"type":"integer","format":"int64","title":"Port number to which traffic must be routed","x-order":0},"trafficType":{"$ref":"#/components/schemas/ServiceRouteTrafficType"},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"}}},"ServiceRouteStickySession":{"description":"If set, all requests from a client will be forward to the same backend.","type":"object","properties":{"header":{"description":"Hash based on a specific HTTP header.","type":"string","x-order":0},"cookie":{"$ref":"#/components/schemas/StickySessionHTTPCookie"},"useSourceIp":{"description":"Hash based on the source IP address.","type":"boolean","x-order":2}}},"ServiceRouteSubset":{"description":"Subset denotes a specific version of a service. The pods/VMs of a\\nsubset should be uniquely identifiable using their labels.","type":"object","required":["name"],"properties":{"name":{"description":"Name used to refer to the subset.","type":"string","x-order":0},"labels":{"description":"Labels apply a filter over the endpoints of a service in the service registry.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"weight":{"description":"Percentage of traffic to be sent to this subset. Weight if not\\nspecified will be assumed to be 0 if there are multiple\\nsubsets. If there is only one subset, the weight will be\\nassumed to be 1. The sum of non-zero weights across all subsets\\nshould add up to 100.","type":"integer","format":"int64","x-order":2},"portLevelSettings":{"description":"Port/Protocol/StickySession combination for which routes need to be generated specifically for\\na subset. These settings are meant to override the global PortLevelTrafficSettings, i.e. first, \\nglobal PortLevelTrafficSettings are used to generate routes and then we use non-conflicting subset level \\nPortLevelTrafficSettings to modify existing routes. If provided, PortLevelTrafficSettings should be provided for \\nall subsets for proper load balancing.","type":"array","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":3}}},"ServiceRouteTrafficType":{"description":"- HTTP: If trafficType is HTTP, then a HTTP route is generated for that port\\n - TCP: If trafficType is TCP, then a TCP route is generated for that port\\n - TLS_PASSTHROUGH: This mode generates TLS routes for HTTPS traffic. TLS is not terminated at the gateway and is\\npassed through to the server","type":"string","title":"TrafficType is the list of allowed traffic types for generating routes","default":"HTTP","enum":["HTTP","TCP","TLS_PASSTHROUGH"]},"ServiceScopesServiceScope":{"description":"A service scope defines the telemetry source wingspan in the mesh of a service.","type":"object","properties":{"type":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScopeType"},"scope":{"$ref":"#/components/schemas/ServiceScopesServiceScopeScope"},"deployment":{"description":"The FQN of the service deployment in a concrete cluster related with this telemetry source scope.\\nWill have a value for scope types INSTANCE or SERVICE.","type":"string","x-order":2}}},"ServiceScopesServiceScopeScope":{"description":"Each of the scope properties can have the following values:\\n- A non empty value.\\n- An empty value or absence of the property act as a wildcard, meaning any possible value.","type":"object","properties":{"instance":{"description":"instance is a concrete value or an empty value meaning any instance.","type":"string","x-order":0},"subset":{"description":"subset can be a concrete value or an empty value meaning any subset.","type":"string","x-order":1},"service":{"description":"service is always a concrete value.","type":"string","x-order":2},"namespace":{"description":"namespace is always a concrete value.","type":"string","x-order":3},"cluster":{"description":"cluster can be a concrete value or an empty value meaning any cluster.","type":"string","x-order":4}}},"ServiceScopesServiceScopeScopeType":{"description":"ScopeType denotes the wingspan of a telemetry source for a service.\\n\\n - INSTANCE: A instance telemetry source belongs to a specific service instance (pod or VM) in a cluster.\\n - SERVICE: A service telemetry source belongs to a specific service, without subsets, in a cluster.\\n - SUBSET: A subset telemetry source belongs to a specific service of a concrete subset in a cluster.\\n - GLOBAL_SUBSET: A global subset telemetry source represents a concrete subset from a service across cluster.\\nSubset scope type does not apply to ingress services.\\n - GLOBAL: A global telemetry source represents all subsets from a service across clusters.","type":"string","default":"INVALID","enum":["INVALID","INSTANCE","SERVICE","SUBSET","GLOBAL_SUBSET","GLOBAL"]},"ServiceSecuritySettingSubset":{"description":"Subset allows replacing the settings for a specific version of a service.","type":"object","required":["name","settings"],"properties":{"name":{"description":"Name used to refer to the subset.\\nThis must match a subset defined in the ServiceRoute for this service, else it will be omitted.","type":"string","x-order":0},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"}}},"ServiceServiceDeployment":{"description":"ServiceDeployment represents the physical service in a cluster.","type":"object","properties":{"fqn":{"description":"Fully-qualified name of the instance. This field is read-only.","type":"string","x-order":0,"readOnly":true},"source":{"description":"Source of the instance. This field is read-only.","type":"string","x-order":1,"readOnly":true}}},"SourceScopeIngressScopes":{"description":"IngressScopes defines one or many Ingress\'s hostname telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple IngressScope can be defined to group under a single telemetry source different ingresses.","type":"array","items":{"$ref":"#/components/schemas/IngressScopesIngressScope"},"x-order":0}}},"SourceScopeRelationScopes":{"description":"RelationScopes  represents the physical connection that exists between observable resources.\\nA relation can represent for instance the physical connection that exist when a call between services is done:\\n- Between a gateway and a service or vice versa.\\n- Between a service and another service.\\nThis observation can produce client-side measurements, server side measurements or both.","type":"object","properties":{"scopes":{"description":"Multiple RelationScope can be defined to group under a single telemetry source different relations.","type":"array","items":{"$ref":"#/components/schemas/RelationScopesRelationScope"},"x-order":0}}},"SourceScopeServiceScopes":{"description":"ServiceScopes defines one or many service\'s telemetry source wingspan in the mesh.","type":"object","properties":{"scopes":{"description":"Multiple ServiceScope can be defined to group under a single telemetry source different services.","type":"array","items":{"$ref":"#/components/schemas/ServiceScopesServiceScope"},"x-order":0}}},"StickySessionHTTPCookie":{"description":"Describes a HTTP cookie that will be used for sticky sessions. If the cookie is not present, it\\nwill be generated.","type":"object","required":["name","path","ttl"],"properties":{"name":{"description":"Name of the cookie.","type":"string","x-order":0},"path":{"description":"Path to set for the cookie.","type":"string","x-order":1},"ttl":{"description":"Lifetime of the cookie.","type":"string","x-order":2}}},"SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"SyncOrganizationRequestSyncTeam":{"description":"Information of a team as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the group.","type":"string","x-order":0},"description":{"description":"Optional description for the group.","type":"string","x-order":1},"memberUserIds":{"description":"List of user ids for the users that belong to this group.","type":"array","items":{"type":"string"},"x-order":2},"memberGroupIds":{"description":"List of group ids for the groups that are nested into this group.","type":"array","items":{"type":"string"},"x-order":3},"displayName":{"description":"Friendly name to show the group in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationRequestSyncUser":{"description":"Information of a user as synchronized from the team source. This differs slightly from a TSB\\nuser since the fields here are raw info that does not have the context of the TSB hierarchy.","type":"object","required":["id"],"properties":{"id":{"description":"Unique ID for the user.","type":"string","x-order":0},"description":{"description":"Optional description for the user.","type":"string","x-order":1},"email":{"type":"string","title":"User\'s email","x-order":2},"loginName":{"description":"The login username for the user.","type":"string","x-order":3},"displayName":{"description":"Friendly name to show the user in the different UIs.","type":"string","x-order":4}}},"SyncOrganizationResponseFailedIds":{"type":"object","properties":{"removal":{"type":"array","title":"Users or groups that failed to be removed","items":{"type":"string"},"x-order":0},"addition":{"type":"array","title":"Users or groups that failed to be created","items":{"type":"string"},"x-order":1},"update":{"type":"array","title":"Users or groups that failed to be updated","items":{"type":"string"},"x-order":2}}},"TcpKeepAliveSettingsTcpKeepAlive":{"type":"object","properties":{"probes":{"description":"The total number of unacknowledged probes to send before deciding\\nthe connection is dead. Default is to use the OS level configuration,\\nLinux defaults to 9.","type":"integer","format":"int64","x-order":0},"idleTime":{"description":"The number of seconds a connection needs to be idle before keep-alive probes\\nstart being sent. Default is to use the OS level configuration,\\nLinux defaults to 7200s.","type":"integer","format":"int64","x-order":1},"interval":{"description":"The number of seconds between keep-alive probes. Default is to use the OS\\nlevel configuration, Linux defaults to 75s.","type":"integer","format":"int64","x-order":2}}},"TrafficSettingEgressGateway":{"description":"EgressGateway specifies the gateway where traffic external to the mesh will be redirected.","type":"object","required":["host"],"properties":{"host":{"description":"Specifies the egress gateway hostname. Must be in\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.","type":"string","x-order":0},"port":{"description":"Deprecated. This field is ignored and will be removed in upcoming releases.\\nSpecifies the port on the host to connect to.","type":"integer","format":"int32","x-order":1}}},"WasmExtensionPluginPhase":{"description":"- UNSPECIFIED_PHASE: Control plane decides where to insert the plugin. This will generally be at the end of the filter chain, right before the Router.\\nDo not specify PluginPhase if the plugin is independent of others.\\n - AUTHN: Insert plugin before Istio authentication filters.\\n - AUTHZ: Insert plugin before Istio authorization filters and after Istio authentication filters.\\n - STATS: Insert plugin before Istio stats filters and after Istio authorization filters.","type":"string","title":"Plugin phases following Istio definition: https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/#PluginPhase","default":"UNSPECIFIED_PHASE","enum":["UNSPECIFIED_PHASE","AUTHN","AUTHZ","STATS"]},"WasmExtensionPullPolicy":{"description":"The pull behaviour to be applied when fetching a WASM module,\\nmirroring K8s behaviour.\\n\\n - UNSPECIFIED_POLICY: Defaults to IfNotPresent, except for OCI images with tag `latest`, for which\\nthe default will be Always.\\n - IfNotPresent: If an existing version of the image has been pulled before, that\\nwill be used. If no version of the image is present locally, we\\nwill pull the latest version.\\n - Always: We will always pull the latest version of an image when changing\\nthis plugin. Note that the change includes `metadata` field as well.","type":"string","default":"UNSPECIFIED_POLICY","enum":["UNSPECIFIED_POLICY","IfNotPresent","Always"]},"WorkloadProxy":{"description":"Info about proxy attached to a workload.","type":"object","properties":{"controlPlaneAddress":{"description":"Address/service of control plane entity controlling the proxy\\nlike istiod.istio-system.svc:15012.","type":"string","x-order":0},"envoyVersion":{"description":"Envoy version of the proxy.","type":"string","x-order":1},"istioVersion":{"description":"Istio version of the proxy.","type":"string","x-order":2},"status":{"type":"object","title":"Sync status for each xDS component.\\nFor example:\\nstatus[\\"CDS\\"] = \\"SYNCED\\"\\nXDS components are: LDS, RDS, EDS CDS and SRDS.\\nRefer to Envoy go-control-plane ConfigStatus for possible status values\\nvalues:\\nhttps://github.com/envoyproxy/go-control-plane/blob/main/envoy/service/status/v3/csds.pb.go","additionalProperties":{"type":"string"},"x-order":3}}},"applicationv2Status":{"description":"The computed configuration status for the Application or API.\\n\\n - UNKNOWN: Unknown indicates that the status has not been computed.\\n - MISSING: The missing status indicates that the configuration resource for the Applications\\nor APIs do not exist.\\n - DIRTY: Dirty Applications and APIs are those that have the corresponding configuration\\nobjects (config groups, ingress gateways, etc), but those objects have been\\ndirectly modified or they current configuration does not match the one specified\\nin the corresponding Application/API.\\n - CONFIGURED: Configured Applications and APIs are those that have the corresponding\\nconfiguration resources (config groups, ingress gateways, etc) and their\\nconfigurations match the ones defined in the Application/API objects.","type":"string","default":"UNKNOWN","enum":["UNKNOWN","MISSING","DIRTY","CONFIGURED"]},"authv2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"gatewayv2HttpRule":{"description":"A single HTTP rule.","type":"object","properties":{"match":{"description":"One or more match conditions (OR-ed).","type":"array","items":{"$ref":"#/components/schemas/v2HttpMatchCondition"},"x-order":0},"modify":{"$ref":"#/components/schemas/v2HttpModifyAction"},"route":{"$ref":"#/components/schemas/v2Route"},"redirect":{"$ref":"#/components/schemas/v2Redirect"}}},"googlerpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"protobufAny":{"type":"object","properties":{"@type":{"type":"string","x-order":0}},"additionalProperties":{}},"protobufNullValue":{"description":"`NullValue` is a singleton enumeration to represent the null value for the\\n`Value` type union.\\n\\n The JSON representation for `NullValue` is JSON `null`.\\n\\n - NULL_VALUE: Null value.","type":"string","default":"NULL_VALUE","enum":["NULL_VALUE"]},"rpcStatus":{"type":"object","properties":{"code":{"type":"integer","format":"int32","x-order":0},"message":{"type":"string","x-order":1},"details":{"type":"array","items":{"$ref":"#/components/schemas/protobufAny"},"x-order":2}}},"tsbauthv2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2AuthenticationJWT"}}},"tsbauthv2AuthenticationJWT":{"type":"object","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbauthv2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/tsbauthv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbauthv2AuthorizationLocalAuthz"}}},"tsbauthv2AuthorizationExternalAuthzBackend":{"type":"object","title":"Use an authorization server running at the specified URI. Support both HTTP and gRPC server.\\nIt is recommended to enable TLS validation (SIMPLE or MUTUAL) to secure traffic \\nbetween workload and external authorization server\\nIf you use gRPC, do not set `includeRequestHeaders`","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"tsbauthv2AuthorizationLocalAuthz":{"description":"Authorize the request in Envoy based on the JWT claims.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRule"},"x-order":0}}},"tsbauthv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbauthv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbauthv2LocalAuthzRuleHttpOperation":{"type":"object","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbauthv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.","type":"object","title":"Subject","properties":{"jwt":{"$ref":"#/components/schemas/tsbauthv2SubjectJWTClaims"}}},"tsbauthv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.","type":"object","title":"JWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbgatewayv2Authentication":{"type":"object","title":"DEPRECATED. Use auth/v2/Authentication\\n$hide_from_docs","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2AuthenticationJWT"}}},"tsbgatewayv2AuthenticationJWT":{"type":"object","title":"DEPRECATED. Use auth/v2/JWT\\n$hide_from_docs","required":["issuer"],"properties":{"issuer":{"description":"Identifies the issuer that issued the JWT. See\\n[issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1)\\nA JWT with different `iss` claim will be rejected.\\n\\nExample: https://foobar.auth0.com\\nExample: 1234567-compute@developer.gserviceaccount.com","type":"string","x-order":0},"audiences":{"description":"The list of JWT\\n[audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3).\\nthat are allowed to access. A JWT containing any of these\\naudiences will be accepted.\\n\\nThe service name will be accepted if audiences is empty.","type":"array","items":{"type":"string"},"x-order":1},"jwksUri":{"description":"URL of the provider\'s public key set to validate signature of\\nthe JWT. See [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).\\n\\nOptional if the key set document can either (a) be retrieved\\nfrom [OpenID\\nDiscovery](https://openid.net/specs/openid-connect-discovery-1_0.html)\\nof the issuer or (b) inferred from the email domain of the\\nissuer (e.g. a Google service account).\\n\\nExample: `https://www.googleapis.com/oauth2/v1/certs`\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri\\nwill be ignored if it does.","type":"string","x-order":2},"jwks":{"description":"JSON Web Key Set of public keys to validate signature of the JWT.\\nSee https://auth0.com/docs/jwks.\\n\\nNote: Only one of jwks_uri and jwks should be used. jwks_uri will be ignored if it does.","type":"string","x-order":3}}},"tsbgatewayv2Authorization":{"type":"object","title":"DEPRECATED. Use auth/v2/Authorization\\nConfiguration for authorizing a HTTP request\\n$hide_from_docs","properties":{"external":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/tsbgatewayv2AuthorizationLocalAuthz"}}},"tsbgatewayv2AuthorizationExternalAuthzBackend":{"type":"object","title":"DEPRECATED. Use auth/v2/ExternalAuthzBackend\\nUse an authorization running at the specified URI. Note that this\\nmode is supported only for HTTPS servers.\\n$hide_from_docs","properties":{"uri":{"type":"string","x-order":0},"includeRequestHeaders":{"type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2AuthorizationLocalAuthz":{"type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthz\\nAuthorize the request in Envoy based on the JWT claims.\\n$hide_from_docs","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRule"},"x-order":0}}},"tsbgatewayv2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"}}},"tsbgatewayv2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/LocalAuthzRule\\nLocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2LocalAuthzRuleHttpOperation"},"x-order":2}}},"tsbgatewayv2LocalAuthzRuleHttpOperation":{"type":"object","title":"DEPRECATED\\n$hide_from_docs","properties":{"paths":{"description":"The request path where the request is made against. E.g. [\\"/accounts\\"].","type":"array","items":{"type":"string"},"x-order":0},"methods":{"description":"The HTTP methods that are allowed by this rule. E.g. [\\"GET\\", \\"HEAD\\"].","type":"array","items":{"type":"string"},"x-order":1}}},"tsbgatewayv2Subject":{"description":"A subject designates an actor (user, service, etc) that attempts to access a target resource.\\nSubjects can be modeled with JWT tokens, service accounts, and decorated with attributes such as\\nHTTP request headers, JWT token claims, etc.\\nThe fields that define a subject will be matched to incoming requests, to fully qualify where the\\nrequest comes from, and to decide if the given request is allowed or not for the target resource.\\nAll the fields in a subject are evaluated as AND expressions.\\n$hide_from_docs","type":"object","title":"DEPRECATED. Use auth/v2/Subject\\nSubject","properties":{"jwt":{"$ref":"#/components/schemas/tsbgatewayv2SubjectJWTClaims"}}},"tsbgatewayv2SubjectJWTClaims":{"description":"JWT based subjects qualify a subject by matching against a JWT token present in the request.\\nBy default the token is expected to be present in the \'Authorization\' HTTP header, with the\\n\'Bearer\\" prefix.\\n$hide_from_docs","type":"object","title":"DEPRECATED.\\nJWT based subject","properties":{"iss":{"type":"string","x-order":0},"sub":{"type":"string","x-order":1},"other":{"description":"A set of arbitrary claims that are required to qualify the subject.\\nE.g. \\"iss\\": \\"*@foo.com\\".","type":"object","additionalProperties":{"type":"string"},"x-order":2}}},"tsbistiointernalv2Group":{"description":"An Istio Internal Group only allows grouping `DIRECT` mode mesh resources in a set of namespaces\\nowned by its parent workspace. This group is aimed for grouping resources not directly related\\nto traffic, security, or gateway like `EnvoyFilters` and `ServiceEntry`.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"}}},"tsbsecurityv2Group":{"description":"A security group manages the security properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Security group_, all the children resources will belong to that\\nsecurity domain in the same way a _Security setting_ belongs to a _Security group_, a _Security setting_\\nwill also belong to the security domain assigned to the _Security group_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":6}}},"tsbtrafficv2Group":{"description":"A traffic group manages the routing properties of proxy workloads in a\\ngroup of namespaces owned by the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"}}},"v2API":{"description":"An API configuring a set of servers and endpoints that expose the Application business logic.\\n\\n\\n\\n","type":"object","required":["openapi"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"openapi":{"description":"The raw OpenAPI spec for this API.","type":"string","x-order":4},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"servers":{"description":"List of servers that expose the API.\\nServer hostnames must be unique in the system, and only one API can expose a specific hostname.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":6,"readOnly":true},"endpoints":{"description":"List of endpoints exposed by this API.\\nThis field is read-only and generated from the configured OpenAPI spec.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPEndpoint"},"x-order":7,"readOnly":true},"configResources":{"type":"array","title":"The configuration resources that are related to this API object.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2Access":{"description":"Access is an access request for a subject with a set of permission.\\n\\nExample:\\nAccess {\\n  Subject: \\"organizations/demo/tenants/demo/applications/caller\\",\\n  Permissions: []string{\\"GET\\"}\\n}","type":"object","required":["subject","permissions"],"properties":{"subject":{"description":"Subject is the subject that is requested to access the resource.","type":"string","x-order":0},"permissions":{"description":"Permissions is a list of permissions that the subject is allowed to use.","type":"array","items":{"type":"string"},"x-order":1},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2AccessPolicy":{"description":"A policy defines the set of subjects that can access a resource and under\\nwhich conditions that access is granted.","type":"object","title":"Policy","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":1},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":2},"allow":{"description":"The list of allowed bindings configures the different access profiles that\\nare allowed on the resource configured by the policy.","type":"array","items":{"$ref":"#/components/schemas/v2Binding"},"x-order":3}}},"v2AggregatedStatus":{"description":"`AggregatedStatus` is used by resources with children to aggregate both the\\nsequence of events and the status of its children resources.","type":"object","properties":{"configEvents":{"$ref":"#/components/schemas/v2ConfigEvents"},"children":{"description":"Map of children resource FQNs to their status.","type":"object","additionalProperties":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"},"x-order":1},"childrenStatus":{"$ref":"#/components/schemas/AggregatedStatusChildStatus"}}},"v2Application":{"description":"An Application represents a set of logical groupings of services that are related to each other\\nand expose a set of APIs that implement a complete set of business logic.\\n\\n\\n\\n","type":"object","required":["workspace"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workspace":{"description":"FQN of the workspace this application is part of.\\nThe application will configure IngressGateways for the attached APIs\\nin the different namespaces exposed by this workspace.","type":"string","x-order":4},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"gatewayGroup":{"description":"Optional FQN of the Gateway Group to be used by the application.\\nIf configured, this gateway group will be used by the application. If\\nno namespaces are configured and no existing gateway group is set, a new gateway group claiming all\\nnamespaces in the workspace (`*/*`) will be created by default.\\nAll Ingress Gateway resources created for the APIs attached to the application will be created in\\nthe application\'s gateway group.","type":"string","x-order":6},"services":{"description":"Optional list of services that are part of the application. This is a list of FQNs of services in the\\nservice registry.\\nIf omitted, the application is assumed to own all the services in the workspace.\\nNote that a service can only be part of one application. If any of the services in the list is already\\nin use by an existing application, application creation/modification will fail.\\nIf the list of services is not explicitly set and any service in the workspace is already in use by\\nby another application, application creation/modification will fail.","type":"array","items":{"type":"string"},"x-order":7},"configResources":{"type":"array","title":"The configuration resources that are related to this Application.\\n$hide_from_docs","items":{"$ref":"#/components/schemas/v2ConfigResource"},"x-order":8,"readOnly":true}}},"v2ApprovalPolicy":{"description":"ApprovalPolicy is a set of authorization rules that define access to a resource.\\nWhen applied to a resource, the rules enforce access to the resource based on the permission set.\\n\\nExample:\\nApprovalPolicy {\\n  Mode: ApprovalPolicy_REQUIRE_APPROVAL,\\n  Resource: \\"organizations/demo/tenants/demo/applications/target-app\\",\\n  Approved: []Access {{\\n    Subject: \\"organizations/demo/tenants/demo/applications/calling-app\\",\\n    Permissions: []string{\\"GET\\", \\"POST\\"}\\n  }}\\n}","type":"object","required":["mode","resource"],"properties":{"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":0},"mode":{"$ref":"#/components/schemas/ApprovalPolicyMode"},"resource":{"description":"Resource is a fully qualified name of the resource that the policy applies to.","type":"string","x-order":2},"requested":{"description":"Requested is a list of subjects that are requested to access the resource but that have not yet been\\nexplicitly approved.\\nThe access mode of the policy will determine if the subjects in this list are given immediate access to the\\nresource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":3},"approved":{"description":"Approved is a list of subjects that are approved to access the resource.","type":"array","items":{"$ref":"#/components/schemas/v2Access"},"x-order":4},"metadata":{"$ref":"#/components/schemas/v2Metadata"}}},"v2Authentication":{"type":"object","properties":{"jwt":{"$ref":"#/components/schemas/AuthenticationJWT"}}},"v2AuthenticationSettings":{"description":"AuthenticationSettings represents configuration related to authenticating traffic\\nwithin the mesh and end-user credentials if present. It is **HIGHLY RECOMMENDED** to\\nenable mutual TLS when end-user credentials are present. Sending credentials like JWT\\nover plaintext is a security risk.","type":"object","properties":{"trafficMode":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"http":{"$ref":"#/components/schemas/v2Authentication"}}},"v2Authorization":{"type":"object","title":"Configuration for authorizing a HTTP request","properties":{"external":{"$ref":"#/components/schemas/AuthorizationExternalAuthzBackend"},"local":{"$ref":"#/components/schemas/AuthorizationLocalAuthz"}}},"v2AuthorizationRules":{"description":"- If deny_all is true, deny the request\\n\\n- If deny is defined and there are any denied target workload, deny the request.\\n\\n- If there are no allowed target workload, allow the request.\\n\\n- If allow is defined and there are any allowed target workload, allow the request.\\n\\n- Deny the request.","type":"object","title":"`AuthorizationRules` specifies which target workloads are allowed or denied.\\nWhen the mode is `RULES`, by default, if no authorization rules are provided all requests will be accepted.\\nCurrently, when a list of allow or deny rules are provided, a workload can only be targeted\\nby providing the workspace or security group resource the workload belongs to.\\nWhen different target workloads are allowed, denied or all workload are denied,\\nto evaluate if a request is accepted or rejected, denies are evaluated first, and finally allows.\\nAccepting or denying a request from a workload is determined by:","properties":{"allow":{"description":"Allow specifies a list of rules. If a request matches at least one rule, the request is accepted.\\nIf no allow rules are provided, all requests are allowed.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already allowed by\\nthe rule from workspace `w1` to `ws2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":0},"denyAll":{"description":"Deny all specifies whether all requests should be rejected.\\nIf it is true all requests will be rejected.\\nIf it is false the list of deny rules will be evaluated.","type":"boolean","x-order":1},"deny":{"description":"Deny specifies a list of rules. If a request matches at least one rule, the request is rejected.\\nIf deny rules are provided, the match will never occur, so no request can be rejected.\\nEach rule must be unique, no duplicates are allowed.\\nA rule that is fully contained by another rule is not allowed.\\nFor instance, defining a rule from workspace `w1` to `w2` and another rule\\nfrom security group `sg1` (which belongs to workspace `w1`) to `sg2` (which belongs to workspace `w2`)\\nis not allowed. It is not allowed, because from security group `sg1` to `sg2` rule is already denied by\\nthe rule from workspace `w1` to `w2`.","type":"array","items":{"$ref":"#/components/schemas/v2Rule"},"x-order":2}}},"v2AuthorizationSettings":{"description":"`AuthorizationSettings` define the set of service accounts in one\\nor more namespaces allowed to access a workload (and hence its\\nsidecar) in the mesh.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/AuthorizationSettingsMode"},"serviceAccounts":{"description":"When the mode is `CUSTOM`, `serviceAccounts` specify the allowed\\nset of service accounts (and the workloads using them). Must be\\nin the `&lt;namespace&gt;/&lt;service-account-name&gt;` format.\\n\\n- `./*` indicates all service accounts in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all service accounts in the `ns1` namespace.\\n\\n- `ns1/svc1-sa` indicates `svc1-sa` service account in `ns1` namespace.\\n\\nNamespace should be a valid kubernetes namespace, which\\nfollows [RFC 1123 Label Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) rules.\\nService account should be a valid kubernetes service account, which\\nfollows [DNS Subdomain Names](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) rules.","type":"array","items":{"type":"string"},"x-order":1},"http":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rules":{"$ref":"#/components/schemas/v2AuthorizationRules"}}},"v2AuthorizationSettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `DISABLED`.\\n - NAMESPACE: The workload allows traffic from any other authenticated workload in its own\\nnamespace.\\n - GROUP: The workload allows traffic from any other authenticated workload in the security group.\\n - WORKSPACE: The workload allows traffic from any other authenticated workload in the workspace.\\n - CLUSTER: The workload allows traffic from any other authenticated workload in the cluster.\\n - DISABLED: Authorization is disabled.\\n - CUSTOM: The workload allows traffic from service accounts defined explicitly.\\n - RULES: The workload allows or denies traffic from any other authenticated workload that belongs\\nto the specified rules.","type":"string","title":"A short cut for defining the common authorization patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","DISABLED","CUSTOM","RULES"]},"v2Binding":{"description":"A binding associates a role with a set of subjects.\\n\\nBindings are used to configure policies, where different roles can be\\nassigned to different sets of subjects to configure a fine-grained access\\ncontrol to the resource protected by the policy.","type":"object","required":["role"],"properties":{"role":{"description":"The role that defines the permissions that will be granted to the target\\nresource.","type":"string","x-order":0},"subjects":{"description":"The set of subjects that will be allowed to access the target resource\\nwith the permissions defined by the role.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1}}},"v2ClientTLSSettings":{"type":"object","title":"Configure TLS parameters for the client","properties":{"mode":{"$ref":"#/components/schemas/authv2TLSMode"},"files":{"$ref":"#/components/schemas/v2TLSFileSource"},"subjectAltNames":{"type":"array","title":"Subject alternative names is the list of names that are accepted\\nas service name as part of TLS handshake","items":{"type":"string"},"x-order":2}}},"v2Cluster":{"description":"A Kubernetes cluster managing both pods and VMs.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be\\nsent on every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"tokenTtl":{"description":"Lifetime of the tokens. Defaults to 1hr.","type":"string","x-order":4},"network":{"description":"The network (e.g., VPC) where this cluster is present. All\\nclusters within the same network will be assumed to be reachable\\nfor the purposes of multi-cluster routing. In addition, networks\\nmarked as reachable from one another in SystemSettings will also\\nbe used for multi-cluster routing.","type":"string","x-order":5},"tier1Cluster":{"description":"Indicates whether this cluster is hosting a tier1 gateway or not.\\nTier1 clusters cannot host other gateways or workloads. Defaults\\nto false if not specified.","type":"boolean","x-order":6},"namespaces":{"type":"array","title":"TODO(vikas): move this inside cluster state\\nRead-only data for informational purposes. Any user provided\\nvalue will be ignored. The data here may be stale depending on\\nthe update frequency from the Bridge agents in the cluster.\\n$hide_from_yaml","items":{"$ref":"#/components/schemas/v2Namespace"},"x-order":7,"readOnly":true},"labels":{"type":"object","title":"FIXME: this is super clunky to copy each and every metadata field into\\nobjects used for multicluster. $hide_from_yaml","additionalProperties":{"type":"string"},"x-order":8},"locality":{"$ref":"#/components/schemas/ClusterLocality"},"trustDomain":{"description":"Trust domain for this cluster, used for multi-cluster routing.\\nIt must be unique for every cluster and should match the one configured in\\nthe local control plane. This value is optional, and will be updated by the\\nlocal control plane agents. However, it is recommended to set it, if known,\\nso that multi-cluster routing works without having to wait for the local\\ncontrol planes to update it.","type":"string","x-order":10},"namespaceScope":{"$ref":"#/components/schemas/v2NamespaceScoping"},"state":{"$ref":"#/components/schemas/ClusterState"}}},"v2ClusterDestination":{"type":"object","properties":{"name":{"description":"The name of the destination cluster. Only one of name or labels\\nmust be specified.","type":"string","x-order":0},"labels":{"description":"Labels associated with the cluster. Any cluster with matching\\nlabels will be selected as a target. Only one of name or labels\\nmust be specified.","type":"object","additionalProperties":{"type":"string"},"x-order":1},"network":{"description":"The network associated with the destination clusters. In addition to\\nname/label selectors, only clusters matching the selected networks\\nwill be used as a target. At least one of name/labels, and/or network\\nmust be specified.","type":"string","x-order":2},"weight":{"description":"The weight for traffic to a given destination.","type":"integer","format":"int64","x-order":3}}},"v2ClusterStatus":{"description":"The status message for a cluster resource contains the set of join\\ntokens that should be used by Service Bridge\'s agents on the\\ncluster.","type":"object","properties":{"tokens":{"description":"Tokens for various agents.","type":"object","additionalProperties":{"type":"string"},"x-order":0}}},"v2ConfigEvents":{"description":"`ConfigEvents` provides a way to notify the status of a configuration\\npropagation as a sequence of events.","type":"object","properties":{"events":{"description":"Sequence of events occurred under the configuration propagation flow.\\nIt\'s ordered by event timestamp, newest first.","type":"array","items":{"$ref":"#/components/schemas/ConfigEventsEvent"},"x-order":0}}},"v2ConfigMode":{"description":"The configuration mode used by a traffic, security or a gateway group.\\n\\n - BRIDGED: Indicates that the configurations to be added to the group will\\nuse macro APIs that automatically generate Istio APIs under the\\nhood.\\n - DIRECT: Indicates that the configurations to be added to the group will\\ndirectly use Istio APIs.","type":"string","default":"BRIDGED","enum":["BRIDGED","DIRECT"]},"v2ConfigResource":{"description":"ConfigResource represents a configuration object (group, ingress gateway, etc)\\nthat is related to an Application or API.","type":"object","properties":{"fqn":{"description":"The FQN of the resource this status is computed for.","type":"string","x-order":0,"readOnly":true},"expectedEtag":{"description":"The expected etag field is used to check the if the configuration resource contents have\\nchanged. This might not be relevant for all configuration resources, so this field may\\nnot be set. If it is not set, the status will only report the presence or absence of the\\nconfiguration resource, but not differences in its contents.\\n\\nWhen this field is present, the status will also reflect changes in the contents of the\\nconfiguration resource, and report it as DIRTY if there are differences.","type":"string","x-order":1,"readOnly":true},"exclusivelyOwned":{"description":"The exclusively owned flag indicates if the referenced configuration resource is exclusively\\nowned by the object. Configuration resources that are exclusively owned by an object will\\nbe deleted when the object is deleted.","type":"boolean","x-order":2,"readOnly":true}}},"v2CorsPolicy":{"type":"object","properties":{"allowOrigin":{"description":"The list of origins that are allowed to perform CORS requests. The content will be serialized\\ninto the Access-Control-Allow-Origin header. Wildcard * will allow all origins.","type":"array","items":{"type":"string"},"x-order":0},"allowMethods":{"description":"List of HTTP methods allowed to access the resource. The content will be serialized into the\\nAccess-Control-Allow-Methods header.","type":"array","items":{"type":"string"},"x-order":1},"allowHeaders":{"description":"List of HTTP headers that can be used when requesting the resource. Serialized to\\nAccess-Control-Allow-Headers header.","type":"array","items":{"type":"string"},"x-order":2},"exposeHeaders":{"description":"A white list of HTTP headers that the browsers are allowed to access. Serialized into\\nAccess-Control-Expose-Headers header.","type":"array","items":{"type":"string"},"x-order":3},"maxAge":{"description":"Specifies how long the results of a preflight request can be cached. Translates to the\\nAccess-Control-Max-Age header.","type":"string","x-order":4},"allowCredentials":{"description":"Indicates whether the caller is allowed to send the actual request (not the preflight) using\\ncredentials. Translates to Access-Control-Allow-Credentials header.","type":"boolean","x-order":5}}},"v2CreateOrganizationRequest":{"type":"object","title":"Request to create a organization.\\n$hide_from_docs","required":["name","organization"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"organization":{"$ref":"#/components/schemas/v2Organization"}}},"v2CreateRoleRequest":{"description":"Request to create a Role.","type":"object","required":["name","role"],"properties":{"name":{"description":"The short name for the resource to be created.","type":"string","x-order":0},"role":{"$ref":"#/components/schemas/v2Role"}}},"v2DeviceCodeResponse":{"type":"object","title":"Response with device codes for use with the Device Authorization flow.\\nFor additional information on the response parameters please refer to the Device Authorization Response section\\nof the RFC https://datatracker.ietf.org/doc/html/rfc8628#section-3.2","properties":{"deviceCode":{"type":"string","title":"Code that the device uses to poll for tokens","x-order":0},"userCode":{"type":"string","title":"Code the user enters in the verification URI","x-order":1},"verificationUri":{"type":"string","title":"URI where to enter the user code","x-order":2},"interval":{"type":"integer","format":"int32","title":"Rate in which to poll the token endpoint with the device code","x-order":3},"expiresIn":{"type":"integer","format":"int32","title":"Expiration time of the device code in seconds","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2EastWestGateway":{"description":"EastWestGateway is for configuring a gateway to handle east-west traffic of\\nthe services that are not exposed through Ingress or Tier1 gateways (internal\\nservices). Currently, this is restricted to specifying at Workspace level\\nin WorkspaceSetting.","type":"object","required":["workloadSelector"],"properties":{"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"exposedServices":{"description":"Exposed services is used to specify the match criteria to select specific services\\nfor internal multicluster routing (east-west routing between clusters).\\nIf it is not defined or contains no elements, all the services within the workspace\\nwill be exposed to the configured gateway.","type":"array","items":{"$ref":"#/components/schemas/v2ServiceSelector"},"x-order":1}}},"v2EgressAuthorization":{"type":"object","title":"EgressAuthorization is used to dictate which service accounts can access a set of external hosts","required":["to"],"properties":{"from":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"to":{"type":"array","title":"The external hostnames the workload(s) described in this rule can access.\\nHosts cannot be specified more than once. Use \\"*\\" to allow access to any external host","items":{"type":"string"},"x-order":1}}},"v2EgressGateway":{"description":"`EgressGateway` configures a workload to act as an egress gateway in the mesh.\\n\\n\\n--\x3e\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"authorization":{"description":"The description of which service accounts can access which hosts.\\nIf the list of authorization rules is empty, this egress gateway will deny all traffic.","type":"array","items":{"$ref":"#/components/schemas/v2EgressAuthorization"},"x-order":5},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this EgressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":6}}},"v2EnvValueSource":{"description":" - INLINE: Explicitly given key-value pairs to be injected to this VM.\\n - HOST: *Istio-proxy\'s* environment variables exposed to this VM.","type":"string","default":"INLINE","enum":["INLINE","HOST"]},"v2EnvVar":{"type":"object","required":["name","valueFrom"],"properties":{"name":{"type":"string","title":"Name of the environment variable. Must be a C_IDENTIFIER, by following this regex: [A-Za-z_][A-Za-z0-9_]*","x-order":0},"valueFrom":{"$ref":"#/components/schemas/v2EnvValueSource"},"value":{"description":"Value for the environment variable.\\nNote that if `value_from` is `HOST`, it will be ignored.\\nDefaults to \\"\\".","type":"string","x-order":2}}},"v2Error":{"type":"string","title":"OAuth2 error codes","default":"NO_ERROR","enum":["NO_ERROR","INVALID_REQUEST","INVALID_CLIENT","INVALID_GRANT","UNAUTHORIZED_CLIENT","UNSUPPORTED_GRANT_TYPE","AUTHORIZATION_PENDING","SLOW_DOWN","ACCESS_DENIED","EXPIRED_TOKEN","SERVER_ERROR"]},"v2ExternalRateLimitServiceSettings":{"description":"Configuration for ratelimiting using an external ratelimit server\\nThe ratelimit server must expose\\n[Envoy\'s Rate Limit Service gRPC API](https://www.envoyproxy.io/docs/envoy/latest/configuration/other_features/rate_limit#config-rate-limit-service).\\n\\nIf the rate limit service is called, and the response for any of\\nthe descriptors is over limit, a 429 response is returned. The rate\\nlimit filter also sets the x-envoy-ratelimited header.\\n\\nIf there is an error in calling rate limit service or rate limit\\nservice returns an error and failure_mode_deny is set to true, a\\n500 response is returned.","type":"object","required":["domain","rateLimitServerUri","rules"],"properties":{"domain":{"description":"The rate limit domain to use when calling the rate limit service.\\nRatelimit settings are namespaced to a domain.","type":"string","x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"rateLimitServerUri":{"description":"The URI at which the external rate limit server can be reached.","type":"string","x-order":2},"rules":{"type":"array","title":"A set of rate limit rules.\\nEach rule describes a list of dimension to match on.\\nOnce matched, a list of descriptors are sent\\nto the external rate limit server","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitRule"},"x-order":3},"timeout":{"description":"The timeout in seconds for the external rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":4},"tls":{"$ref":"#/components/schemas/v2ClientTLSSettings"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimension":{"type":"object","title":"RateLimitDimension is a set of conditions to match HTTP requests\\nOnce the conditions are satisfied,\\ncorresponding descriptors (set of keys and values) are emitted and\\nsent to the external rate limit server. The server is expected to\\nmake a rate limit decision based on these descriptors.\\nPlease go through the [Envoy RateLimit descriptor](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/common/ratelimit/v3/ratelimit.proto#envoy-v3-api-msg-extensions-common-ratelimit-v3-ratelimitdescriptor)\\nto get more information on descriptors","properties":{"sourceCluster":{"$ref":"#/components/schemas/RateLimitDimensionSourceCluster"},"destinationCluster":{"$ref":"#/components/schemas/RateLimitDimensionDestinationCluster"},"remoteAddress":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress"},"requestHeaders":{"$ref":"#/components/schemas/RateLimitDimensionRequestHeaders"},"headerValueMatch":{"$ref":"#/components/schemas/RateLimitDimensionHeaderValueMatch"}}},"v2ExternalRateLimitServiceSettingsRateLimitDimensionRemoteAddress":{"type":"object","title":"Emit descriptor entry - a key-value pair of the form\\n`(\\"remote_address\\", \\"&lt;trusted address from x-forwarded-for&gt;\\")`"},"v2ExternalRateLimitServiceSettingsRateLimitRule":{"type":"object","required":["dimensions"],"properties":{"dimensions":{"description":"A list of dimensions that are to be applied for this rate limit configuration.\\nOrder matters as the dimensions are processed sequentially and the descriptor\\nis composed by appending descriptor entries in that sequence.\\nIf the condition for a dimension is not satisfied and cannot append a descriptor entry,\\nno descriptor list is generated for the entire setting.","type":"array","items":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettingsRateLimitDimension"},"x-order":0}}},"v2GetResourcePermissionsResponse":{"description":"Response with permission rules.","type":"object","properties":{"rules":{"type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":0}}},"v2GrantResponse":{"description":"Token grant response.","type":"object","properties":{"accessToken":{"description":"Access token issued by the authorization server.","type":"string","x-order":0},"tokenType":{"description":"Access token type such as \\"bearer\\" or \\"mac\\".","type":"string","x-order":1},"expiresIn":{"description":"Expiration time of the access token in seconds.","type":"integer","format":"int32","x-order":2},"refreshToken":{"description":"Optional refresh token issued when the authorization server\\nand client are configured to use refresh tokens.","type":"string","x-order":3},"clientId":{"description":"Optional client ID used during the grant process.\\nWhen present the client ID for subsequent refresh grant calls.\\nWhile not a standard field on an OAuth grant response, this helps remove ambiguity\\nwhen multiple OIDC configurations are present in TSB.","type":"string","x-order":4},"error":{"$ref":"#/components/schemas/v2Error"},"errorMessage":{"description":"Optional error message that contains more details about the error that occurred.","type":"string","x-order":6}}},"v2GrantType":{"description":"OAuth2 grant types that are currently supported.","type":"string","default":"UNSPECIFIED","enum":["UNSPECIFIED","REFRESH_TOKEN","DEVICE_CODE_URN","CLIENT_CREDENTIALS","TOKEN_EXCHANGE"]},"v2Group":{"description":"A gateway group manages the gateways in a group of namespaces owned\\nby the parent workspace.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"configMode":{"$ref":"#/components/schemas/v2ConfigMode"}}},"v2GroupLookupResponse":{"description":"List of groups that configure the requested service.","type":"object","properties":{"trafficGroups":{"description":"The traffic groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbtrafficv2Group"},"x-order":0},"securityGroups":{"description":"The security groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbsecurityv2Group"},"x-order":1},"gatewayGroups":{"description":"The gateway groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbgatewayv2Group"},"x-order":2},"istioInternalGroups":{"description":"The istio internal groups that configure the given registered service.","type":"array","items":{"$ref":"#/components/schemas/tsbistiointernalv2Group"},"x-order":3}}},"v2HTTPEndpoint":{"description":"An HTTP Endpoint represents an individual HTTP path exposed in the API.","type":"object","properties":{"path":{"description":"The HTTP path of the endpoint, relative to the hostnames exposed by the API.","type":"string","x-order":0,"readOnly":true},"methods":{"description":"The list of HTTP methods this endpoint supports.","type":"array","items":{"type":"string"},"x-order":1,"readOnly":true},"hostnames":{"description":"The list of hostnames where this endpoint is exposed.\\nIf omitted, the endpoint is assumed to be exposed in all hostnames defined for the API.","type":"array","items":{"type":"string"},"x-order":2,"readOnly":true},"service":{"description":"The FQN of the service in the service registry that is exposing this endpoint.","type":"string","x-order":3,"readOnly":true}}},"v2HTTPMatchCondition":{"description":"HTTPMatchCondition is the set of conditions to match incoming HTTP traffic\\nand route accordingly. We could have used HttpMatchCondition from\\ningress_gateway.proto but it doesn\'t have a port field, so it\'s better to\\ncreate one natively.","type":"object","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"type":"object","title":"Headers to match in incoming traffic for routing forward","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":2},"port":{"type":"integer","format":"int64","title":"Port to match in incoming traffic","x-order":3}}},"v2HTTPRetry":{"description":"HTTPRetry defines the parameters for retrying API calls to a service.","type":"object","required":["attempts"],"properties":{"attempts":{"description":"Number of retries for a given request. The interval between retries will be determined\\nautomatically (25ms+).\\n\\nActual number of retries attempted depends on the httpReqTimeout.","type":"integer","format":"int32","x-order":0},"perTryTimeout":{"description":"Timeout per retry attempt for a given request. format: 1h/1m/1s/1ms. MUST BE &gt;=1ms.","type":"string","x-order":1},"retryOn":{"description":"Specifies the conditions under which retry takes place.\\nOne or more policies can be specified using a \u2018,\u2019 delimited list.\\nSee the [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on)\\nand [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on)\\nfor more details.","type":"string","x-order":2}}},"v2HTTPRewrite":{"description":"Configuration for an URL rewrite rule.","type":"object","properties":{"uri":{"description":"Rewrite the path (or the prefix) portion of the URI with this value. If the original URI was\\nmatched based on prefix, the value provided in this field will replace the corresponding\\nmatched prefix.","type":"string","x-order":0},"authority":{"description":"Rewrite the Authority/Host header with this value.","type":"string","x-order":1}}},"v2HTTPRoute":{"description":"HTTPRoute is used to set HTTP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of HTTPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming HTTP traffic","items":{"$ref":"#/components/schemas/v2HTTPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where HTTP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2Headers":{"description":"Header manipulation rules.","type":"object","properties":{"request":{"$ref":"#/components/schemas/HeadersHeaderOperations"},"response":{"$ref":"#/components/schemas/HeadersHeaderOperations"}}},"v2HttpMatchCondition":{"description":"A single match clause to match all aspects of a request.","type":"object","properties":{"uri":{"$ref":"#/components/schemas/v2StringMatch"},"headers":{"description":"The header keys must be lowercase and use hyphen as the separator, e.g. x-request-id.","type":"object","additionalProperties":{"$ref":"#/components/schemas/v2StringMatch"},"x-order":1}}},"v2HttpModifyAction":{"description":"HTTP path/url/header modification.","type":"object","properties":{"rewrite":{"$ref":"#/components/schemas/v2HTTPRewrite"},"headers":{"$ref":"#/components/schemas/v2Headers"}}},"v2HttpRouting":{"type":"object","required":["rules"],"properties":{"corsPolicy":{"$ref":"#/components/schemas/v2CorsPolicy"},"rules":{"description":"HTTP routes.","type":"array","items":{"$ref":"#/components/schemas/gatewayv2HttpRule"},"x-order":1}}},"v2HttpServer":{"description":"An HTTP server exposed in an ingress gateway.","type":"object","required":["name","port","hostname","routing"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"xxxOldAuthentication":{"$ref":"#/components/schemas/tsbgatewayv2Authentication"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"xxxOldAuthorization":{"$ref":"#/components/schemas/tsbgatewayv2Authorization"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"routing":{"$ref":"#/components/schemas/v2HttpRouting"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2IngressGateway":{"description":"`IngressGateway` configures a workload to act as an ingress gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"http":{"description":"One or more HTTP or HTTPS servers exposed by the gateway. The\\nserver exposes configuration for TLS termination, request\\nauthentication/authorization, HTTP routing, etc.","type":"array","items":{"$ref":"#/components/schemas/v2HttpServer"},"x-order":5},"tlsPassthrough":{"description":"One or more TLS servers exposed by the gateway. The server\\ndoes not terminate TLS and exposes config for SNI based routing.","type":"array","items":{"$ref":"#/components/schemas/v2TLSPassthroughServer"},"x-order":6},"tcp":{"type":"array","title":"One or more non-HTTP and non-passthrough servers which use TCP\\nbased protocols. This server also exposes configuration for terminating TLS","items":{"$ref":"#/components/schemas/v2TCPServer"},"x-order":7},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this IngressGateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":8},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}},"v2JWKS":{"type":"object","title":"JSON Web Key Set. Refer to https://datatracker.ietf.org/doc/html/rfc7517","properties":{"keys":{"type":"array","title":"List of public JWKs","items":{"$ref":"#/components/schemas/JWKSJWK"},"x-order":0}}},"v2KeepAliveSettings":{"description":"Keep Alive Settings.","type":"object","properties":{"tcp":{"$ref":"#/components/schemas/KeepAliveSettingsTcpKeepAliveSettings"}}},"v2ListAPIsResponse":{"description":"List of APIs that have been attached to the given application.","type":"object","properties":{"apis":{"description":"The list of APIs that are registered in the given application.","type":"array","items":{"$ref":"#/components/schemas/v2API"},"x-order":0}}},"v2ListApplicationsResponse":{"description":"List of applications in the given tenant.","type":"object","properties":{"applications":{"description":"The list of applications that are registered in the given tenant.","type":"array","items":{"$ref":"#/components/schemas/v2Application"},"x-order":0}}},"v2ListClustersResponse":{"description":"List of clusters that are registered in the platform.","type":"object","properties":{"clusters":{"description":"The list of clusters that are registered in the platform.","type":"array","items":{"$ref":"#/components/schemas/v2Cluster"},"x-order":0}}},"v2ListEgressGatewaysResponse":{"description":"Lost of all Egress Gateway objects in the gateway group.","type":"object","properties":{"egressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2EgressGateway"},"x-order":0}}},"v2ListGatewayGroupsResponse":{"description":"List of all gateway groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListIngressGatewaysResponse":{"description":"Lost of all Ingress Gateway objects in the gateway group.","type":"object","properties":{"ingressGateways":{"type":"array","items":{"$ref":"#/components/schemas/v2IngressGateway"},"x-order":0}}},"v2ListIstioInternalGroupsResponse":{"description":"List of all Istio internal in the workspace.","type":"object","properties":{"groups":{"description":"The list of requested groups.","type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListMetricsResponse":{"description":"List of telemetry metrics from the resource.","type":"object","properties":{"metrics":{"type":"array","items":{"$ref":"#/components/schemas/v2Metric"},"x-order":0}}},"v2ListOrganizationSettingsResponse":{"description":"List of all existing Organization settings objects in the Organization group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2OrganizationSetting"},"x-order":0}}},"v2ListOrganizationsResponse":{"type":"object","title":"List of organizations that exist in TSB.\\n$hide_from_docs","properties":{"organizations":{"type":"array","items":{"$ref":"#/components/schemas/v2Organization"},"x-order":0}}},"v2ListRolesResponse":{"description":"List of all existing roles.","type":"object","properties":{"roles":{"type":"array","items":{"$ref":"#/components/schemas/v2Role"},"x-order":0}}},"v2ListSecurityGroupsResponse":{"description":"List of all security groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListSecuritySettingsResponse":{"description":"List of all security settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2SecuritySetting"},"x-order":0}}},"v2ListServiceAccountsResponse":{"description":"List of existing Service Accounts.","type":"object","properties":{"serviceAccounts":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceAccount"},"x-order":0}}},"v2ListServiceRoutesResponse":{"description":"List of all service routes defined in the traffic group.","type":"object","properties":{"serviceRoutes":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceRoute"},"x-order":0}}},"v2ListServiceSecuritySettingsResponse":{"description":"List of all Service Security Settings objects attached to the group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2ServiceSecuritySetting"},"x-order":0}}},"v2ListServicesResponse":{"type":"object","title":"Response with a list of registered services","properties":{"services":{"type":"array","title":"The requested registered services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ListSourcesResponse":{"description":"List of telemetry sources from the resource.","type":"object","properties":{"sources":{"type":"array","items":{"$ref":"#/components/schemas/v2Source"},"x-order":0}}},"v2ListTeamsResponse":{"description":"List of existing teams.","type":"object","properties":{"teams":{"type":"array","items":{"$ref":"#/components/schemas/v2Team"},"x-order":0}}},"v2ListTenantExtensionsResponse":{"description":"List of all existing WasmExtensions objects assigned to the Tenant.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListTenantSettingsResponse":{"description":"List of all existing Tenant settings objects in the Tenant.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TenantSetting"},"x-order":0}}},"v2ListTenantsResponse":{"description":"List of available tenants.","type":"object","properties":{"tenants":{"description":"The list of available tenants.","type":"array","items":{"$ref":"#/components/schemas/v2Tenant"},"x-order":0}}},"v2ListTier1GatewaysResponse":{"description":"List of all Tier1 Gateway objects in the gateway group.","type":"object","properties":{"tier1Gateways":{"type":"array","items":{"$ref":"#/components/schemas/v2Tier1Gateway"},"x-order":0}}},"v2ListTrafficGroupsResponse":{"description":"List of all existing traffic groups in the workspace.","type":"object","properties":{"groups":{"type":"array","items":{"$ref":"#/components/schemas/v2Group"},"x-order":0}}},"v2ListTrafficSettingsResponse":{"description":"List of all existing traffic settings objects in the traffic group.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2TrafficSetting"},"x-order":0}}},"v2ListUsersResponse":{"description":"List of existing Users.","type":"object","properties":{"users":{"type":"array","items":{"$ref":"#/components/schemas/v2User"},"x-order":0}}},"v2ListWasmExtensionResponse":{"description":"List of WASM Extensions.","type":"object","properties":{"extensions":{"type":"array","items":{"$ref":"#/components/schemas/v2WasmExtension"},"x-order":0}}},"v2ListWorkspaceSettingsResponse":{"description":"The existing settings objects for the given workspace.","type":"object","properties":{"settings":{"type":"array","items":{"$ref":"#/components/schemas/v2WorkspaceSetting"},"x-order":0}}},"v2ListWorkspacesResponse":{"description":"The existing workspaces for the given tenant.","type":"object","properties":{"workspaces":{"type":"array","items":{"$ref":"#/components/schemas/v2Workspace"},"x-order":0}}},"v2LocalAuthzRule":{"description":"Bindings define the subjects that can access the resource a policy is attached to,\\nand the conditions that need to be met for that access to be granted.\\nA policy can have multiple bindings to configure different access controls for specific\\nsubjects.","type":"object","title":"LocalAuthzRule","required":["name"],"properties":{"name":{"description":"A friendly name to identify the binding.","type":"string","x-order":0},"from":{"description":"Subjects configure the actors (end users, other services)  that are allowed to access the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/v2Subject"},"x-order":1},"to":{"description":"A set of HTTP rules that need to be satisfied by the HTTP requests to get access to the\\ntarget resource.","type":"array","items":{"$ref":"#/components/schemas/LocalAuthzRuleHttpOperation"},"x-order":2}}},"v2Measure":{"description":"A measure represents the name and unit of a measurement.\\nFor example, request latency in ms and the number of errors are examples of measures to collect from a server. In\\nthis case latency would be the type and ms (millisecond) is the unit.","type":"object","properties":{"name":{"description":"The name of the measure. For instance latency in ms. More reference values can be found at\\nMeshControlledMeasureNames.","type":"string","x-order":0},"unit":{"description":"The unit of measure, which follow the [unified code for units of measure](https://ucum.org/ucum.html).\\nFor COUNTABLE measures, as number of requests or network packets, SHOULD use the default unit, the unity, and\\n[annotations](https://ucum.org/ucum.html#para-curly) with curly braces to give additional meaning.\\nFor example {requests}, {packets}, {errors}, {faults}, etc.","type":"string","x-order":1}}},"v2Metadata":{"description":"Metadata includes additional information about an ApprovalPolicy or Access entity and\\ntheir respective resources that they apply to.","type":"object","properties":{"details":{"$ref":"#/components/schemas/MetadataDetails"},"rules":{"description":"Permissions includes permissions for which an authenticated user is allowed to perform.\\nThis applies to ApprovalPolicy or Access entities respectively.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":1}}},"v2Metric":{"description":"A metric is a measurement about a service, captured at runtime. Logically, the moment of capturing one of\\nthese measurements is known as a metric event which consists not only of the measurement itself, but the time\\nthat it was captured and associated metadata.\\n\\nApplication and request metrics are important indicators of availability and performance.\\nCustom metrics can provide insights into how availability indicators impact user experience or the business.\\nCollected data can be used to alert of an outage or trigger scheduling decisions to scale up a deployment\\nautomatically upon high demand.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the metric.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the metric.\\n$hide_from_yaml","x-order":3},"observedResource":{"description":"Which concrete TSB resource in the configuration hierarchy this metric observes and belongs to.\\nFor instance, a metric can observe a service, a concrete service workload (pod or Vm), or a gateway,\\nor a workspace, or any other resource in the configuration hierarchy.","type":"string","x-order":4,"readOnly":true},"measure":{"$ref":"#/components/schemas/v2Measure"},"type":{"$ref":"#/components/schemas/v2MetricType"},"origin":{"$ref":"#/components/schemas/v2MetricOrigin"},"detectionPoint":{"$ref":"#/components/schemas/v2MetricDetectionPoint"}}},"v2MetricDetectionPoint":{"description":"From which detection point the metric is observed.\\n\\n - IN_SERVICE: Self observability metrics uses in service detect point.\\n - CLIENT_SIDE: Client side is how the client is observing the metric. When service A calls service B, service A acts\\nas a client side.\\n - SERVER_SIDE: Server side is how the server is observing the metric. When service A calls service B, service B\\nacts as the server side.","type":"string","default":"INVALID_METRIC_DETECTION_POINT","enum":["INVALID_METRIC_DETECTION_POINT","IN_SERVICE","CLIENT_SIDE","SERVER_SIDE"]},"v2MetricOrigin":{"description":"From where the metric measurements come from.\\n\\n - MESH_CONTROLLED: The metrics origin is from a TSB configured mesh, capturing the metrics from the\\nsidecar\'s available observability.\\n - AGENT_OBSERVED: An agent which can be standalone or service with automatically instrumentation via byte code injection.\\nCurrently not available. Part of hybrid observability.\\n - MESH_IMPORTED: Other known mesh generated metrics that are not configured and handled by TSB.\\nCurrently not available. Part of hybrid observability.\\n - EXTERNAL_IMPORTED: External captured metrics that are either imported into TSB observability stack or queried at runtime.\\nCurrently not available. Part of hybrid observability.","type":"string","default":"INVALID_METRIC_ORIGIN","enum":["INVALID_METRIC_ORIGIN","MESH_CONTROLLED","AGENT_OBSERVED","MESH_IMPORTED","EXTERNAL_IMPORTED"]},"v2MetricType":{"description":"Metric types are the aggregation function applied to the measurements that took place over a period of time.\\nSome metric types like LABELED_COUNTER and PERCENTILE also additionally aggregated over the set of defined labels.","type":"object","properties":{"name":{"$ref":"#/components/schemas/v2MetricTypeType"},"labels":{"description":"The labels associated with the metric type.\\nSome aggregation function are not just applied over time. LABELED_COUNTER and PERCENTILE metric types also\\naggregate over their labels. For instance, a PERCENTILE metric type over the latency, will aggregate the measured\\nlatency over the different defined percentiles, p50, p75, p90, p95, and p99.","type":"array","items":{"$ref":"#/components/schemas/v2MetricTypeLabel"},"x-order":1}}},"v2MetricTypeLabel":{"description":"Label of metric type. Also seen a other dimensions of aggregation besides the time interval on which measurements\\nare aggregated over.","type":"object","properties":{"key":{"description":"The label key.","type":"string","x-order":0},"value":{"description":"The label value, for instance p50, or p75.","type":"string","x-order":1}}},"v2MetricTypeType":{"description":" - GAUGE: Is the last seen measurement over a period of time.\\n - COUNTER: Is the sum of number of measurement over a period of time. Used in number of request style of metrics.\\n - AVERAGE: Average function applied to the measurements. Used in Duration/latency style of metrics.\\n - PERCENT: Percentage function applied to a given observed value over the total observer values.\\nUsed in SLA style of metrics, for example the percentage of errored responses over the total server responses.\\n - APDEX: Application Performance Index monitors end-user satisfaction.\\n[Apdex score](https://www.tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health)\\n - HEATMAPS: Heat maps are a three dimensional visualization, using x and y coordinates for two dimensions, and color\\nintensity for the third. They can reveal detail that summary statistics, such as line charts of averages,\\ncan miss. Latency measurements can be aggregated using Heatmaps/histograms. One dimension is often time, the\\nother is the latency, and the third one (the intensity) is the frequency of that latency in the given time range.\\n - LABELED_COUNTER: Is the sum of number of measurement over time grouped by concrete label values. Used for counting responses by\\ntheir http response code for instance.\\n - PERCENTILE: This is a specific subtype of LABELED_COUNTER. Used in duration/latency style metrics.\\n - CPM: Calls per minute used. Used in requests per minute, or in 5xx http errors per minute, 4xx http errors per\\nminute, among other metrics.\\n - MAX: Selects the highest measurement over a period of time. Envoy max allocated style metrics.","type":"string","default":"INVALID_METRIC_TYPE","enum":["INVALID_METRIC_TYPE","GAUGE","COUNTER","AVERAGE","PERCENT","APDEX","HEATMAPS","LABELED_COUNTER","PERCENTILE","CPM","MAX"]},"v2Namespace":{"type":"object","title":"A Kubernetes namespace. These are automatically discovered by the\\nService Bridge agents in the cluster.\\n$hide_from_yaml","properties":{"name":{"type":"string","x-order":0},"services":{"type":"array","items":{"$ref":"#/components/schemas/v2Service"},"x-order":1}}},"v2NamespaceScoping":{"description":"Configure the default scoping of namespaces in this cluster.","type":"object","properties":{"scope":{"$ref":"#/components/schemas/NamespaceScopingScope"},"exceptions":{"description":"Namespaces to be excluded form the default scope.\\nIf the scope is set to global, this list will contain namespaces that are\\nconsidered local. If the scope is set to local, this list will contain\\nnamespaces that are considered global.","type":"array","items":{"type":"string"},"x-order":1}}},"v2NamespaceSelector":{"type":"object","title":"`NamespaceSelector` selects a set of namespaces across one or more\\nclusters in a tenant. Namespace selectors can be used at Workspace\\nlevel to carve out a chunk of resources under a tenant into an\\nisolated configuration domain. They can be used in a Traffic,\\nSecurity, or a Gateway group to further scope the set of namespaces\\nthat will belong to a specific configuration group.\\nNames in namespaces selector must be in the form `cluster/namespace`\\nwhere:\\n- cluster must be a cluster name or an `*` to mean all clusters\\n- namespace must be a namespace name, an `*` to mean all namespaces\\n  or a prefix like `ns-*` to mean all those namespaces starting\\n  by `ns-`","required":["names"],"properties":{"names":{"description":"- `*/ns1` implies `ns1` namespace in any cluster.\\n\\n- `c1/ns1` implies `ns1` namespace from `c1` cluster.\\n\\n- `c1/*` implies all namespaces in `c1` cluster.\\n\\n- `*/*` implies all namespaces in all clusters.\\n\\n- `c1/ns*` implies all namespaces prefixes by `ns` in `c1` cluster.","type":"array","title":"Under the tenant/workspace/group:","items":{"type":"string"},"x-order":0}}},"v2Organization":{"description":"`Organization` is the root of the Service Bridge object hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3}}},"v2OrganizationSetting":{"description":"Settings that apply globally to the entire organization.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"networkSettings":{"$ref":"#/components/schemas/OrganizationSettingNetworkSettings"},"regionalFailover":{"description":"Default locality routing settings for all gateways.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":5},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Permission":{"description":"A permission defines an action that can be performed on a\\nresource. By default access to resources is denied unless an\\nexplicit permission grants access to perform an operation against\\nit.\\n\\n - INVALID: Default value to designate no value was explicitly set for the permission.\\n - READ: The read permission grants read-only access to the resource.\\n - WRITE: The write permission allows the subject to modify an existing resource.\\n - CREATE: The create permission allows subjects to create child resources on the resource.\\n - DELETE: The delete permission grants permissions to delete the resource.\\n - SET_POLICY: The set-iam permission allows subjects to manage the access policies for the resources.","type":"string","default":"INVALID","enum":["INVALID","READ","WRITE","CREATE","DELETE","SET_POLICY"]},"v2Port":{"description":"Port exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","required":["number"],"properties":{"number":{"description":"A valid non-negative integer port number.","type":"integer","format":"int64","x-order":0},"name":{"description":"Name assigned to the port.","type":"string","x-order":1},"serviceDeployments":{"type":"array","title":"The list of FQNs of the instances that expose this port","items":{"type":"string"},"x-order":2,"readOnly":true}}},"v2PropagationStrategy":{"description":"The PropagationStrategy is the key differentiating factor to decide how a security\\npolicy should be propagated and applied at runtime across clusters.\\nThe default propagation strategy is REPLACE, in which a lower level SecuritySetting\\nin the configuration hierarchy replaces a higher level SecuritySetting.\\nThe STRICTER PropagationStrategy on the other hand makes sure the default\\nSecuritySettings configured at the parent level are always enforced and propagated\\ndown the hierarchy unless additional SecuritySettings are defined and restricted\\nfurther in the configuration hierarchy.\\n\\n* `REPLACE` should be used when resources in the hierarchy are allowed to override the default\\nsettings configured at the higher levels.\\n* `STRICTER` should be used when the default settings must prevail, and the settings can only be\\nmade more restrictive by child resources at lower levels of the hierarchy.\\n\\nWhen a resource or property of it affected by the propagation strategy is propagated down the hierarchy, regardless\\nof the defined strategy (`REPLACE` or `STRICTER`), a parent defined resource or a property of the\\nresource will be used (propagated) in absence of a child resource or a property of it.\\n\\nFor example, the following policy configures optional mTLS for traffic within the workspace, but\\nit allows SecuritySettings to modify it. The example shows a workspace that configures\\nservice-to-service access so that only services in the same workspace can talk to each other.\\nThe `REPLACE` propagation policy allows individual settings to override it. In the example, the\\nSecuritySettings allows services within that group to be reachable from any\\nservice in the cluster, regardless for the workspace they belong to, even though the Workspace\\nrestricts service-to-service access to only services in the Workspace.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: REPLACE\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\n`STRICTER` propagation configures defaults that can be only be restricted down the hierarchy.\\nThe following example configures the same WorkspaceSetting but with a `STRICTER` propagation mode.\\nThe `defaults` SecuritySetting further narrows down that access to the `GROUP` scope, which is\\nallowed because GROUP is more strict than WORKSPACE. However, the `defaults-invalid` SecuritySetting\\nconfigures `CLUSTER` access, which would widen the scope defined at the Workspace. That settings will\\nnot be allowed based on the `STRICTER` propagation policy.\\n\\n```yaml\\napiVersion: api.tsb.tetrate.io/v2\\nkind: WorkspaceSetting\\nmetadata:\\n  name: w1-settings\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  defaultSecuritySetting:\\n    propagationStrategy: STRICTER\\n    authorization:\\n      mode: WORKSPACE\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults\\n  group: t1\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: GROUP\\n---\\napiVersion: security.tsb.tetrate.io/v2\\nkind: SecuritySetting\\nmetadata:\\n  name: defaults-invalid\\n  group: t2\\n  workspace: w1\\n  tenant: mycompany\\n  organization: myorg\\nspec:\\n  authorization:\\n    mode: CLUSTER\\n```\\n\\nFurther details of how security settings are resolved between in `STRICTER` mode between a parent and a\\nchild resource can be found in the [SecuritySettings reference](../../security/v2/security_setting#securitysetting).\\n\\n - REPLACE: Is the default configuration propagation strategy.\\nA lower defined configuration in the hierarchy will replace a higher configuration in the hierarchy.\\nOtherwise, if a lower configuration is not defined, the configuration higher up in the hierarchy will\\nprevail.\\nFor instance, a defined default propagation strategy for workspace default security settings\\nwill replace tenant\'s defined default security settings.\\n - STRICTER: STRICTER propagation strategy propagates the strictest configuration between a defined higher level and\\na defined lower level configuration in the hierarchy. If a lower level configuration in the hierarchy\\nis not defined, the higher one will prevail.\\nWhich configuration is stricter than the other is defined by each concrete configuration that allows specifying\\na propagation strategy.","type":"string","default":"REPLACE","enum":["REPLACE","STRICTER"]},"v2Query":{"type":"object","title":"Query format of the resource lookup for the permission check","properties":{"queryId":{"description":"Optional ID that is an open string the caller can use for correlation purposes.","type":"string","x-order":0},"fqn":{"description":"Fully-qualified name of the resource.","type":"string","x-order":1}}},"v2QueryPoliciesResponse":{"description":"QueryPoliciesResponse is the response message for QueryPolicies.","type":"object","properties":{"policies":{"description":"Policies is a list of policies that match the query.","type":"array","items":{"$ref":"#/components/schemas/v2ApprovalPolicy"},"x-order":0}}},"v2QueryResourcePermissionsRequest":{"description":"Request to query permissions on multiple records.\\n\\nExample:\\nQueryResourcePermissionsRequest {\\n  Queries: []Query{\\n    Query{\\n      QueryID: \\"1234\\",\\n      Kind: Query_Fqn{\\n        Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"queries":{"description":"One or more resources to query permissions on, limited to 100 per request.","type":"array","items":{"$ref":"#/components/schemas/v2Query"},"x-order":0}}},"v2QueryResourcePermissionsResponse":{"description":"Response with permissions for the requested queries.\\n\\nExample:\\nQueryResourcePermissionsResponse {\\n  Results: []Result{\\n    Result{\\n      Request: Query{\\n        QueryID: \\"1234\\",\\n        Kind: Query_Fqn{\\n          Fqn: \\"tetrate/tenants/default/workspaces/example\\"\\n        }\\n      },\\n      Rules: []*Role_Rule{\\n        {\\n           Types: []*Role_ResourceType{\\n             {\\n               ApiGroup: \\"api.tsb.tetrate.io/v2\\",\\n               Kinds: []string{\\"Workspace\\"}\\n             }\\n           },\\n           Permissions: []Permission{\\"READ\\"}\\n        }\\n      }\\n    }\\n  }\\n}","type":"object","properties":{"results":{"type":"array","title":"List of permission results for the requested queries","items":{"$ref":"#/components/schemas/QueryResourcePermissionsResponseResult"},"x-order":0}}},"v2RateLimitSettings":{"description":"Configuration for ratelimiting HTTP/gRPC requests\\nThis has a list of rate limit rules that can be configured.\\nWith each rule a list of dimensions can be defined.\\nA request counts towards the limit if all of the dimensions match the\\nattributes of the request.\\nWhen the matched requests exceed the limit, a 429 response is returned.","type":"object","required":["rules"],"properties":{"rules":{"description":"A list of rules for ratelimiting.\\nEach rule defines a list of dimensions to match on and the rate limit value\\nfor the rule. Each rule is independant of the other.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitRule"},"x-order":0},"failClosed":{"description":"If the rate limit service is unavailable, the request will fail\\nif failClosed is set to true. Defaults to false.","type":"boolean","x-order":1},"timeout":{"description":"The timeout in seconds for the rate limit server RPC.\\nDefaults to 0.020 seconds (20ms).\\nTraffic will not be allowed to the destination if failClosed is set to true\\nand the request to the rate limit server times out.","type":"string","x-order":2}}},"v2RateLimitSettingsRateLimitDimension":{"description":"RateLimitDimension is a condition to match HTTP requests\\nthat should be rate limited.","type":"object","properties":{"remoteAddress":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimensionRemoteAddress"},"header":{"$ref":"#/components/schemas/RateLimitDimensionHeader"}}},"v2RateLimitSettingsRateLimitDimensionRemoteAddress":{"description":"RateLimit based on the client\'s remote address, extracted from\\nthe trusted X-Forwarded-For header.","type":"object","required":["value"],"properties":{"value":{"description":"Ratelimit on a specific remote address.\\nIf the value is set to \\"*\\", ratelimit on\\nevery unique remote address.","type":"string","x-order":0}}},"v2RateLimitSettingsRateLimitRule":{"description":"RateLimitRule is the block to define each internal ratelimit configuration.","type":"object","required":["dimensions","limit"],"properties":{"dimensions":{"description":"A list of dimensions to define each ratelimit rule.\\nRequests count towards the ratelimit value only when each and every\\ncondition in a dimension is matched for a given HTTP request.","type":"array","items":{"$ref":"#/components/schemas/v2RateLimitSettingsRateLimitDimension"},"x-order":0},"limit":{"$ref":"#/components/schemas/RateLimitSettingsRateLimitValue"}}},"v2RateLimiting":{"description":"Configuration for ratelimiting\\nHTTP/gRPC requests can be rate limited based on a variety of\\nattributes in the request such as headers (including cookies), URL\\npath/prefixes, client remote address etc.","type":"object","properties":{"settings":{"$ref":"#/components/schemas/v2RateLimitSettings"},"externalService":{"$ref":"#/components/schemas/v2ExternalRateLimitServiceSettings"}}},"v2ReachabilitySettings":{"description":"`ReachabilitySettings` define the set of services and hosts\\naccessed by a workload (and hence its sidecar) in the\\nmesh. Defining the set of services accessed by a workload (i.e. its\\ndependencies) in advance reduces the memory and CPU consumption\\nboth the Istio control plane and the individual Envoy proxy workloads in\\nthe data plane.","type":"object","properties":{"mode":{"$ref":"#/components/schemas/ReachabilitySettingsMode"},"hosts":{"description":"When the mode is `CUSTOM`, `hosts` specify the set of services\\nthat the sidecar should be able to reach. Must be in the\\n`&lt;namespace&gt;/&lt;fqdn&gt;` format.\\n\\n- `./*` indicates all services in the namespace where the sidecar resides.\\n\\n- `ns1/*` indicates all services in the `ns1` namespace.\\n\\n- `ns1/svc1.com` indicates `svc1.com` service in `ns1` namespace.\\n\\n- `*/svc1.com` indicates `svc1.com` service in any namespace.","type":"array","items":{"type":"string"},"x-order":1}}},"v2ReachabilitySettingsMode":{"description":"- UNSET: Inherit from parent if possible. Otherwise treated as `CLUSTER`.\\n - NAMESPACE: The workload may talk to any service in its own namespace.\\n - GROUP: The workload may talk to any service in the traffic group.\\n - WORKSPACE: The workload may talk to any service in the workspace.\\n - CLUSTER: The workload may talk to any service in the cluster.\\n - CUSTOM: The workload may talk to services defined explicitly.","type":"string","title":"A short cut for defining the common reachability patterns","default":"UNSET","enum":["UNSET","NAMESPACE","GROUP","WORKSPACE","CLUSTER","CUSTOM"]},"v2Redirect":{"type":"object","properties":{"uri":{"description":"On a redirect, overwrite the Path portion of the URL with this value.","type":"string","x-order":0},"authority":{"description":"On a redirect, overwrite the Authority/Host portion of the URL with this value.","type":"string","x-order":1},"redirectCode":{"description":"On a redirect, Specifies the HTTP status code to use in the redirect\\nresponse. It is expected to be 3XX. The default response code is MOVED_PERMANENTLY (301).","type":"integer","format":"int64","x-order":2},"port":{"type":"integer","format":"int64","title":"On a redirect, overwrite the Port portion of the URL with this value","x-order":3},"scheme":{"description":"On a redirect, overwrite the scheme with this one. This can be used\\nto perform http -&gt; https redirect by setting this to \\"https\\". Currently,\\nthe only supported values are \\"http\\" and \\"https\\" (in lower-case).","type":"string","x-order":4}}},"v2RegionalFailover":{"description":"Specify the traffic failover policy across regions. Since zone and sub-zone\\nfailover is supported by default this only needs to be specified for\\nregions when the operator needs to constrain traffic failover so that\\nthe default behavior of failing over to any endpoint globally does not\\napply. This is useful when failing over traffic across regions would not\\nimprove service health or may need to be restricted for other reasons\\nlike regulatory controls.","type":"object","properties":{"from":{"description":"Originating region.","type":"string","x-order":0},"to":{"description":"Destination region the traffic will fail over to when endpoints in\\nthe \'from\' region become unhealthy.","type":"string","x-order":1}}},"v2ResilienceSettings":{"description":"ResilienceSettings control the reliability knobs in Envoy when making\\noutbound connections from a gateway or proxy workload.","type":"object","properties":{"httpRequestTimeout":{"description":"Timeout for HTTP requests. Disabled if not set.","type":"string","x-order":0},"httpRetries":{"$ref":"#/components/schemas/v2HTTPRetry"},"tcpKeepalive":{"description":"Deprecated. This field will be removed in upcoming releases.\\nPlease use the `keep_alive` field instead.\\nIf enabled, sets SO_KEEPALIVE on the socket to enable TCP keepalive.","type":"boolean","x-order":2},"keepAlive":{"$ref":"#/components/schemas/v2KeepAliveSettings"},"circuitBreakerSensitivity":{"$ref":"#/components/schemas/ResilienceSettingsSensitivity"}}},"v2ResourceStatus":{"description":"The ResourceStatus object provides information about the status of the configuration\\nrelated to an Application or an API object.\\n\\nApplications and APIs are translated into configuration objects (config groups, ingress\\ngateways, etc). This status object reflects the status of the Application and APIs with\\nregard to the generated configuration, and exposes any configuration mismatch.\\nThis status only reflects the status of the configuration objects in Service Bridge. It\\ndoes not provide information about the status of the generated configuration in the final\\nclusters.","type":"object","properties":{"status":{"$ref":"#/components/schemas/applicationv2Status"},"resources":{"description":"List of the individual configuration resource statuses.","type":"array","items":{"$ref":"#/components/schemas/ResourceStatusConfigResourceStatus"},"x-order":1,"readOnly":true}}},"v2ResourceStatusStatus":{"description":"Simple `Status` of the current resource. It\'s a projection of its details\\n(events, etc.) that allows to easily know the status of the resource\\nwithout requiring to check the details.\\n\\n - INVALID: INVALID status should never be reached.\\nIt indicates some problem occurred with the resource status, and would\\nneed to contact the admin to troubleshoot it.\\nIt\'s the default value but it\'s always expected to have one of the other\\nvalues.\\n - ACCEPTED: ACCEPTED is reached when the provided configuration has been validated\\nand persisted by the TSB server.\\n - READY: READY is reached when the resource is ready to be used.\\nNon-configurable resources, like Organizations, Tenants or Users, will\\nbe ready as soon they are created.\\nThe configurable ones are ready when its configuration has been\\npropagated to all the clusters.\\n - FAILED: FAILED is reached in different situations, such as when:\\n- a resource configuration triggered some internal error.\\n- an offending resource affects the correct behaviour of the configuration.\\nThe `message` and `details` fields of the `ResourceStatus` provides the\\nroot cause of the error.\\n - DIRTY: DIRTY is reached when the resources that are dependent on others\\nhave not reached the desired status (even when they are not FAILED).\\nFor example, an `API` resource that caused the creation of an `IngressGateway`\\ncould reach this status if the `IngressGateway` has been modified or removed directly.\\n - PARTIAL: PARTIAL is reached for those resources that are dependent on other resources statuses,\\nand not all the resources share the same status.","type":"string","default":"INVALID","enum":["INVALID","ACCEPTED","READY","FAILED","DIRTY","PARTIAL"]},"v2Role":{"description":"`Role` is a named collection of permissions that can be assigned to\\nany user or team in the system.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"rules":{"description":"A set of rules that define the permissions associated with each API group.","type":"array","items":{"$ref":"#/components/schemas/RoleRule"},"x-order":4}}},"v2Route":{"description":"One or more destinations in a local/remote cluster for the given request.","type":"object","required":["host"],"properties":{"host":{"description":"The destination service in `&lt;namespace&gt;/&lt;fqdn&gt;` format for\\n`IngressGateway` resources. For `Tier1Gateway` resources, the\\ndestination must be in `&lt;clusterName&gt;/&lt;namespace&gt;/&lt;fqdn&gt;` format,\\nwhere cluster name corresponds to a cluster name created in the\\nmanagement plane. The `fqdn` must be the fully qualified name of\\nthe destination service in a cluster.","type":"string","x-order":0},"port":{"description":"The port on the service to forward the request to. Omit only if\\nthe destination service has only one port. When used for routing\\nfrom Tier1 gateways, the port specified here will be used only if\\nthe Tier1 gateway is doing TLS passthrough.","type":"integer","format":"int64","x-order":1}}},"v2Rule":{"description":"`Rule` matches request from a targeted resource (and the workloads that belong to the resource),\\nto another targeted resource (and the workloads that belong to the resource).\\nA match occurs when `from` and `to` matches the request.\\nOnly resources of type Tenant, Workspace, or Security Group can be targeted.","type":"object","required":["from","to"],"properties":{"from":{"$ref":"#/components/schemas/RuleFrom"},"to":{"$ref":"#/components/schemas/RuleTo"}}},"v2SecuritySetting":{"description":"A security setting applies configuration to a set of proxy workloads in a\\nsecurity group or a workspace. When applied to a security group,\\nmissing fields will inherit values from the workspace-wide setting if any.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"authentication":{"$ref":"#/components/schemas/SecuritySettingAuthenticationMode"},"authorization":{"$ref":"#/components/schemas/v2AuthorizationSettings"},"authenticationSettings":{"$ref":"#/components/schemas/v2AuthenticationSettings"},"waf":{"$ref":"#/components/schemas/v2WAFSettings"},"propagationStrategy":{"$ref":"#/components/schemas/v2PropagationStrategy"},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this SecuritySettings\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enabling and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":9}}},"v2ServerTLSSettings":{"type":"object","properties":{"mode":{"$ref":"#/components/schemas/v2ServerTLSSettingsTLSMode"},"secretName":{"description":"The name of the secret in Kubernetes that holds the TLS certs\\nincluding the CA certificates. The secret (type generic) should\\ncontain the following keys and values: key: `&lt;privateKey&gt;`, cert:\\n`&lt;serverCert&gt;`, cacert: `&lt;CACertificate&gt;`.","type":"string","x-order":1},"files":{"$ref":"#/components/schemas/ServerTLSSettingsFileSource"}}},"v2ServerTLSSettingsTLSMode":{"type":"string","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2Service":{"description":"A service in the registry that represents an aggregated and logical view for all those individual\\nservices, and provides high-level features such as aggregated metrics.","type":"object","required":["shortName","serviceType","state"],"properties":{"fqn":{"description":"Fully-qualified name of the resource. This field is read-only.","type":"string","x-order":0,"readOnly":true},"displayName":{"description":"User friendly name for the resource.","type":"string","x-order":1},"etag":{"description":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.","type":"string","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"shortName":{"description":"Short name for the service, used to uniquely identify it within the organization.","type":"string","x-order":4},"hostnames":{"description":"The hostnames by which this service is accessed. Can correspond to the hostname of\\nan internal service or that ones of a virtual host on a gateway.","type":"array","items":{"type":"string"},"x-order":5},"ports":{"description":"The set of ports on which this service is exposed.","type":"array","items":{"$ref":"#/components/schemas/v2Port"},"x-order":6},"subsets":{"description":"Deprecated. Use subset_deployments instead.\\nSubset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"type":"string"},"x-order":7,"readOnly":true},"serviceType":{"$ref":"#/components/schemas/v2ServiceType"},"externalAddresses":{"description":"For kubernetes services of type load balancer, this field contains the list of lb hostnames or\\nIPs assigned to the service.","type":"array","items":{"type":"string"},"x-order":9},"state":{"$ref":"#/components/schemas/v2State"},"metrics":{"description":"- global:        *|productpage|bookinfo|*|*\\n  - v1:            v1|productpage|bookinfo|*|*\\n  - v1 (cluster1): v1|productpage|bookinfo|cluster1|*\\n\\nThis is only available for Observed and Controlled services.","type":"array","title":"Services may expose different metrics.\\nFor example, a regular service may expose the usual red metrics for incoming requests.\\nServices running in multiple clusters, may provide different aggregation levels, such as\\naggregation by cluster, by subset, etc.\\nThis list provides a complete list of all the aggregation keys that are available for this\\nparticular service.\\nFor example, a service that has instances in multiple clusters could provide the following\\nmetrics:","items":{"$ref":"#/components/schemas/ServiceMetricConfig"},"x-order":11,"readOnly":true},"serviceDeployments":{"description":"List of the existing deployments for this service.\\nThis is only available for internal and load balancer services and correspond to physical services\\nin the onboarded clusters.\\nThis field is read-only.","type":"array","items":{"$ref":"#/components/schemas/ServiceServiceDeployment"},"x-order":12,"readOnly":true},"subsetDeployments":{"description":"Subset denotes a specific version of a service. By default the \'version\'\\nlabel is used to designate subsets of a workload.\\nKnown subsets for the service.","type":"array","items":{"$ref":"#/components/schemas/v2Subset"},"x-order":13,"readOnly":true},"canonicalName":{"type":"string","title":"The canonical name of the service defined by user","x-order":14},"spiffeIds":{"description":"List of SPIFFE identities used by the workloads of the service.","type":"array","items":{"type":"string"},"x-order":15}}},"v2ServiceAccount":{"description":"`ServiceAccount` represents a service account that can be used to access the TSB platform.\\nService accounts have a set of associated public and private keys that can be used to generate\\nsigned JWT tokens that are suitable to authenticate to TSB.\\nA default key-pair is generated on service account creation and the public key is stored in TSB.\\nPrivate keys are returned when service accounts are created, but TSB will not store them. It\\nis up to the client to store them securely.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"description":"A description of the resource.","type":"string","x-order":3},"keys":{"type":"array","title":"Keys associated with the service account.\\nA default key-pair is automatically created when the Service Account is created. Note that\\nTSB does not store the private keys, so it is up to the client to store the returned private\\nkeys securely, as they are only returned once after creation.\\nAdditional keys can be added (and deleted) by using the corresponding key management APIs.\\n+protoc-gen-terraform:computed","items":{"$ref":"#/components/schemas/ServiceAccountKeyPair"},"x-order":4,"readOnly":true}}},"v2ServiceDestination":{"type":"object","title":"ServiceDestination is the destination service, port and subset where traffic\\nshould be routed","required":["port"],"properties":{"subset":{"type":"string","title":"Subset is the version of the service where traffic should be routed to","x-order":0},"weight":{"type":"integer","format":"int64","title":"Weight defines the amount of traffic that needs to be routed to this specific\\nversion","x-order":1},"port":{"type":"integer","format":"int64","title":"The port corresponding to the service host where traffic should be routed","x-order":2},"destinationHost":{"type":"string","title":"Service host where traffic should be routed to. This should either be a FQDN\\nor a short name for the k8s service. For example, \\"reviews\\" as destination_host will\\nbe interpreted as \\"reviews.ns1.cluster.local\\"","x-order":3}}},"v2ServiceLookupRequest":{"description":"Request for all the services in the registry that are part of the given selector.","type":"object","required":["selector","parent"],"properties":{"selector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"parent":{"type":"string","title":"The FQN of the parent object where services will be looked up","x-order":1}}},"v2ServiceLookupResponse":{"description":"List of services that are included in the provided namespace selector.","type":"object","properties":{"services":{"type":"array","title":"The affected services","items":{"$ref":"#/components/schemas/v2Service"},"x-order":0}}},"v2ServiceRoute":{"description":"A service route controls routing configurations for traffic to a\\nservice in a traffic group.\\n\\n\\n\\n","type":"object","required":["service","subsets"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"subsets":{"description":"The set of versions of a service and the percentage of traffic to\\nsend to each version.","type":"array","items":{"$ref":"#/components/schemas/ServiceRouteSubset"},"x-order":5},"stickySession":{"$ref":"#/components/schemas/ServiceRouteStickySession"},"portLevelSettings":{"type":"array","title":"In order to support multi-protocol routing, a list of all port/protocol combinations is needed.\\nThese port settings are applied to all the subsets","items":{"$ref":"#/components/schemas/ServiceRoutePortLevelTrafficSettings"},"x-order":7},"httpRoutes":{"description":"HTTPRoutes are used when HTTP traffic needs to be matched on uri, headers\\nand port and destination routes need to be set using subset-weight\\ncombinations specified within the route.\\n**Note**: If a route is specified, then the global subset-weight\\ncombinations (specified under subsets) will be ignored for the matched\\nport, as subsets within route will take effect.","type":"array","items":{"$ref":"#/components/schemas/v2HTTPRoute"},"x-order":8},"tcpRoutes":{"description":"TCPRoutes match TCP traffic based on port number. The subset-weight\\nconfiguration and priority have the same behaviour as HTTPRoutes.","type":"array","items":{"$ref":"#/components/schemas/v2TCPRoute"},"x-order":9}}},"v2ServiceSecuritySetting":{"description":"A service security setting applies configuration to a service in a\\nsecurity group. Missing fields will inherit values from the\\nworkspace-wide setting if any.\\n\\n\\n\\n","type":"object","required":["service"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"service":{"description":"The service on which the configuration is being applied. Must be in namespace/FQDN format.","type":"string","x-order":4},"settings":{"$ref":"#/components/schemas/v2SecuritySetting"},"subsets":{"description":"Subset specific settings that will replace the service wide settings for the specified service\\nsubsets.","type":"array","items":{"$ref":"#/components/schemas/ServiceSecuritySettingSubset"},"x-order":6}}},"v2ServiceSelector":{"type":"object","title":"ServiceSelector represents the match criteria to select services within a\\nparticular scope (namespace, workspace, cluster etc)","required":["serviceLabels"],"properties":{"serviceLabels":{"type":"object","title":"One or more labels that indicate a specific set of services within a particular scope","additionalProperties":{"type":"string"},"x-order":0}}},"v2ServiceType":{"description":"ServiceType denotes the exposition of a service in the mesh.\\n\\n - INTERNAL: A regular service that is not directly exposed to the outside world.\\n - LOADBALANCER: A load balancer service running only the proxy as the workload.\\n - MESH_EXTERNAL: A mesh external service.","type":"string","default":"INVALID_TYPE","enum":["INVALID_TYPE","INTERNAL","LOADBALANCER","MESH_EXTERNAL"]},"v2Source":{"description":"Source identifies a set of observed resources that have a group of metrics that emit measurements at runtime.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the telemetry source.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the telemetry source is observing.\\n$hide_from_yaml","x-order":3},"belongsTo":{"description":"Which concrete TSB resource in the configuration hierarchy this telemetry source belongs to.\\nFor instance, a telemetry source can belong to a service,or a gateway, or a workspace, or any other resource in the\\nconfiguration hierarchy.","type":"string","x-order":4,"readOnly":true},"metricSourceKey":{"description":"A key to query metric measurements from the resources that the telemetry source is observing.","type":"string","x-order":5,"readOnly":true},"type":{"$ref":"#/components/schemas/v2SourceScopeType"},"scope":{"$ref":"#/components/schemas/v2SourceScope"}}},"v2SourceScope":{"description":"Source scope defines the source\'s wingspan in the mesh. It defines how we are observing the resources.\\nFor instance we can observer a resources at service, ingress, or relation level.","type":"object","properties":{"serviceScopes":{"$ref":"#/components/schemas/SourceScopeServiceScopes"},"ingressScopes":{"$ref":"#/components/schemas/SourceScopeIngressScopes"},"relationScopes":{"$ref":"#/components/schemas/SourceScopeRelationScopes"}}},"v2SourceScopeType":{"description":"The type of scopes which defines telemetry source\'s wingspan in the mesh.\\n\\n - SERVICE: A telemetry source service based scope.\\n - INGRESS: A telemetry source ingress\'s hostname based scope.\\n - RELATION: A telemetry source relation based scope.","type":"string","default":"INVALID","enum":["INVALID","SERVICE","INGRESS","RELATION"]},"v2SourceType":{"description":"`SourceType` describes where teams come from.\\nTeams can be synchronized from the Identity Provider but can also be manually\\ncreated using the Team API to create convenient groupings of users and other\\nteams in order to configure fine-grained permissions in the Management Plane.\\n\\n - LDAP: LDAP is used for users and teams that are automatically synchronized from LDAP.\\n - LOCAL: LOCAL is used for local teams that are manually created using the TSB Team API and\\ndo not exist in the Identity Provider.\\nDeprecated. This value is deprecated and will be removed in future releases. Use \'MANUAL\' instead.\\n - AZURE: AZURE is used for users synchronized from an Azure Active Directory.\\n - MANUAL: MANUAL is used for users and teams that exist in the Identity Provider that have been manually populated.\\nMANUAL users are deprecated and Service Accounts should be used instead. Support for MANUAL users will\\nbe removed in future versions.","type":"string","default":"INVALID","enum":["INVALID","LDAP","LOCAL","AZURE","MANUAL"]},"v2State":{"description":"State denotes how deep is the knowledge of a service by the mesh. Meaning that if a service can be controlled,\\nobserved or none of these.\\n\\n - EXTERNAL: An external service is a service that is known, but that cannot be observed (we can\'t get metrics for it)\\nand cannot be controlled.\\n - OBSERVED: An observed service is a known service that we can have metrics for. For example, a service running the\\nSkywalking agents.\\n - CONTROLLED: A controlled service is a service that is part of the mesh and has a proxy we can configure.","type":"string","default":"INVALID_STATE","enum":["INVALID_STATE","EXTERNAL","OBSERVED","CONTROLLED"]},"v2StringMatch":{"description":"Describes how to match a given string in HTTP headers. Match is case-sensitive.","type":"object","properties":{"exact":{"description":"Exact string match.","type":"string","x-order":0},"prefix":{"description":"Prefix-based match.","type":"string","x-order":1},"regex":{"description":"ECMAscript style regex-based match.","type":"string","x-order":2}}},"v2Subject":{"description":"Subject identifies a user or a team under an organization. Roles are\\nassigned to subjects for specific resources in the system.","type":"object","properties":{"user":{"type":"string","title":"A user in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the user. \\nE.g. organization/myorg/users/alice","x-order":0},"team":{"type":"string","title":"A team in TSB, created through LDAP sync or API.\\nMust use the fully-qualified name (fqn) of the team. \\nE.g. organization/myorg/teams/t1","x-order":1},"serviceAccount":{"type":"string","title":"A service account in TSB.\\nMust use the fully-qualified name (fqn) of the service account. \\nE.g. organization/myorg/serviceaccounts/sa1","x-order":2}}},"v2Subset":{"description":"Subset exposed by a service.\\nRegistration RPC will complete the instances field by assigning the physical services FQNs.","type":"object","properties":{"name":{"description":"A valid subset name of a service.","type":"string","x-order":0},"serviceDeployments":{"type":"array","title":"The list of FQNs of the service deployments that expose this subset","items":{"type":"string"},"x-order":1,"readOnly":true}}},"v2SyncOrganizationResponse":{"description":"Result of the organization users and team synchronization.","type":"object","properties":{"failedUsers":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"},"failedTeams":{"$ref":"#/components/schemas/SyncOrganizationResponseFailedIds"}}},"v2TCPMatchCondition":{"type":"object","title":"TCPMatchCondition is the set of conditions to match incoming TCP traffic\\nand route accordingly","required":["name","port"],"properties":{"name":{"type":"string","title":"Name of the match condition","x-order":0},"port":{"type":"integer","format":"int64","title":"TCP match conditions only have port in match conditions","x-order":1}}},"v2TCPRoute":{"description":"TCPRoute is used to set TCP routes to service destinations on the basis of match conditions.","type":"object","required":["name"],"properties":{"name":{"type":"string","title":"Name of TCPRoute","x-order":0},"match":{"type":"array","title":"Match conditions for incoming TCP traffic","items":{"$ref":"#/components/schemas/v2TCPMatchCondition"},"x-order":1},"destination":{"type":"array","title":"Destination host:port and subset where TCP traffic should be directed","items":{"$ref":"#/components/schemas/v2ServiceDestination"},"x-order":2}}},"v2TCPServer":{"type":"object","title":"A TCP server exposed in an ingress gateway. A TCP server may be used for any TCP based protocol.\\nThis is also used for the special case of a non-HTTP protocol requiring TLS termination at the gateway","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TLS passthrough and TCP servers in a gateway.","type":"string","x-order":0},"port":{"type":"integer","format":"int64","title":"The port where the server is exposed. Two servers with different protocols can share the same port\\nonly when both of them use TLS (either terminated at the gateway or pass-through)","x-order":1},"hostname":{"description":"Hostname to identify the service. When TLS is configured, clients have to use this as\\nthe Server Name Indication (SNI) for the TLS connection. When TLS is not configured (opaque TCP),\\nthis is used to identify the service traffic for defining routing configs. Usually, this is\\nconfigured as the DNS name of the service. For instance, if clients access a zookeeper cluster\\nas `zk-1.myorg.internal` then the hostname could be specified as `zk-1.myorg.internal`. This\\nalso helps easier identification in the configs.\\n\\nThis is also used in multicluster routing. In the previous example, clients within the mesh\\ncan also use `zk-1.myorg.internal` to access this service (provided authorization policy allows it)","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2TLSFileSource":{"type":"object","title":"TLSFileSource is used to load the keys and certificates from\\nfiles accessible to the workload","properties":{"clientCertificate":{"type":"string","title":"Certificate file to authenticate the client. This\\nis mandatory for mutual TLS and must not be\\nspecified for simple (one-way) TLS","x-order":0},"privateKey":{"type":"string","title":"Private key file associated with the client certificate.\\nThis is mandatory for mutual TLS and must not be\\nspecified for simple TLS","x-order":1},"caCertificates":{"type":"string","title":"File containing CA certificates to verify the certificates\\npresented by the server. This is mandatory for both simple and\\nmutual TLS.\\nHere are some common paths for the system CA bundle on Linux and can be\\nspecified here if the server certificate is signed by a well known authority,\\nalready part of the system CA bundle on the host - \\n  /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo etc.)\\n  /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)\\n  /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)","x-order":2}}},"v2TLSMode":{"description":"- DISABLED: TLS is not used and communication is\\nin plaintext.\\n - SIMPLE: Only the server is authenticated.\\n - MUTUAL: Both the peers in the communication must\\npresent their certificate for TLS authentication","type":"string","title":"Describes how authentication is performed\\nas part of establishing TLS connection","default":"DISABLED","enum":["DISABLED","SIMPLE","MUTUAL"]},"v2TLSPassthroughServer":{"description":"A TLS server exposed in an ingress gateway. For TLS servers the gateways don\'t terminate\\nconnections and use SNI based routing.","type":"object","required":["name","port","hostname","route"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all HTTP, TCP and TLS servers in a gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Two servers with different protocols (HTTP and HTTPS) should not\\nshare the same port. Note that port 15443 is reserved for internal use.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by clients.\\nRouting will be done based on SNI matches for this hostname.\\n**NOTE:** The hostname must be unique across all gateways in the cluster in order for multicluster routing to work.","type":"string","x-order":2},"route":{"$ref":"#/components/schemas/v2Route"}}},"v2Team":{"description":"`Team` is a named collection of users under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"members":{"description":"List of members under the team.\\nThe elements of this list are the FQNs of the team members. Team members can be\\nusers, service accounts or other teams.","type":"array","items":{"type":"string"},"x-order":4},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2Tenant":{"description":"`Tenant` is a self-contained entity within an organization in the Service Bridge hierarchy.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Tenant_, all the children resources will belong to that\\nsecurity domain in the same way a _Workspace_ belongs to a _Tenant_, a _Workspace_ will also belong\\nto the security domain assigned to the _Tenant_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":4}}},"v2TenantSetting":{"description":"Default settings that apply to all workspaces under a tenant.\\n\\n\\n\\n","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"}}},"v2Tier1ExternalServer":{"description":"Tier1ExternalServer describes the properties of a server exposed\\noutside the mesh. Traffic arriving at a Tier1 external server is\\nusually TLS terminated and then forwarded over Istio mTLS to all\\nthe lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname. If `redirect` is configured then this field\\ncannot be configured.\\nTo do failover and locality based routing among clusters, either omit\\nthe clusters field or omit the weights from all the cluster destinations.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":4},"redirect":{"$ref":"#/components/schemas/v2Redirect"},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2Tier1Gateway":{"description":"`Tier1Gateway` configures a workload to act as a tier1 gateway into the mesh.\\n\\n\\n\\n","type":"object","required":["workloadSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"workloadSelector":{"$ref":"#/components/schemas/v2WorkloadSelector"},"externalServers":{"description":"One or more servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1ExternalServer"},"x-order":5},"internalServers":{"description":"One or more servers exposed by the gateway internally for cross cluster forwarding.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1InternalServer"},"x-order":6},"passthroughServers":{"description":"One or more tls passthrough servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1PassthroughServer"},"x-order":7},"tcpExternalServers":{"description":"One or more tcp servers exposed by the gateway externally.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPExternalServer"},"x-order":8},"tcpInternalServers":{"description":"One or more tcp servers exposed by the gateway for mesh internal traffic.","type":"array","items":{"$ref":"#/components/schemas/v2Tier1TCPInternalServer"},"x-order":9},"extension":{"description":"Extensions specifies all the WasmExtensions assigned to this Tier1Gateway\\nwith the specific configuration for each extension. This custom configuration\\nwill override the one configured globally to the extension.\\nEach extension has a global configuration including enablement and priority\\nthat will condition the execution of the assigned extensions.","type":"array","items":{"$ref":"#/components/schemas/v2WasmExtensionAttachment"},"x-order":10},"waf":{"$ref":"#/components/schemas/v2WAFSettings"}}},"v2Tier1InternalServer":{"description":"Tier1InternalServer describes the properties of a server exposed\\nwithin the mesh, for the purposes of forwarding traffic between two\\nclusters that cannot otherwise directly reach each other. Traffic\\narriving at a Tier1 internal server should be over Istio\\nmTLS. After TLS termination and metrics extraction, it is forwarded\\nto tier2 clusters based on the selection criteria.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all internal servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nsidecars in the mesh.","type":"string","x-order":1},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2},"authentication":{"$ref":"#/components/schemas/tsbauthv2Authentication"},"authorization":{"$ref":"#/components/schemas/tsbauthv2Authorization"}}},"v2Tier1PassthroughServer":{"description":"Tier1PassthroughServer describes the properties of a server exposed\\nto the external world. Traffic arriving at a Tier1 passthrough server is\\nnot TLS terminated and rather forwarded over to all the lower tier2 clusters.","type":"object","required":["name","port","hostname"],"properties":{"name":{"description":"A name assigned to the server. The name will be visible in the generated metrics. The name must be\\nunique across all external servers in the gateway.","type":"string","x-order":0},"port":{"description":"The port where the server is exposed. Note that port 15443 is reserved.","type":"integer","format":"int64","x-order":1},"hostname":{"description":"Hostname with which the service can be expected to be accessed by\\nclients.","type":"string","x-order":2},"clusters":{"description":"The destination clusters that contain ingress gateways exposing\\nthe hostname on passthrough servers. If omitted, traffic will be automatically load\\nbalanced across all tier2 clusters whose ingress gateways expose\\nthe above hostname.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3}}},"v2Tier1TCPExternalServer":{"description":"Tier1TCPExternalServer is used to describe the properties of a TCP server\\n(used for opaque TCP or non-HTTP protocols) exposed to the external world.\\nIf the protocol is known to be HTTP, then please use `externalServers` as\\nit allows using HTTP-specific features.\\n\\nCaveat - Currently, we don\'t support multicluster routing when Tier2 gateway\\nsettings are specified in the direct mode for TCP services. So please use\\nthe bridged mode.","type":"object","required":["name","port","hostname"],"properties":{"name":{"type":"string","title":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway","x-order":0},"port":{"description":"Valid scenarios (for same port, multiple services)\\n1. Multiple protocols (HTTP, non-HTTP) with TLS passthrough/termination\\n2. Multiple HTTP services\\n3. Single non-HTTP service without TLS\\n\\nNote on service port - If a service is exposed on port 6789 in the tier1 gateway,\\nthen it must be exposed on the same port with the same hostname (without wildcard)\\nin the tier2 gateway as well.","type":"integer","format":"int64","title":"The port where the server is exposed. Note that the port 15443 is reserved. Also\\nbeware of the conflict among the services using different protocols on the same port.\\nThe conflict occurs in the following scenarios\\n1. Using plaintext and TLS (passthrough/termination)\\n2. Mixing multiple protocols without TLS (HTTP and non-HTTP protocols like Kafka, Zookeeper etc)\\n3. Multiple non-HTTP protocols without TLS","x-order":1},"hostname":{"description":"Although hostname or authority does not make sense in the non-HTTP context, this\\nis used to define the routing rules. Wildcard hostnames are not yet supported.","type":"string","x-order":2},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":3},"tls":{"$ref":"#/components/schemas/v2ServerTLSSettings"}}},"v2Tier1TCPInternalServer":{"description":"Tier1TCPInternalServer is used to describe the properties of a TCP server\\nwhich is used exclusively within the mesh.","type":"object","required":["name","hostname"],"properties":{"name":{"description":"A name assigned to the server. This name is used in the generated metrics. The name\\nmust be unique across all TCP servers in the gateway.","type":"string","x-order":0},"hostname":{"description":"The name of the service used. Although hostname or authority does not make sense\\nin the non-HTTP context, this is used for the multicluster routing purposes. Consider\\nthe case where there are two non-HTTP services listening on the same port 6000,\\nbut are hosted on different workloads. Here, the service name is used to distinguish\\nbetween the two for routing to the correct workload. We do not support wildcard hostnames\\nyet. The ports are determined automatically by the cluster updates of the remote edge\\nclusters. Suppose there is a service called `foo.com` and the remote cluster says that\\nit exposes ports 8080 and 8443, then we can route east-west traffic for both the ports\\nthrough this server. The changes to the port or protocol settings are picked up automatically.","type":"string","x-order":1},"clusters":{"description":"The destination clusters contain ingress gateways exposing the service.","type":"array","items":{"$ref":"#/components/schemas/v2ClusterDestination"},"x-order":2}}},"v2TokenResponse":{"description":"Contains a pair of tokens for a user that can be used to authenticate against TSB.","type":"object","properties":{"accessToken":{"description":"Bearer access token that can be used to access TSB.\\nThis token is usually short-lived. The refresh token, when present, can be used to\\nobtain a new access token when it expires.","type":"string","x-order":0},"refreshToken":{"description":"Refresh token that can be used to obtain a new Bearer access token.\\nThis token is usually long-lived and should be stored securely.","type":"string","x-order":1}}},"v2TokenType":{"type":"string","default":"TOKEN_TYPE_UNSPECIFIED","enum":["TOKEN_TYPE_UNSPECIFIED","TOKEN_TYPE_ACCESS_TOKEN","TOKEN_TYPE_REFRESH_TOKEN","TOKEN_TYPE_ID_TOKEN","TOKEN_TYPE_JWT"]},"v2TrafficSetting":{"description":"A traffic setting applies configuration to a set of proxy workloads in a\\ntraffic group or a workspace. When applied to a traffic group,\\nmissing fields will inherit values from the workspace-wide setting if any.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"reachability":{"$ref":"#/components/schemas/v2ReachabilitySettings"},"resilience":{"$ref":"#/components/schemas/v2ResilienceSettings"},"egress":{"$ref":"#/components/schemas/TrafficSettingEgressGateway"},"rateLimiting":{"$ref":"#/components/schemas/v2RateLimiting"}}},"v2User":{"description":"`User` represents a user from the Identity Provider that is allowed to log into\\nthe platform.","type":"object","required":["loginName"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"loginName":{"description":"The username used in the login credentials.","type":"string","x-order":3},"firstName":{"description":"The first name of the user.","type":"string","x-order":4},"lastName":{"description":"The last name of the user, if any.","type":"string","x-order":5},"email":{"description":"Email for the user where alerts and other notifications will be sent.","type":"string","x-order":6},"sourceType":{"$ref":"#/components/schemas/v2SourceType"}}},"v2VmConfig":{"description":"Configuration for a Wasm VM.\\nmore details can be found [here](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-vmconfig).","type":"object","properties":{"env":{"description":"Specifies environment variables to be injected to this VM.\\nNote that if a key does not exist, it will be ignored.","type":"array","items":{"$ref":"#/components/schemas/v2EnvVar"},"x-order":0}}},"v2WAFSettings":{"type":"object","title":"WAFSettings configure WAF based on seclang\\nSee https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v3.x%29#Configuration_Directives","required":["rules"],"properties":{"rules":{"description":"Rules to be leveraged by WAF. The parser evaluates the list of rules from the top to the bottom.","type":"array","items":{"type":"string"},"x-order":0}}},"v2WasmExtension":{"type":"object","required":["image"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the extension.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the extension.\\n$hide_from_yaml","x-order":3},"allowedIn":{"description":"List of fqns where this extension is allowed to run.\\nIf it is empty, the extension can be used across the entire organization.\\nCurrently only Tenant resources are considered.","type":"array","items":{"type":"string"},"x-order":4},"image":{"description":"Repository and tag of the OCI image containing the WASM extension.","type":"string","x-order":5},"source":{"type":"string","title":"Source to find the code for the WASM extension","x-order":6},"phase":{"$ref":"#/components/schemas/WasmExtensionPluginPhase"},"priority":{"description":"Determines the ordering of WasmExtensions in the same phase.\\nWhen multiple WasmExtensions are applied to the same workload in the same phase, they will be applied by priority, in descending order.\\nIf no priority is assigned it will use the default 0 value.\\nIn case of several extensions having the same priority in the same phase, the fqn will be used to sort them.","type":"integer","format":"int32","x-order":8},"config":{"description":"Configuration parameters sent to the WASM plugin execution\\nThe configuration can be overwritten when instantiating the extensions in IngressGateways or Security groups.\\nThe config is serialized using proto3 JSON marshaling and passed to proxy_on_configure when the host environment starts the plugin.","type":"object","x-order":9},"imagePullPolicy":{"$ref":"#/components/schemas/WasmExtensionPullPolicy"},"imagePullSecret":{"description":"Credentials to use for OCI image pulling.\\nName of a K8s Secret in the same namespace as the `WasmPlugin` that\\ncontains a docker pull secret which is to be used to authenticate\\nagainst the registry when pulling the image.","type":"string","x-order":11},"vmConfig":{"$ref":"#/components/schemas/v2VmConfig"}}},"v2WasmExtensionAttachment":{"description":"WasmExtensionAttachment defines the WASM extension attached to this resource\\nincluding the name to identify the extension and also the specific configuration\\nthat will override the global extension configuration.\\nOnly those extensions globally enabled will be considered although they can be\\nassociated to the target resources.","type":"object","required":["fqn"],"properties":{"fqn":{"description":"Fqn of the extension to be executed.","type":"string","x-order":0},"config":{"description":"Configuration parameters sent to the WASM plugin execution.\\nThis configuration will overwrite the one specified globally in the extension.\\nThis config will be passed as-is to the extension. It is up to the extension to deserialize the config and use it.","type":"object","x-order":1}}},"v2Workload":{"description":"Info about individual workload implementing the service.","type":"object","properties":{"address":{"description":"Routable address of the workload.","type":"string","x-order":0},"name":{"description":"Instance name of the workload.","type":"string","x-order":1},"isVm":{"description":"Indicates whether the workload is kubernetes endpoint or vm.","type":"boolean","x-order":2},"proxy":{"$ref":"#/components/schemas/WorkloadProxy"}}},"v2WorkloadSelector":{"description":"`WorkloadSelector` selects one or more workloads in a\\nnamespace. `WorkloadSelector` can be used in TrafficSetting,\\nSecuritySetting, and Gateway APIs in `BRIDGED` mode to scope the\\nconfiguration to a specific set of workloads.","type":"object","required":["namespace","labels"],"properties":{"namespace":{"description":"The namespace where the workload resides.","type":"string","x-order":0},"labels":{"description":"One or more labels that indicate a specific set of pods/VMs in\\nthe namespace. If omitted, the TrafficSetting or SecuritySetting\\nconfiguration will apply to all workloads in the\\nnamespace. Labels are required for Gateway API resources.","type":"object","additionalProperties":{"type":"string"},"x-order":1}}},"v2Workspace":{"description":"A Workspace is a collection of related namespaces in one or more clusters.\\n\\n\\n\\n","type":"object","required":["namespaceSelector"],"properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"namespaceSelector":{"$ref":"#/components/schemas/v2NamespaceSelector"},"privileged":{"description":"If set to true, allows Gateways in the workspace to route to\\nservices in other workspaces. Set this to true for workspaces\\nowning cluster-wide gateways shared by multiple teams.","type":"boolean","x-order":5},"isolationBoundary":{"description":"Istio Isolation Boundary name to which this workspace belongs.\\nIf not provided explicitly, the workspace looks for an isolation boundary with\\nname set as \\"global\\". \\nTherefore, in order to move existing workspaces to isolation boundaries, and\\nbe a part of revisioned control plane, it is recommended to configure an\\nisolation boundary with the name \\"global\\".","type":"string","x-order":6},"securityDomain":{"description":"Security domains can be used to group different resources under the same security domain.\\nAlthough security domain is not resource itself currently, it follows a fqn format\\n`organizations/myorg/securitydomains/mysecuritydomain`, and a child cannot override any ancestor\'s\\nsecurity domain.\\nOnce a security domain is assigned to a _Workspace_, all the children resources will belong to that\\nsecurity domain in the same way a _Security group_ belongs to a _Workspace_, a _Security group_ will also belong\\nto the security domain assigned to the _Workspace_.\\nSecurity domains can also be used to define _Security settings Authorization rules_ in which you can allow\\nor deny request from or to a security domain.","type":"string","x-order":7}}},"v2WorkspaceSetting":{"description":"Default security and traffic settings for all proxy workloads in the workspace.","type":"object","properties":{"fqn":{"type":"string","title":"Fully-qualified name of the resource. This field is read-only.\\n$hide_from_yaml","x-order":0,"readOnly":true},"displayName":{"type":"string","title":"User friendly name for the resource.\\n$hide_from_yaml","x-order":1},"etag":{"type":"string","title":"The etag for the resource. This field is automatically computed and must be sent\\non every update to the resource to prevent concurrent modifications.\\n$hide_from_yaml","x-order":2},"description":{"type":"string","title":"A description of the resource.\\n$hide_from_yaml","x-order":3},"defaultSecuritySetting":{"$ref":"#/components/schemas/v2SecuritySetting"},"defaultTrafficSetting":{"$ref":"#/components/schemas/v2TrafficSetting"},"regionalFailover":{"description":"Locality routing settings for all gateways in the workspace. Overrides any global settings.\\n\\nExplicitly specify the region traffic will land on when endpoints in local region becomes unhealthy.\\nShould be used together with OutlierDetection to detect unhealthy endpoints.\\nNote: if no OutlierDetection specified, this will not take effect.","type":"array","items":{"$ref":"#/components/schemas/v2RegionalFailover"},"x-order":6},"defaultEastWestGatewaySettings":{"description":"Default east west gateway settings specifies workspace-wide east-west gateway configuration.\\nThis is used to configure east-west routing (required for fail-over) for the services that\\nare not exposed on the gateways. All the services matching the specified criteria is picked\\nup for exposing on the east-west gateway workload selected by the workload selector. In case,\\na service matches selectors in multiple items, the one which comes first is picked up.","type":"array","items":{"$ref":"#/components/schemas/v2EastWestGateway"},"x-order":7}}}}}}}},"docusaurus-theme-redoc":{"theme-redoc":{"lightTheme":{"typography":{"fontFamily":"var(--ifm-font-family-base)","fontSize":"var(--ifm-font-size-base)","lineHeight":"var(--ifm-line-height-base)","fontWeightLight":"var(--ifm-font-weight-light)","fontWeightRegular":"var(--ifm-font-weight-base)","fontWeightBold":"var(--ifm-font-weight-bold)","headings":{"fontFamily":"var(--ifm-heading-font-family)","fontWeight":"var(--ifm-heading-font-weight)","lineHeight":"var(--ifm-heading-line-height)"},"code":{"fontFamily":"var(--ifm-font-family-monospace)","lineHeight":"var(--ifm-pre-line-height)"}},"sidebar":{"width":"300px","backgroundColor":"#ffffff"},"rightPanel":{"backgroundColor":"#303846"},"colors":{"primary":{"main":"#ff5100"}},"theme":{"prism":{"additionalLanguages":["scala"]}}},"darkTheme":{"typography":{"fontFamily":"var(--ifm-font-family-base)","fontSize":"var(--ifm-font-size-base)","lineHeight":"var(--ifm-line-height-base)","fontWeightLight":"var(--ifm-font-weight-light)","fontWeightRegular":"var(--ifm-font-weight-base)","fontWeightBold":"var(--ifm-font-weight-bold)","headings":{"fontFamily":"var(--ifm-heading-font-family)","fontWeight":"var(--ifm-heading-font-weight)","lineHeight":"var(--ifm-heading-line-height)"},"code":{"fontFamily":"var(--ifm-font-family-monospace)","lineHeight":"var(--ifm-pre-line-height)"}},"sidebar":{"width":"300px","backgroundColor":"rgb(24, 25, 26)","textColor":"#f5f6f7","arrow":{"color":"#f5f6f7"}},"colors":{"text":{"primary":"#f5f6f7","secondary":"rgba(255, 255, 255, 1)"},"gray":{"50":"#FAFAFA","100":"#F5F5F5"},"border":{"dark":"#ffffff","light":"rgba(0,0,0, 0.1)"},"primary":{"main":"#ff5100"}},"schema":{"nestedBackground":"rgb(24, 25, 26)","typeNameColor":"rgba(255, 255, 255, 1)","typeTitleColor":"rgba(255, 255, 255, 1)"},"theme":{"prism":{"additionalLanguages":["scala"]}}},"options":{"scrollYOffset":"nav.navbar","expandSingleSchemaField":true,"menuToggle":true,"suppressWarnings":true}}},"@extensions/plugin-cheat-sheets":{"default":{"next":[{"title":"Gateways Management","source":"@site/versioned_docs/version-next/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-next/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-next/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-next/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-next/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.12.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.11.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.10.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.9.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.8.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.7.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}],"1.6.x":[{"title":"Gateways Management","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/gateways-management.mdx","relativePath":"./sheets/gateways-management","category":"Resources"},{"title":"kubectl CLI","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/kubectl.mdx","relativePath":"./sheets/kubectl","category":"CLI"},{"title":"Security Settings Management","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/security-management.mdx","relativePath":"./sheets/security-management","category":"Resources"},{"title":"tctl CLI","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tctl.mdx","relativePath":"./sheets/tctl","category":"CLI"},{"title":"Traffic Settings Management","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/traffic-management.mdx","relativePath":"./sheets/traffic-management","category":"Resources"},{"title":"TSB Concepts","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-concepts.mdx","relativePath":"./sheets/tsb-concepts","category":"TSB Concepts"},{"title":"TSB Quickstart","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-quickstart.mdx","relativePath":"./sheets/tsb-quickstart","category":"Quickstart"},{"title":"TSB Terminology","source":"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-terminology.mdx","relativePath":"./sheets/tsb-terminology","category":"Concepts"}]}}}'),o=JSON.parse('{"defaultLocale":"en","locales":["en"],"path":"i18n","currentLocale":"en","localeConfigs":{"en":{"label":"English","direction":"ltr","htmlLang":"en","calendar":"gregory","path":"en"}}}'),c=r("862627"),p=JSON.parse('{"docusaurusVersion":"3.7.0","pluginVersions":{"docusaurus-plugin-content-docs":{"type":"package","name":"@docusaurus/plugin-content-docs","version":"3.7.0"},"docusaurus-plugin-content-pages":{"type":"package","name":"@docusaurus/plugin-content-pages","version":"3.7.0"},"docusaurus-plugin-google-tag-manager":{"type":"package","name":"@docusaurus/plugin-google-tag-manager","version":"3.7.0"},"docusaurus-plugin-sitemap":{"type":"package","name":"@docusaurus/plugin-sitemap","version":"3.7.0"},"docusaurus-plugin-svgr":{"type":"package","name":"@docusaurus/plugin-svgr","version":"3.7.0"},"docusaurus-plugin-redoc":{"type":"package","name":"docusaurus-plugin-redoc","version":"2.1.1"},"docusaurus-theme-classic":{"type":"package","name":"@docusaurus/theme-classic","version":"3.7.0"},"docusaurus-theme-redoc":{"type":"package","name":"docusaurus-theme-redoc","version":"2.2.0"},"docusaurus-plugin-image-zoom":{"type":"package","name":"docusaurus-plugin-image-zoom","version":"2.0.0"},"@extensions/plugin-custom-webpack":{"type":"package","name":"@extensions/plugin-custom-webpack"},"@extensions/plugin-spellcheck":{"type":"package","name":"@extensions/plugin-spellcheck"},"docusaurus-plugin-client-redirects":{"type":"package","name":"@docusaurus/plugin-client-redirects","version":"3.7.0"},"@extensions/plugin-tetrate-versionmatrix":{"type":"package","name":"@extensions/plugin-tetrate-versionmatrix"},"@extensions/plugin-service-bridge-api-docs":{"type":"package","name":"@extensions/plugin-service-bridge-api-docs"},"@extensions/plugin-tctl-docs":{"type":"package","name":"@extensions/plugin-tctl-docs"},"@extensions/plugin-service-bridge-release-notes":{"type":"package","name":"@extensions/plugin-service-bridge-release-notes"},"@extensions/plugin-repo-copy":{"type":"package","name":"@extensions/plugin-repo-copy"},"@extensions/plugin-cheat-sheets":{"type":"package","name":"@extensions/plugin-cheat-sheets"},"@extensions/theme-tetrate":{"type":"package","name":"@extensions/theme-tetrate"},"docusaurus-theme-search-typesense":{"type":"package","name":"docusaurus-theme-search-typesense","version":"0.23.0"}}}');let d={siteConfig:i.default,siteMetadata:p,globalData:a,i18n:o,codeTranslations:c},u=n.createContext(d);function l(e){let{children:t}=e;return(0,s.jsx)(u.Provider,{value:d,children:t})}},586400:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;g});var s=r("552322"),n=r("202784"),i=r("158724"),a=r("57505"),o=r("586643"),c=r("308604"),p=r("427373");function d(e){let{error:t,tryAgain:r}=e;return(0,s.jsxs)("div",{style:{display:"flex",flexDirection:"column",justifyContent:"center",alignItems:"flex-start",minHeight:"100vh",width:"100%",maxWidth:"80ch",fontSize:"20px",margin:"0 auto",padding:"1rem"},children:[(0,s.jsx)("h1",{style:{fontSize:"3rem"},children:"This page crashed"}),(0,s.jsx)("button",{type:"button",onClick:r,style:{margin:"1rem 0",fontSize:"2rem",cursor:"pointer",borderRadius:20,padding:"1rem"},children:"Try again"}),(0,s.jsx)(u,{error:t})]})}function u(e){let{error:t}=e,r=(0,o.getErrorCausalChain)(t).map(e=&gt;e.message).join("\n\nCause:\n");return(0,s.jsx)("p",{style:{whiteSpace:"pre-wrap"},children:r})}function l(e){let{children:t}=e;return(0,s.jsx)(p.z,{value:{plugin:{name:"docusaurus-core-error-boundary",id:"default"}},children:t})}function m(e){let{error:t,tryAgain:r}=e;return(0,s.jsx)(l,{children:(0,s.jsxs)(g,{fallback:()=&gt;(0,s.jsx)(d,{error:t,tryAgain:r}),children:[(0,s.jsx)(a.Z,{children:(0,s.jsx)("title",{children:"Page Error"})}),(0,s.jsx)(c.Z,{children:(0,s.jsx)(d,{error:t,tryAgain:r})})]})})}let h=e=&gt;(0,s.jsx)(m,{...e});class g extends n.Component{constructor(e){super(e),this.state={error:null}}componentDidCatch(e){i.default.canUseDOM&amp;&amp;this.setState({error:e})}render(){let{children:e}=this.props,{error:t}=this.state;return t?(this.props.fallback??h)({error:t,tryAgain:()=&gt;this.setState({error:null})}):e??null}}},158724:function(e,t,r){"use strict";r.r(t),r.d(t,{default:function(){return n}});let s="undefined"!=typeof window&amp;&amp;"document"in window&amp;&amp;"createElement"in window.document,n={canUseDOM:s,canUseEventListeners:s&amp;&amp;("addEventListener"in window||"attachEvent"in window),canUseIntersectionObserver:s&amp;&amp;"IntersectionObserver"in window,canUseViewport:s&amp;&amp;"screen"in window}},57505:function(e,t,r){"use strict";r.d(t,{Z:function(){return i}});var s=r(552322);r(202784);var n=r(284221);function i(e){return(0,s.jsx)(n.ql,{...e})}},778943:function(e,t,r){"use strict";r.d(t,{Z:function(){return m}});var s=r(552322),n=r(202784),i=r(647933),a=r(586643),o=r(649221),c=r(614197),p=r(158724),d=r(763432),u=r(245961);let l=e=&gt;e.startsWith("/"),m=n.forwardRef(function(e,t){let{isNavLink:r,to:m,href:h,activeClassName:g,isActive:f,"data-noBrokenLinkCheck":y,autoAddBaseUrl:v=!0,...b}=e,{siteConfig:w}=(0,o.Z)(),{trailingSlash:x,baseUrl:S}=w,_=w.future.experimental_router,{withBaseUrl:A}=(0,u.Cg)(),q=(0,d.Z)(),k=(0,n.useRef)(null);(0,n.useImperativeHandle)(t,()=&gt;k.current);let T=m||h,z=(0,c.Z)(T),j=T?.replace("pathname://",""),I=void 0!==j?v&amp;&amp;l(j)?A(j):j:void 0;"hash"===_&amp;&amp;I?.startsWith("./")&amp;&amp;(I=I?.slice(1)),I&amp;&amp;z&amp;&amp;(I=(0,a.applyTrailingSlash)(I,{trailingSlash:x,baseUrl:S}));let P=(0,n.useRef)(!1),$=r?i.OL:i.rU,R=p.default.canUseIntersectionObserver,E=(0,n.useRef)(),O=()=&gt;{P.current||null==I||(window.docusaurus.preload(I),P.current=!0)};(0,n.useEffect)(()=&gt;(!R&amp;&amp;z&amp;&amp;p.default.canUseDOM&amp;&amp;null!=I&amp;&amp;window.docusaurus.prefetch(I),()=&gt;{R&amp;&amp;E.current&amp;&amp;E.current.disconnect()}),[E,I,R,z]);let C=I?.startsWith("#")??!1,L=!b.target||"_self"===b.target,D=!I||!z||!L||C&amp;&amp;"hash"!==_;y||!C&amp;&amp;D||q.collectLink(I),b.id&amp;&amp;q.collectAnchor(b.id);let B={};return D?(0,s.jsx)("a",{ref:k,href:I,...T&amp;&amp;!z&amp;&amp;{target:"_blank",rel:"noopener noreferrer"},...b,...B}):(0,s.jsx)($,{...b,onMouseEnter:O,onTouchStart:O,innerRef:e=&gt;{k.current=e,R&amp;&amp;e&amp;&amp;z&amp;&amp;(E.current=new window.IntersectionObserver(t=&gt;{t.forEach(t=&gt;{e===t.target&amp;&amp;(t.isIntersecting||t.intersectionRatio&gt;0)&amp;&amp;(E.current.unobserve(e),E.current.disconnect(),null!=I&amp;&amp;window.docusaurus.prefetch(I))})}),E.current.observe(e))},to:I,...r&amp;&amp;{isActive:f,activeClassName:g},...B})})},447025:function(e,t,r){"use strict";r.d(t,{I:()=&gt;c,Z:()=&gt;p});var s=r("552322"),n=r("202784");function i(e,t){let r=e.split(/(\{\w+\})/).map((e,r)=&gt;{if(r%2==1){let r=t?.[e.slice(1,-1)];if(void 0!==r)return r}return e});return r.some(e=&gt;(0,n.isValidElement)(e))?r.map((e,t)=&gt;(0,n.isValidElement)(e)?n.cloneElement(e,{key:t}):e).filter(e=&gt;""!==e):r.join("")}var a=r("862627");function o(e){let{id:t,message:r}=e;if(void 0===t&amp;&amp;void 0===r)throw Error("Docusaurus translation declarations must have at least a translation id or a default translation message");return a[t??r]??r??t}function c(e,t){let{message:r,id:s}=e;return i(o({message:r,id:s}),t)}function p(e){let{children:t,id:r,values:n}=e;if(t&amp;&amp;"string"!=typeof t)throw console.warn("Illegal &lt;Translate&gt; children",t),Error("The Docusaurus &lt;Translate&gt; component only accept simple string values");let a=o({message:t,id:r});return(0,s.jsx)(s.Fragment,{children:i(a,n)})}},421554:function(e,t,r){"use strict";r.d(t,{m:function(){return s}});let s="default"},614197:function(e,t,r){"use strict";function s(e){return/^(?:\w*:|\/\/)/.test(e)}function n(e){return void 0!==e&amp;&amp;!s(e)}r.d(t,{Z:function(){return n},b:function(){return s}})},245961:function(e,t,r){"use strict";r.d(t,{Cg:function(){return a},ZP:function(){return o}});var s=r(202784),n=r(649221),i=r(614197);function a(){let{siteConfig:e}=(0,n.Z)(),{baseUrl:t,url:r}=e,a=e.future.experimental_router;return{withBaseUrl:(0,s.useCallback)((e,s)=&gt;(function(e){let{siteUrl:t,baseUrl:r,url:s,options:{forcePrependBaseUrl:n=!1,absolute:a=!1}={},router:o}=e;if(!s||s.startsWith("#")||(0,i.b)(s))return s;if("hash"===o)return s.startsWith("/")?`.${s}`:`./${s}`;if(n)return r+s.replace(/^\//,"");if(s===r.replace(/\/$/,""))return r;let c=s.startsWith(r)?s:r+s.replace(/^\//,"");return a?t+c:c})({siteUrl:r,baseUrl:t,url:e,options:s,router:a}),[r,t,a])}}function o(e){let t=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:{},{withBaseUrl:r}=a();return r(e,t)}},763432:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;a}),r("552322");var s=r("202784");let n=s.createContext({collectAnchor:()=&gt;{},collectLink:()=&gt;{}}),i=()=&gt;(0,s.useContext)(n);function a(){return i()}},649221:function(e,t,r){"use strict";r.d(t,{Z:function(){return i}});var s=r(202784),n=r(70127);function i(){return(0,s.useContext)(n._)}},995367:function(e,t,r){"use strict";r.d(t,{OD:function(){return a},ZP:function(){return i},eZ:function(){return o}});var s=r(649221),n=r(421554);function i(){let{globalData:e}=(0,s.Z)();return e}function a(e){let t=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:{},r=i()[e];if(!r&amp;&amp;t.failfast)throw Error(`Docusaurus plugin global data not found for "${e}" plugin.`);return r}function o(e){let t=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:n.m,r=arguments.length&gt;2&amp;&amp;void 0!==arguments[2]?arguments[2]:{},s=a(e),i=s?.[t];if(!i&amp;&amp;r.failfast)throw Error(`Docusaurus plugin global data not found for "${e}" plugin with id "${t}".`);return i}},560061:function(e,t,r){"use strict";r.d(t,{Z:function(){return i}});var s=r(202784),n=r(677288);function i(){return(0,s.useContext)(n._)}},884294:function(e,t,r){"use strict";r.d(t,{Z:function(){return n}});var s=r(202784);let n=r(158724).default.canUseDOM?s.useLayoutEffect:s.useEffect},840316:function(e,t,r){"use strict";r.d(t,{Z:function(){return n}});let s=e=&gt;"object"==typeof e&amp;&amp;!!e&amp;&amp;Object.keys(e).length&gt;0;function n(e){let t={};return!function e(r,n){Object.entries(r).forEach(r=&gt;{let[i,a]=r,o=n?`${n}.${i}`:i;s(a)?e(a,o):t[o]=a})}(e),t}},427373:function(e,t,r){"use strict";r.d(t,{_:function(){return i},z:function(){return a}});var s=r(552322),n=r(202784);let i=n.createContext(null);function a(e){let{children:t,value:r}=e,a=n.useContext(i),o=(0,n.useMemo)(()=&gt;(function(e){let{parent:t,value:r}=e;if(!t){if(r){if(!("plugin"in r))throw Error("Unexpected: Docusaurus topmost route context has no `plugin` attribute")}else throw Error("Unexpected: no Docusaurus route context found");return r}let s={...t.data,...r?.data};return{plugin:t.plugin,data:s}})({parent:a,value:r}),[a,r]);return(0,s.jsx)(i.Provider,{value:o,children:t})}},398226:function(e,t,r){"use strict";r.d(t,{J:function(){return b},L5:function(){return y},Oh:function(){return w}});var s=r(552322),n=r(202784),i=r(136128),a=r(421554),o=r(892408),c=r(649569),p=r(337327);let d=e=&gt;`docs-preferred-version-${e}`,u=(e,t,r)=&gt;{(0,c.WA)(d(e),{persistence:t}).set(r)},l=(e,t)=&gt;(0,c.WA)(d(e),{persistence:t}).get(),m=(e,t)=&gt;{(0,c.WA)(d(e),{persistence:t}).del()},h=e=&gt;Object.fromEntries(e.map(e=&gt;[e,{preferredVersionName:null}])),g=n.createContext(null);function f(e){let{children:t}=e,r=function(){let e=(0,i._r)(),t=(0,o.L)().docs.versionPersistence,r=(0,n.useMemo)(()=&gt;Object.keys(e),[e]),[s,a]=(0,n.useState)(()=&gt;h(r));return(0,n.useEffect)(()=&gt;{a(function(e){let{pluginIds:t,versionPersistence:r,allDocsData:s}=e;return Object.fromEntries(t.map(e=&gt;[e,function(e){let t=l(e,r);return s[e].versions.some(e=&gt;e.name===t)?{preferredVersionName:t}:(m(e,r),{preferredVersionName:null})}(e)]))}({allDocsData:e,versionPersistence:t,pluginIds:r}))},[e,t,r]),[s,(0,n.useMemo)(()=&gt;({savePreferredVersion:function(e,r){u(e,t,r),a(t=&gt;({...t,[e]:{preferredVersionName:r}}))}}),[t])]}();return(0,s.jsx)(g.Provider,{value:r,children:t})}function y(e){let{children:t}=e;return(0,s.jsx)(f,{children:t})}function v(){let e=(0,n.useContext)(g);if(!e)throw new p.i6("DocsPreferredVersionContextProvider");return e}function b(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:a.m,t=(0,i.zh)(e),[r,s]=v(),{preferredVersionName:o}=r[e];return{preferredVersion:t.versions.find(e=&gt;e.name===o)??null,savePreferredVersionName:(0,n.useCallback)(t=&gt;{s.savePreferredVersion(e,t)},[s,e])}}function w(){let e=(0,i._r)(),[t]=v();return Object.fromEntries(Object.keys(e).map(r=&gt;[r,function(r){let s=e[r],{preferredVersionName:n}=t[r];return s.versions.find(e=&gt;e.name===n)??null}(r)]))}},65365:function(e,t,r){"use strict";r.d(t,{J:function(){return i},z:function(){return a}});var s=r(136128),n=r(398226);function i(e,t){return`docs-${e}-${t}`}function a(){let e=(0,s._r)(),t=(0,s.WS)(),r=(0,n.Oh)();return[...Object.keys(e).map(function(s){let n=t?.activePlugin.pluginId===s?t.activeVersion:void 0,a=r[s],o=e[s].versions.find(e=&gt;e.isLast);return i(s,(n??a??o).name)})]}},274224:function(e,t,r){"use strict";r.d(t,{V:function(){return p},b:function(){return c}});var s=r(552322),n=r(202784),i=r(337327);let a=Symbol("EmptyContext"),o=n.createContext(a);function c(e){let{children:t,name:r,items:i}=e,a=(0,n.useMemo)(()=&gt;r&amp;&amp;i?{name:r,items:i}:null,[r,i]);return(0,s.jsx)(o.Provider,{value:a,children:t})}function p(){let e=(0,n.useContext)(o);if(e===a)throw new i.i6("DocsSidebarProvider");return e}},818889:function(e,t,r){"use strict";r.d(t,{LM:function(){return m},MN:function(){return q},SN:function(){return A},_F:function(){return y},f:function(){return v},jA:function(){return h},lO:function(){return x},oz:function(){return S},s1:function(){return w},vY:function(){return _},xz:function(){return l}});var s=r(202784),n=r(107267),i=r(309702),a=r(136128),o=r(834918),c=r(367010),p=r(398226),d=r(971530),u=r(274224);function l(e){let t=(0,d.E)();if(!e)return;let r=t.docs[e];if(!r)throw Error(`no version doc found by id=${e}`);return r}function m(e){return"link"!==e.type||e.unlisted?"category"===e.type?function(e){if(e.href&amp;&amp;!e.linkUnlisted)return e.href;for(let t of e.items){let e=m(t);if(e)return e}}(e):void 0:e.href}function h(){let{pathname:e}=(0,n.TH)(),t=(0,u.V)();if(!t)throw Error("Unexpected: cant find current sidebar in context");let r=b({sidebarItems:t.items,pathname:e,onlyCategories:!0}).slice(-1)[0];if(!r)throw Error(`${e} is not associated with a category. useCurrentSidebarCategory() should only be used on category index pages.`);return r}let g=(e,t)=&gt;void 0!==e&amp;&amp;(0,o.Mg)(e,t),f=(e,t)=&gt;e.some(e=&gt;y(e,t));function y(e,t){return"link"===e.type?g(e.href,t):"category"===e.type&amp;&amp;(g(e.href,t)||f(e.items,t))}function v(e,t){return(0,s.useMemo)(()=&gt;e.filter(e=&gt;(function e(t,r){switch(t.type){case"category":return y(t,r)||void 0!==t.href&amp;&amp;!t.linkUnlisted||t.items.some(t=&gt;e(t,r));case"link":return!t.unlisted||y(t,r);default:return!0}})(e,t)),[e,t])}function b(e){let{sidebarItems:t,pathname:r,onlyCategories:s=!1}=e,n=[];return!function e(t){for(let i of t)if("category"===i.type&amp;&amp;((0,o.Mg)(i.href,r)||e(i.items))||"link"===i.type&amp;&amp;(0,o.Mg)(i.href,r))return s&amp;&amp;"category"!==i.type||n.unshift(i),!0;return!1}(t),n}function w(){let e=(0,u.V)(),{pathname:t}=(0,n.TH)();return!1!==a.gA()?.pluginData.breadcrumbs&amp;&amp;e?b({sidebarItems:e.items,pathname:t}):null}function x(e){let{activeVersion:t}=(0,a.Iw)(e),{preferredVersion:r}=(0,p.J)(e),n=(0,a.yW)(e);return(0,s.useMemo)(()=&gt;(0,c.jj)([t,r,n].filter(Boolean)),[t,r,n])}function S(e,t){let r=x(t);return(0,s.useMemo)(()=&gt;{let t=r.flatMap(e=&gt;e.sidebars?Object.entries(e.sidebars):[]),s=t.find(t=&gt;t[0]===e);if(!s)throw Error(`Can't find any sidebar with id "${e}" in version${r.length&gt;1?"s":""} ${r.map(e=&gt;e.name).join(", ")}".
Available sidebar ids are:
- ${t.map(e=&gt;e[0]).join("\n- ")}`);return s[1]},[e,r])}function _(e,t){let r=x(t);return(0,s.useMemo)(()=&gt;{let t=r.flatMap(e=&gt;e.docs),s=t.find(t=&gt;t.id===e);if(!s){if(r.flatMap(e=&gt;e.draftIds).includes(e))return null;throw Error(`Couldn't find any doc with id "${e}" in version${r.length&gt;1?"s":""} "${r.map(e=&gt;e.name).join(", ")}".
Available doc ids are:
- ${(0,c.jj)(t.map(e=&gt;e.id)).join("\n- ")}`)}return s},[e,r])}function A(e){let{route:t}=e,r=(0,n.TH)(),s=(0,d.E)(),a=t.routes,o=a.find(e=&gt;(0,n.LX)(r.pathname,e));if(!o)return null;let c=o.sidebar,p=c?s.docsSidebars[c]:void 0;return{docElement:(0,i.H)(a),sidebarName:c,sidebarItems:p}}function q(e){return e.filter(e=&gt;"category"!==e.type&amp;&amp;"link"!==e.type||!!m(e))}},971530:function(e,t,r){"use strict";r.d(t,{E:function(){return c},q:function(){return o}});var s=r(552322),n=r(202784),i=r(337327);let a=n.createContext(null);function o(e){let{children:t,version:r}=e;return(0,s.jsx)(a.Provider,{value:r,children:t})}function c(){let e=(0,n.useContext)(a);if(null===e)throw new i.i6("DocsVersionProvider");return e}},136128:function(e,t,r){"use strict";r.d(t,{gB:()=&gt;f,Iw:()=&gt;v,zh:()=&gt;m,z1:()=&gt;d.z,_r:()=&gt;l,MN:()=&gt;c.MN,WS:()=&gt;g,jA:()=&gt;c.jA,Jo:()=&gt;b,yW:()=&gt;y,gA:()=&gt;h,J:()=&gt;p.J});var s=r("107267"),n=r("995367");let i=e=&gt;e.versions.find(e=&gt;e.isLast);function a(e,t){return[...e.versions].sort((e,t)=&gt;e.path===t.path?0:e.path.includes(t.path)?-1:t.path.includes(e.path)?1:0).find(e=&gt;!!(0,s.LX)(t,{path:e.path,exact:!1,strict:!1}))}function o(e,t){let r=a(e,t),n=r?.docs.find(e=&gt;!!s.LX(t,{path:e.path,exact:!0,strict:!1})),i=n?function(t){let r={};return e.versions.forEach(e=&gt;{e.docs.forEach(s=&gt;{s.id===t&amp;&amp;(r[e.name]=s)})}),r}(n.id):{};return{activeVersion:r,activeDoc:n,alternateDocVersions:i}}var c=r("818889"),p=r("398226"),d=r("65365");let u={},l=()=&gt;(0,n.OD)("docusaurus-plugin-content-docs")??u,m=e=&gt;{try{return(0,n.eZ)("docusaurus-plugin-content-docs",e,{failfast:!0})}catch(t){throw Error(`You are using a feature of the Docusaurus docs plugin, but this plugin does not seem to be enabled${"Default"===e?"":` (pluginId=${e}`}`,{cause:t})}};function h(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{},t=l(),{pathname:r}=(0,s.TH)();return function(e,t){let r=arguments.length&gt;2&amp;&amp;void 0!==arguments[2]?arguments[2]:{},n=Object.entries(e).sort((e,t)=&gt;t[1].path.localeCompare(e[1].path)).find(e=&gt;{let[,r]=e;return!!(0,s.LX)(t,{path:r.path,exact:!1,strict:!1})}),i=n?{pluginId:n[0],pluginData:n[1]}:void 0;if(!i&amp;&amp;r.failfast)throw Error(`Can't find active docs plugin for "${t}" pathname, while it was expected to be found. Maybe you tried to use a docs feature that can only be used on a docs-related page? Existing docs plugin paths are: ${Object.values(e).map(e=&gt;e.path).join(", ")}`);return i}(t,r,e)}function g(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{},t=h(e),{pathname:r}=(0,s.TH)();if(!t)return;let n=a(t.pluginData,r);return{activePlugin:t,activeVersion:n}}function f(e){return m(e).versions}function y(e){return i(m(e))}function v(e){let t=m(e),{pathname:r}=(0,s.TH)();return o(t,r)}function b(e){let t=m(e),{pathname:r}=(0,s.TH)();return function(e,t){let r=i(e);return{latestDocSuggestion:o(e,t).alternateDocVersions[r.name],latestVersionSuggestion:r}}(t,r)}},578421:function(e,t,r){"use strict";r.r(t),r.d(t,{default:function(){return i}});var s=r(692521),n=r.n(s);n().configure({showSpinner:!1});let i={onRouteUpdate(e){let{location:t,previousLocation:r}=e;if(r&amp;&amp;t.pathname!==r.pathname){let e=window.setTimeout(()=&gt;{n().start()},200);return()=&gt;window.clearTimeout(e)}},onRouteDidUpdate(){n().done()}}},83260:function(e,t,r){"use strict";var s=r("900224"),n=r("75150");!function(e){let{themeConfig:{prism:t}}=n.default,{additionalLanguages:s}=t,i=globalThis.Prism;globalThis.Prism=e,s.forEach(e=&gt;{"php"===e&amp;&amp;r(123502),r(916512)(`./prism-${e}`)}),delete globalThis.Prism,void 0!==i&amp;&amp;(globalThis.Prism=e)}(s.p1)},128322:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;d});var s=r("552322");r("202784");var n=r("436299"),i=r("447025"),a=r("892408"),o=r("778943"),c=r("763432");let p={anchorWithStickyNavbar:"anchorWithStickyNavbar_fF9Z",anchorWithHideOnScrollNavbar:"anchorWithHideOnScrollNavbar_Yh18"};function d(e){let{as:t,id:r,...d}=e,u=(0,c.Z)(),{navbar:{hideOnScroll:l}}=(0,a.L)();if("h1"===t||!r)return(0,s.jsx)(t,{...d,id:void 0});u.collectAnchor(r);let m=(0,i.I)({id:"theme.common.headingLinkTitle",message:"Direct link to {heading}",description:"Title for link to heading"},{heading:"string"==typeof d.children?d.children:r});return(0,s.jsxs)(t,{...d,className:(0,n.Z)("anchor",l?p.anchorWithHideOnScrollNavbar:p.anchorWithStickyNavbar,d.className),id:r,children:[d.children,(0,s.jsx)(o.Z,{className:"hash-link",to:`#${r}`,"aria-label":m,title:m,children:"\u200B"})]})}},495341:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;n});var s=r("552322");r("202784");function n(e){let{width:t=13.5,height:r=13.5}=e;return(0,s.jsx)("svg",{width:t,height:r,"aria-hidden":"true",viewBox:"0 0 24 24",className:"iconExternalLink_awgD",children:(0,s.jsx)("path",{fill:"currentColor",d:"M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"})})}},308604:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;tf});var s=r("552322"),n=r("202784"),i=r("436299"),a=r("586400"),o=r("844700"),c=r("107267"),p=r("447025"),d=r("882523");let u="__docusaurus_skipToContent_fallback";function l(e){e.setAttribute("tabindex","-1"),e.focus(),e.removeAttribute("tabindex")}let m=(0,p.I)({id:"theme.common.skipToMainContent",description:"The skip to content label used for accessibility, allowing to rapidly navigate to main content with keyboard tab/enter navigation",message:"Skip to main content"});function h(e){let t=e.children??m,{containerRef:r,onClick:i}=function(){let e=(0,n.useRef)(null),{action:t}=(0,c.k6)(),r=(0,n.useCallback)(e=&gt;{e.preventDefault();let t=document.querySelector("main:first-of-type")??document.getElementById(u);t&amp;&amp;l(t)},[]);return(0,d.S)(r=&gt;{let{location:s}=r;e.current&amp;&amp;!s.hash&amp;&amp;"PUSH"===t&amp;&amp;l(e.current)}),{containerRef:e,onClick:r}}();return(0,s.jsx)("div",{ref:r,role:"region","aria-label":m,children:(0,s.jsx)("a",{...e,href:`#${u}`,onClick:i,children:t})})}var g=r("968483"),f=r("40382");function y(){return(0,s.jsx)(h,{className:"skipToContent_G6ar"})}var v=r("892408"),b=r("130114");function w(e){let{width:t=21,height:r=21,color:n="currentColor",strokeWidth:i=1.2,className:a,...o}=e;return(0,s.jsx)("svg",{viewBox:"0 0 15 15",width:t,height:r,...o,children:(0,s.jsx)("g",{stroke:n,strokeWidth:i,children:(0,s.jsx)("path",{d:"M.75.75l13.5 13.5M14.25.75L.75 14.25"})})})}function x(e){return(0,s.jsx)("button",{type:"button","aria-label":(0,p.I)({id:"theme.AnnouncementBar.closeButtonAriaLabel",message:"Close",description:"The ARIA label for close button of announcement bar"}),...e,className:(0,i.Z)("clean-btn close","closeButton_rfix",e.className),children:(0,s.jsx)(w,{width:14,height:14,strokeWidth:3.1})})}function S(e){let{announcementBar:t}=(0,v.L)(),{content:r}=t;return(0,s.jsx)("div",{...e,className:(0,i.Z)("content_L1uV",e.className),dangerouslySetInnerHTML:{__html:r}})}let _={announcementBar:"announcementBar_ncOr",announcementBarPlaceholder:"announcementBarPlaceholder_ajMw",announcementBarClose:"announcementBarClose_c9u4",announcementBarContent:"announcementBarContent__57G"};function A(){let{announcementBar:e}=(0,v.L)(),{isActive:t,close:r}=(0,b.n)();if(!t)return null;let{backgroundColor:n,textColor:i,isCloseable:a}=e;return(0,s.jsxs)("div",{className:_.announcementBar,style:{backgroundColor:n,color:i},role:"banner",children:[a&amp;&amp;(0,s.jsx)("div",{className:_.announcementBarPlaceholder}),(0,s.jsx)(S,{className:_.announcementBarContent}),a&amp;&amp;(0,s.jsx)(x,{onClick:r,className:_.announcementBarClose})]})}var q=r("598419"),k=r("28944"),T=r("552903"),z=r("467239"),j=r("337327"),I=r("33449");let P=n.createContext(null);function $(e){let{children:t}=e,r=function(){let e=(0,q.e)(),t=(0,I.HY)(),[r,s]=(0,n.useState)(!1),i=null!==t.component,a=(0,j.D9)(i);return(0,n.useEffect)(()=&gt;{i&amp;&amp;!a&amp;&amp;s(!0)},[i,a]),(0,n.useEffect)(()=&gt;{if(!i){s(!1);return}e.shown||s(!0)},[e.shown,i]),(0,n.useMemo)(()=&gt;[r,s],[r])}();return(0,s.jsx)(P.Provider,{value:r,children:t})}function R(){let e=(0,n.useContext)(P);if(!e)throw new j.i6("NavbarSecondaryMenuDisplayProvider");let[t,r]=e,i=(0,n.useCallback)(()=&gt;r(!1),[r]),a=(0,I.HY)();return(0,n.useMemo)(()=&gt;({shown:t,hide:i,content:function(e){if(e.component){let t=e.component;return(0,s.jsx)(t,{...e.props})}}(a)}),[i,a,t])}var E=r("728165"),O=r("820050");function C(e){let{header:t,primaryMenu:r,secondaryMenu:s}=e,{shown:n}=R();return(0,T.BX)("div",{className:"navbar-sidebar",children:[t,(0,T.BX)("div",{className:(0,z.Z)("navbar-sidebar__items",{"navbar-sidebar__items--show-secondary":n}),css:(0,E.iv)`
          height: calc(100% - var(--ifm-navbar-height) - 5rem);
        `,children:[(0,T.tZ)("div",{className:"navbar-sidebar__item menu",children:r}),(0,T.tZ)("div",{className:"navbar-sidebar__item menu",children:s})]}),(0,T.tZ)(O.Z,{})]})}var L=r("344987"),D=r("560061");function B(e){return(0,s.jsx)("svg",{viewBox:"0 0 24 24",width:24,height:24,...e,children:(0,s.jsx)("path",{fill:"currentColor",d:"M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"})})}function N(e){return(0,s.jsx)("svg",{viewBox:"0 0 24 24",width:24,height:24,...e,children:(0,s.jsx)("path",{fill:"currentColor",d:"M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"})})}let G={toggle:"toggle_OLSw",toggleButton:"toggleButton_wYmb",darkToggleIcon:"darkToggleIcon_Yem1",lightToggleIcon:"lightToggleIcon_Sxwe",toggleButtonDisabled:"toggleButtonDisabled_vaDU"},W=n.memo(function(e){let{className:t,buttonClassName:r,value:n,onChange:a}=e,o=(0,D.Z)(),c=(0,p.I)({message:"Switch between dark and light mode (currently {mode})",id:"theme.colorToggle.ariaLabel",description:"The ARIA label for the navbar color mode toggle"},{mode:"dark"===n?(0,p.I)({message:"dark mode",id:"theme.colorToggle.ariaLabel.mode.dark",description:"The name for the dark color mode"}):(0,p.I)({message:"light mode",id:"theme.colorToggle.ariaLabel.mode.light",description:"The name for the light color mode"})});return(0,s.jsx)("div",{className:(0,i.Z)(G.toggle,t),children:(0,s.jsxs)("button",{className:(0,i.Z)("clean-btn",G.toggleButton,!o&amp;&amp;G.toggleButtonDisabled,r),type:"button",onClick:()=&gt;a("dark"===n?"light":"dark"),disabled:!o,title:c,"aria-label":c,"aria-live":"polite","aria-pressed":"dark"===n?"true":"false",children:[(0,s.jsx)(B,{className:(0,i.Z)(G.toggleIcon,G.lightToggleIcon)}),(0,s.jsx)(N,{className:(0,i.Z)(G.toggleIcon,G.darkToggleIcon)})]})})}),M={darkNavbarColorModeToggle:"darkNavbarColorModeToggle_wZ1H"};function U(e){let{className:t}=e,r=(0,v.L)().navbar.style,n=(0,v.L)().colorMode.disableSwitch,{colorMode:i,setColorMode:a}=(0,L.I)();return n?null:(0,s.jsx)(W,{className:t,buttonClassName:"dark"===r?M.darkNavbarColorModeToggle:void 0,value:i,onChange:a})}var F=r("369439");function H(){return(0,s.jsx)(F.Z,{className:"navbar__brand",imageClassName:"navbar__logo",titleClassName:"navbar__title text--truncate"})}function V(){let e=(0,q.e)();return(0,s.jsx)("button",{type:"button","aria-label":(0,p.I)({id:"theme.docs.sidebar.closeSidebarButtonAriaLabel",message:"Close navigation bar",description:"The ARIA label for close button of mobile sidebar"}),className:"clean-btn navbar-sidebar__close",onClick:()=&gt;e.toggle(),children:(0,s.jsx)(w,{color:"var(--ifm-color-emphasis-600)"})})}function Q(){return(0,s.jsxs)("div",{className:"navbar-sidebar__brand",children:[(0,s.jsx)(H,{}),(0,s.jsx)(U,{className:"margin-right--md"}),(0,s.jsx)(V,{})]})}var K=r("778943"),J=r("245961"),X=r("614197"),Y=r("171470"),Z=r("495341");function ee(e){let{activeBasePath:t,activeBaseRegex:r,to:n,href:i,label:a,html:o,isDropdownLink:c,prependBaseUrlToHref:p,...d}=e,u=(0,J.ZP)(n),l=(0,J.ZP)(t),m=(0,J.ZP)(i,{forcePrependBaseUrl:!0}),h=a&amp;&amp;i&amp;&amp;!(0,X.Z)(i),g=o?{dangerouslySetInnerHTML:{__html:o}}:{children:(0,s.jsxs)(s.Fragment,{children:[a,h&amp;&amp;(0,s.jsx)(Z.Z,{...c&amp;&amp;{width:12,height:12}})]})};return i?(0,s.jsx)(K.Z,{href:p?m:i,...d,...g}):(0,s.jsx)(K.Z,{to:u,isNavLink:!0,...(t||r)&amp;&amp;{isActive:(e,t)=&gt;r?(0,Y.F)(r,t.pathname):t.pathname.startsWith(l)},...d,...g})}function et(e){let{className:t,isDropdownItem:r=!1,...n}=e,a=(0,s.jsx)(ee,{className:(0,i.Z)(r?"dropdown__link":"navbar__item navbar__link",t),isDropdownLink:r,...n});return r?(0,s.jsx)("li",{children:a}):a}function er(e){let{className:t,isDropdownItem:r,...n}=e;return(0,s.jsx)("li",{className:"menu__list-item",children:(0,s.jsx)(ee,{className:(0,i.Z)("menu__link",t),...n})})}function es(e){let{mobile:t=!1,position:r,...n}=e;return(0,s.jsx)(t?er:et,{...n,activeClassName:n.activeClassName??(t?"menu__link--active":"navbar__link--active")})}var en=r("336663"),ei=r("834918"),ea=r("649221");function eo(e){let{items:t,position:r,className:a,onClick:o,...c}=e,p=(0,n.useRef)(null),[d,u]=(0,n.useState)(!1);return(0,n.useEffect)(()=&gt;{let e=e=&gt;{!(!p.current||p.current.contains(e.target))&amp;&amp;u(!1)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),document.addEventListener("focusin",e),()=&gt;{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e),document.removeEventListener("focusin",e)}},[p]),(0,s.jsxs)("div",{ref:p,className:(0,i.Z)("navbar__item","dropdown","dropdown--hoverable",{"dropdown--right":"right"===r,"dropdown--show":d}),children:[(0,s.jsx)(ee,{"aria-haspopup":"true","aria-expanded":d,role:"button",href:c.to?void 0:"#",className:(0,i.Z)("navbar__link",a),...c,onClick:c.to?void 0:e=&gt;e.preventDefault(),onKeyDown:e=&gt;{"Enter"===e.key&amp;&amp;(e.preventDefault(),u(!d))},children:c.children??c.label}),(0,s.jsx)("ul",{className:"dropdown__menu",children:t.map((e,t)=&gt;(0,n.createElement)(e1,{isDropdownItem:!0,activeClassName:"dropdown__link--active",...e,key:t}))})]})}function ec(e){let{items:t,className:r,position:a,onClick:o,...p}=e,d=function(){let{siteConfig:{baseUrl:e}}=(0,ea.Z)(),{pathname:t}=(0,c.TH)();return t.replace(e,"/")}(),u=t.some(e=&gt;!!((0,ei.Mg)(e.to,d)||(0,Y.F)(e.activeBaseRegex,d)||e.activeBasePath&amp;&amp;d.startsWith(e.activeBasePath))),{collapsed:l,toggleCollapsed:m,setCollapsed:h}=(0,en.u)({initialState:()=&gt;!u});return(0,n.useEffect)(()=&gt;{u&amp;&amp;h(!u)},[d,u,h]),(0,s.jsxs)("li",{className:(0,i.Z)("menu__list-item",{"menu__list-item--collapsed":l}),children:[(0,s.jsx)(ee,{role:"button",className:(0,i.Z)("dropdownNavbarItemMobile_yXZl","menu__link menu__link--sublist menu__link--sublist-caret",r),...p,onClick:e=&gt;{e.preventDefault(),m()},children:p.children??p.label}),(0,s.jsx)(en.z,{lazy:!0,as:"ul",className:"menu__list",collapsed:l,children:t.map((e,t)=&gt;(0,n.createElement)(e1,{mobile:!0,isDropdownItem:!0,onClick:o,activeClassName:"menu__link--active",...e,key:t}))})]})}function ep(e){let{mobile:t=!1,...r}=e;return(0,s.jsx)(t?ec:eo,{...r})}var ed=r("548466");function eu(e){let{width:t=20,height:r=20,...n}=e;return(0,s.jsx)("svg",{viewBox:"0 0 24 24",width:t,height:r,"aria-hidden":!0,...n,children:(0,s.jsx)("path",{fill:"currentColor",d:"M12.87 15.07l-2.54-2.51.03-.03c1.74-1.94 2.98-4.17 3.71-6.53H17V4h-7V2H8v2H1v1.99h11.17C11.5 7.92 10.44 9.75 9 11.35 8.07 10.32 7.3 9.19 6.69 8h-2c.73 1.63 1.73 3.17 2.98 4.56l-5.09 5.02L4 19l5-5 3.11 3.11.76-2.04zM18.5 10h-2L12 22h2l1.12-3h4.75L21 22h2l-4.5-12zm-2.62 7l1.62-4.33L19.12 17h-3.24z"})})}var el=r("928316"),em=r("780650"),eh=r("313714"),eg=r("486221"),ef=r("322753");function ey(){return n.createElement("svg",{width:"15",height:"15",className:"DocSearch-Control-Key-Icon"},n.createElement("path",{d:"M4.505 4.496h2M5.505 5.496v5M8.216 4.496l.055 5.993M10 7.5c.333.333.5.667.5 1v2M12.326 4.5v5.996M8.384 4.496c1.674 0 2.116 0 2.116 1.5s-.442 1.5-2.116 1.5M3.205 9.303c-.09.448-.277 1.21-1.241 1.203C1 10.5.5 9.513.5 8V7c0-1.57.5-2.5 1.464-2.494.964.006 1.134.598 1.24 1.342M12.553 10.5h1.953",strokeWidth:"1.2",stroke:"currentColor",fill:"none",strokeLinecap:"square"}))}var ev=r("211787"),eb=["translations"],ew="Ctrl",ex=n.forwardRef(function(e,t){var r=e.translations,s=void 0===r?{}:r,i=(0,ef.Z)(e,eb),a=s.buttonText,o=s.buttonAriaLabel,c=(0,n.useState)(null),p=(0,eg.Z)(c,2),d=p[0],u=p[1];return(0,n.useEffect)(function(){"undefined"!=typeof navigator&amp;&amp;(/(Mac|iPhone|iPod|iPad)/i.test(navigator.platform)?u("\u2318"):u(ew))},[]),n.createElement("button",(0,eh.Z)({type:"button",className:"DocSearch DocSearch-Button","aria-label":void 0===o?"Search":o},i,{ref:t}),n.createElement("span",{className:"DocSearch-Button-Container"},n.createElement(ev.W,null),n.createElement("span",{className:"DocSearch-Button-Placeholder"},void 0===a?"Search":a)),n.createElement("span",{className:"DocSearch-Button-Keys"},null!==d&amp;&amp;n.createElement(n.Fragment,null,n.createElement("kbd",{className:"DocSearch-Button-Key"},d===ew?n.createElement(ey,null):d),n.createElement("kbd",{className:"DocSearch-Button-Key"},"K"))))}),eS=r("326679");let e_={button:{buttonText:(0,p.I)({id:"theme.SearchBar.label",message:"Search",description:"The ARIA label and placeholder for search button"}),buttonAriaLabel:(0,p.I)({id:"theme.SearchBar.label",message:"Search",description:"The ARIA label and placeholder for search button"})},modal:{searchBox:{resetButtonTitle:(0,p.I)({id:"theme.SearchModal.searchBox.resetButtonTitle",message:"Clear the query",description:"The label and ARIA label for search box reset button"}),resetButtonAriaLabel:(0,p.I)({id:"theme.SearchModal.searchBox.resetButtonTitle",message:"Clear the query",description:"The label and ARIA label for search box reset button"}),cancelButtonText:(0,p.I)({id:"theme.SearchModal.searchBox.cancelButtonText",message:"Cancel",description:"The label and ARIA label for search box cancel button"}),cancelButtonAriaLabel:(0,p.I)({id:"theme.SearchModal.searchBox.cancelButtonText",message:"Cancel",description:"The label and ARIA label for search box cancel button"})},startScreen:{recentSearchesTitle:(0,p.I)({id:"theme.SearchModal.startScreen.recentSearchesTitle",message:"Recent",description:"The title for recent searches"}),noRecentSearchesText:(0,p.I)({id:"theme.SearchModal.startScreen.noRecentSearchesText",message:"No recent searches",description:"The text when no recent searches"}),saveRecentSearchButtonTitle:(0,p.I)({id:"theme.SearchModal.startScreen.saveRecentSearchButtonTitle",message:"Save this search",description:"The label for save recent search button"}),removeRecentSearchButtonTitle:(0,p.I)({id:"theme.SearchModal.startScreen.removeRecentSearchButtonTitle",message:"Remove this search from history",description:"The label for remove recent search button"}),favoriteSearchesTitle:(0,p.I)({id:"theme.SearchModal.startScreen.favoriteSearchesTitle",message:"Favorite",description:"The title for favorite searches"}),removeFavoriteSearchButtonTitle:(0,p.I)({id:"theme.SearchModal.startScreen.removeFavoriteSearchButtonTitle",message:"Remove this search from favorites",description:"The label for remove favorite search button"})},errorScreen:{titleText:(0,p.I)({id:"theme.SearchModal.errorScreen.titleText",message:"Unable to fetch results",description:"The title for error screen of search modal"}),helpText:(0,p.I)({id:"theme.SearchModal.errorScreen.helpText",message:"You might want to check your network connection.",description:"The help text for error screen of search modal"})},footer:{selectText:(0,p.I)({id:"theme.SearchModal.footer.selectText",message:"to select",description:"The explanatory text of the action for the enter key"}),selectKeyAriaLabel:(0,p.I)({id:"theme.SearchModal.footer.selectKeyAriaLabel",message:"Enter key",description:"The ARIA label for the Enter key button that makes the selection"}),navigateText:(0,p.I)({id:"theme.SearchModal.footer.navigateText",message:"to navigate",description:"The explanatory text of the action for the Arrow up and Arrow down key"}),navigateUpKeyAriaLabel:(0,p.I)({id:"theme.SearchModal.footer.navigateUpKeyAriaLabel",message:"Arrow up",description:"The ARIA label for the Arrow up key button that makes the navigation"}),navigateDownKeyAriaLabel:(0,p.I)({id:"theme.SearchModal.footer.navigateDownKeyAriaLabel",message:"Arrow down",description:"The ARIA label for the Arrow down key button that makes the navigation"}),closeText:(0,p.I)({id:"theme.SearchModal.footer.closeText",message:"to close",description:"The explanatory text of the action for Escape key"}),closeKeyAriaLabel:(0,p.I)({id:"theme.SearchModal.footer.closeKeyAriaLabel",message:"Escape key",description:"The ARIA label for the Escape key button that close the modal"}),searchByText:(0,p.I)({id:"theme.SearchModal.footer.searchByText",message:"Search by",description:"The text explain that the search is making by Algolia"})},noResultsScreen:{noResultsText:(0,p.I)({id:"theme.SearchModal.noResultsScreen.noResultsText",message:"No results for",description:"The text explains that there are no results for the following search"}),suggestedQueryText:(0,p.I)({id:"theme.SearchModal.noResultsScreen.suggestedQueryText",message:"Try searching for",description:"The text for the suggested query when no results are found for the following search"}),reportMissingResultsText:(0,p.I)({id:"theme.SearchModal.noResultsScreen.reportMissingResultsText",message:"Believe this query should return results?",description:"The text for the question where the user thinks there are missing results"}),reportMissingResultsLinkText:(0,p.I)({id:"theme.SearchModal.noResultsScreen.reportMissingResultsLinkText",message:"Let us know.",description:"The text for the link to report missing results"})}},placeholder:(0,p.I)({id:"theme.SearchModal.placeholder",message:"Search docs",description:"The placeholder of the input of the DocSearch pop-up modal"})};var eA=r("506229"),eq=r("345874");let ek=eq.d;function eT(e){let{key:t,oldValue:r,newValue:s,storage:n}=e;if(r===s)return;let i=document.createEvent("StorageEvent");i.initStorageEvent("storage",!1,!1,t,r,s,window.location.href,n),window.dispatchEvent(i)}let ez=!1,ej={get:()=&gt;null,set:()=&gt;{},del:()=&gt;{},listen:()=&gt;()=&gt;{}};function eI(e,t){let r=`${e}${eq.u}`;if("undefined"==typeof window)return function(e){function t(){throw Error(`Illegal storage API usage for storage key "${e}".
Docusaurus storage APIs are not supposed to be called on the server-rendering process.
Please only call storage APIs in effects and event handlers.`)}return{get:t,set:t,del:t,listen:t}}(r);let s=function(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:ek;if("undefined"==typeof window)throw Error("Browser storage is not available on Node.js/Docusaurus SSR process.");if("none"===e)return null;try{return window[e]}catch(e){var t;return t=e,ez||(console.warn(`Docusaurus browser storage is not available.
Possible reasons: running Docusaurus in an iframe, in an incognito browser session, or using too strict browser privacy settings.`,t),ez=!0),null}}(t?.persistence);return null===s?ej:{get:()=&gt;{try{return s.getItem(r)}catch(e){return console.error(`Docusaurus storage error, can't get key=${r}`,e),null}},set:e=&gt;{try{let t=s.getItem(r);s.setItem(r,e),eT({key:r,oldValue:t,newValue:e,storage:s})}catch(t){console.error(`Docusaurus storage error, can't set ${r}=${e}`,t)}},del:()=&gt;{try{let e=s.getItem(r);s.removeItem(r),eT({key:r,oldValue:e,newValue:null,storage:s})}catch(e){console.error(`Docusaurus storage error, can't delete key=${r}`,e)}},listen:e=&gt;{try{let t=t=&gt;{t.storageArea===s&amp;&amp;t.key===r&amp;&amp;e(t)};return window.addEventListener("storage",t),()=&gt;window.removeEventListener("storage",t)}catch(e){return console.error(`Docusaurus storage error, can't listen for changes of key=${r}`,e),()=&gt;{}}}}}let eP=e=&gt;`docs-preferred-version-${e}`,e$=(e,t,r)=&gt;{eI(eP(e),{persistence:t}).set(r)},eR=(e,t)=&gt;eI(eP(e),{persistence:t}).get(),eE=(e,t)=&gt;{eI(eP(e),{persistence:t}).del()},eO=e=&gt;Object.fromEntries(e.map(e=&gt;[e,{preferredVersionName:null}])),eC=n.createContext(null);function eL(e){let{children:t}=e,r=function(){let e=(0,eA._r)(),t=(0,ea.Z)().siteConfig.themeConfig.docs.versionPersistence,r=(0,n.useMemo)(()=&gt;Object.keys(e),[e]),[s,i]=(0,n.useState)(()=&gt;eO(r));return(0,n.useEffect)(()=&gt;{i(function(e){let{pluginIds:t,versionPersistence:r,allDocsData:s}=e;return Object.fromEntries(t.map(e=&gt;[e,function(e){let t=eR(e,r);return s[e].versions.some(e=&gt;e.name===t)?{preferredVersionName:t}:(eE(e,r),{preferredVersionName:null})}(e)]))}({allDocsData:e,versionPersistence:t,pluginIds:r}))},[e,t,r]),[s,(0,n.useMemo)(()=&gt;({savePreferredVersion:function(e,r){e$(e,t,r),i(t=&gt;({...t,[e]:{preferredVersionName:r}}))}}),[t])]}();return(0,s.jsx)(eC.Provider,{value:r,children:t})}function eD(e){let{children:t}=e;return(0,s.jsx)(eL,{children:t})}let eB=null;function eN(e){let{hit:t,children:r}=e;return(0,s.jsx)(K.Z,{to:t.url,children:r})}function eG(e){let{state:t,onClose:r}=e,{generateSearchPageLink:n}=(0,em.O)();return(0,s.jsx)(K.Z,{to:n(t.query),onClick:r,children:(0,s.jsx)(p.Z,{id:"theme.SearchBar.seeAll",values:{count:t.context.nbHits},children:"See all {count} results"})})}function eW(e){var t,i,a,o,p,d;let{contextualSearch:u,externalUrlRegex:l,...m}=e,{siteMetadata:h}=(0,ea.Z)(),g=function(){let e;let{locale:t,tags:r}=(0,eS._q)(),s=`language:=${t}`;return r.length&gt;0&amp;&amp;(e=`docusaurus_tag:=[${r.join(",")}]`),[s,e].filter(e=&gt;e).join(" &amp;&amp; ")}(),f=m.typesenseSearchParameters?.filter_by??"",y={filter_by:u?[g,f].filter(e=&gt;e).join(" &amp;&amp; "):f,...m.typesenseSearchParameters},v=m.typesenseServerConfig,b=m.typesenseCollectionName,{withBaseUrl:w}=(0,J.Cg)(),x=(0,c.k6)(),S=(0,n.useRef)(null),_=(0,n.useRef)(null),[A,q]=(0,n.useState)(!1),[k,T]=(0,n.useState)(void 0),z=(0,n.useCallback)(()=&gt;eB?Promise.resolve():Promise.all([Promise.all([r.e("679"),r.e("48445")]).then(r.bind(r,649088)),Promise.all([r.e("86212"),r.e("77558")]).then(r.bind(r,250693)),Promise.all([r.e("86212"),r.e("77927")]).then(r.bind(r,457390))]).then(e=&gt;{let[{DocSearchModal:t}]=e;eB=t}),[]),j=(0,n.useCallback)(()=&gt;{z().then(()=&gt;{S.current=document.createElement("div"),document.body.insertBefore(S.current,document.body.firstChild),q(!0)})},[z,q]),I=(0,n.useCallback)(()=&gt;{q(!1),S.current?.remove()},[q]),P=(0,n.useCallback)(e=&gt;{z().then(()=&gt;{q(!0),T(e.key)})},[z,q,T]),$=(0,n.useRef)({navigate(e){let{itemUrl:t}=e;(0,Y.F)(l,t)?window.location.href=t:x.push(t)}}).current,R=(0,n.useRef)(e=&gt;e.map(e=&gt;{if((0,Y.F)(l,e.url))return e;let t=new URL(e.url);return{...e,url:w(`${t.pathname}${t.hash}`)}})).current,E=(0,n.useMemo)(()=&gt;e=&gt;(0,s.jsx)(eG,{...e,onClose:I}),[I]);return i=(t={isOpen:A,onOpen:j,onClose:I,onInput:P,searchButtonRef:_}).isOpen,a=t.onOpen,o=t.onClose,p=t.onInput,d=t.searchButtonRef,n.useEffect(function(){function e(e){var t,r;(27===e.keyCode&amp;&amp;i||"k"===e.key.toLowerCase()&amp;&amp;(e.metaKey||e.ctrlKey)||(r=(t=e.target).tagName,!t.isContentEditable&amp;&amp;"INPUT"!==r&amp;&amp;"SELECT"!==r&amp;&amp;"TEXTAREA"!==r&amp;&amp;"/"===e.key&amp;&amp;!i))&amp;&amp;(e.preventDefault(),i?o():!document.body.classList.contains("DocSearch--active")&amp;&amp;(document.body.classList.contains("DocSearch--active")||a())),d&amp;&amp;d.current===document.activeElement&amp;&amp;p&amp;&amp;/[a-zA-Z0-9]/.test(String.fromCharCode(e.keyCode))&amp;&amp;p(e)}return window.addEventListener("keydown",e),function(){window.removeEventListener("keydown",e)}},[i,a,o,p,d]),(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(ex,{onTouchStart:z,onFocus:z,onMouseOver:z,onClick:j,ref:_,translations:e_.button}),A&amp;&amp;eB&amp;&amp;S.current&amp;&amp;(0,el.createPortal)((0,s.jsx)(eB,{onClose:I,initialScrollY:window.scrollY,initialQuery:k,navigator:$,transformItems:R,hitComponent:eN,...m.searchPagePath&amp;&amp;{resultsFooterComponent:E},...m,typesenseSearchParameters:y,typesenseServerConfig:v,typesenseCollectionName:b,placeholder:e_.placeholder,translations:e_.modal}),S.current)]})}function eM(){let{siteConfig:e}=(0,ea.Z)();return(0,s.jsx)(eD,{children:(0,s.jsx)(eW,{...e.themeConfig.typesense})})}function eU(e){let{children:t,className:r}=e;return(0,s.jsx)("div",{className:(0,i.Z)(r,"navbarSearchContainer_bmvg"),children:t})}var eF=r("136128"),eH=r("818889");let eV=e=&gt;e.docs.find(t=&gt;t.id===e.mainDocId),eQ=e=&gt;e.docs.find(t=&gt;t.id===e.mainDocId);function eK(e){let{children:t,href:r="",className:n}=e,i=r.startsWith("/"),a=r.includes("://"),o=(0,c.TH)(),p=o.pathname.endsWith("/"),d=e=&gt;e.stopPropagation();return a||i||(r=p?o.pathname+r:o.pathname+"/"+r),i?(0,s.jsx)("a",{onClick:d,href:r,className:n,children:t}):(0,s.jsx)(K.Z,{onClick:d,href:r,className:n,children:t})}function eJ(e){let{children:t}=e;return(0,T.BX)(T.HY,{children:[(0,T.tZ)("hr",{css:(0,E.iv)`
          margin-bottom: 0.2rem;
        `}),(0,T.BX)("span",{css:(0,E.iv)`
          font-size: 0.8rem;
          margin-bottom: 0.5rem;
        `,children:[t,"s"]})]})}function eX(e){let{children:t,logoSrc:r}=e;return(0,T.BX)("div",{css:(0,E.iv)`
        cursor: pointer;
        padding: 0 var(--ifm-navbar-item-padding-horizontal);
        height: 36px;
        color: white;
        display: flex;
        align-items: center;
        flex: 1;
        white-space: nowrap;
        &amp;:after {
          border-color: currentColor transparent;
          border-style: solid;
          border-width: 0.4rem 0.4rem 0;
          content: '';
          display: inline-block;
          margin-left: 0.5rem;
          position: relative;
          top: 2px;
          transform: translateY(-50%);
        }
      `,children:[(0,T.tZ)("div",{css:(0,E.iv)`
          width: 32px;
          height: 32px;
          margin-right: 1rem;
        `,children:(0,T.tZ)("img",{src:r,alt:"Product logo"})}),t]})}function eY(e){let{children:t,logoSrc:r,href:s}=e;return(0,T.BX)(eK,{href:s,css:(0,E.iv)`
        padding: 0.5rem;
        color: white;
        display: flex;
        align-items: center;
        flex: 1;
        white-space: nowrap;
        &amp;:hover {
          text-decoration: none;
          background-color: var(--ifm-color-gray-900);
        }
      `,children:[(0,T.tZ)("div",{css:(0,E.iv)`
          width: 32px;
          height: 32px;
          margin-right: 1rem;
        `,children:(0,T.tZ)("img",{src:r})}),t]})}let eZ={default:es,localeDropdown:function(e){let{mobile:t,dropdownItemsBefore:r,dropdownItemsAfter:n,queryString:i="",...a}=e,{i18n:{currentLocale:o,locales:d,localeConfigs:u}}=(0,ea.Z)(),l=(0,ed.l)(),{search:m,hash:h}=(0,c.TH)(),g=[...r,...d.map(e=&gt;{let r=`pathname://${l.createUrl({locale:e,fullyQualified:!1})}`,s=`${r}${m}${h}${i}`;return{label:u[e].label,lang:u[e].htmlLang,to:s,target:"_self",autoAddBaseUrl:!1,className:e===o?t?"menu__link--active":"dropdown__link--active":""}}),...n],f=t?(0,p.I)({message:"Languages",id:"theme.navbar.mobileLanguageDropdown.label",description:"The label for the mobile language switcher dropdown"}):u[o].label;return(0,s.jsx)(ep,{...a,mobile:t,label:(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(eu,{className:"iconLanguage_xrmG"}),f]}),items:g})},search:function(e){let{mobile:t,className:r}=e;return t?null:(0,s.jsx)(eU,{className:r,children:(0,s.jsx)(eM,{})})},dropdown:ep,html:function(e){let{value:t,className:r,mobile:n=!1,isDropdownItem:a=!1}=e;return(0,s.jsx)(a?"li":"div",{className:(0,i.Z)({navbar__item:!n&amp;&amp;!a,"menu__list-item":n},r),dangerouslySetInnerHTML:{__html:t}})},doc:function(e){let{docId:t,label:r,docsPluginId:n,...i}=e,{activeDoc:a}=(0,eF.Iw)(n),o=(0,eH.vY)(t,n),c=a?.path===o?.path;return null===o||o.unlisted&amp;&amp;!c?null:(0,s.jsx)(es,{exact:!0,...i,isActive:()=&gt;c||!!a?.sidebar&amp;&amp;a.sidebar===o.sidebar,label:r??o.id,to:o.path})},docSidebar:function(e){let{sidebarId:t,label:r,docsPluginId:n,...i}=e,{activeDoc:a}=(0,eF.Iw)(n),o=(0,eH.oz)(t,n).link;if(!o)throw Error(`DocSidebarNavbarItem: Sidebar with ID "${t}" doesn't have anything to be linked to.`);return(0,s.jsx)(es,{exact:!0,...i,isActive:()=&gt;a?.sidebar===t,label:r??o.label,to:o.path})},docsVersion:function(e){let{label:t,to:r,docsPluginId:n,...i}=e,a=(0,eH.lO)(n)[0],o=t??a.label,c=r??eV(a).path;return(0,s.jsx)(es,{...i,label:o,to:c})},docsVersionDropdown:function(e){let{mobile:t,docsPluginId:r,dropdownActiveClassDisabled:n,dropdownItemsBefore:i,dropdownItemsAfter:a,...o}=e,{search:d,hash:u,pathname:l}=(0,c.TH)(),m=(0,eF.Iw)(r),h=(0,eF.gB)(r).filter(e=&gt;"next"!==e.name),{savePreferredVersionName:g}=(0,eS.J)(r),f=[...i,...h.map(e=&gt;{let t=m.alternateDocVersions[e.name]??eQ(e);return{label:e.label,to:`${t.path}${d}${u}`,isActive:()=&gt;e===m.activeVersion,onClick:()=&gt;g(e.name)}}),...a],y=(0,eH.lO)(r)[0],v=t&amp;&amp;f.length&gt;1?(0,p.I)({id:"theme.navbar.mobileVersionsDropdown.label",message:"Versions",description:"The label for the navbar versions dropdown on mobile view"}):y.label;return f.length&lt;=1?(0,s.jsx)(es,{...o,mobile:t,label:v,isActive:n?()=&gt;!1:void 0}):(0,s.jsx)(ep,{...o,mobile:t,label:v,items:f,isActive:n?()=&gt;!1:void 0})},"custom-productDropdown":function(){let e=(0,c.TH)().pathname.split("/"),t=e.length&gt;1?e[1]:"",r=ea.Z().siteConfig.customFields?.products,s=r.filter(e=&gt;!e.skipMenu),n=r.find(e=&gt;e.name===t),i="";return(0,T.BX)("div",{className:"dropdown dropdown--hoverable",css:(0,E.iv)`
        border: 1px solid var(--ifm-color-gray-500);
        border-radius: 8px;
        &amp;:hover {
          background-color: var(--ifm-color-gray-900);
        }

        .navbar-sidebar &amp; {
          border: none;
        }

        @media (max-width: 640px) {
          .navbar__items &amp; {
            display: none;
          }
        }
      `,children:[n&amp;&amp;(0,T.tZ)(eX,{logoSrc:n.logoDark,children:n.title}),(0,T.tZ)("div",{className:"dropdown__menu",css:(0,E.iv)`
          padding: 0.1rem 1rem;
          background-color: var(--ifm-navbar-background-color);
        `,children:s.map(e=&gt;{let t=!1;return i!==e.category&amp;&amp;(i=e.category,t=!0),(0,T.BX)("li",{children:[t&amp;&amp;(0,T.tZ)(eJ,{children:e.category}),(0,T.tZ)(eY,{logoSrc:e.logoDark,href:e.link,children:e.title},e.name)]},e.name)})})]})}};function e1(e){let{type:t,...r}=e,n=eZ[t&amp;&amp;"default"!==t?t:"items"in r?"dropdown":"default"];if(!n)throw Error(`No NavbarItem component found for type "${t}".`);return(0,s.jsx)(n,{...r})}function e2(){let e=(0,q.e)(),t=(0,v.L)().navbar.items;return(0,s.jsx)("ul",{className:"menu__list",children:t.map((t,r)=&gt;(0,n.createElement)(e1,{mobile:!0,...t,onClick:()=&gt;e.toggle(),key:r}))})}function e0(e){return(0,s.jsx)("button",{...e,type:"button",className:"clean-btn navbar-sidebar__back",children:(0,s.jsx)(p.Z,{id:"theme.navbar.mobileSidebarSecondaryMenu.backButtonLabel",description:"The label of the back button to return to main menu, inside the mobile navbar sidebar secondary menu (notably used to display the docs sidebar)",children:"\u2190 Back to main menu"})})}function e4(){let e=0===(0,v.L)().navbar.items.length,t=R();return(0,s.jsxs)(s.Fragment,{children:[!e&amp;&amp;(0,s.jsx)(e0,{onClick:()=&gt;t.hide()}),t.content]})}function e8(){let e=(0,q.e)();return(!function(){let e=!(arguments.length&gt;0)||void 0===arguments[0]||arguments[0];(0,n.useEffect)(()=&gt;(document.body.style.overflow=e?"hidden":"visible",()=&gt;{document.body.style.overflow="visible"}),[e])}(e.shown),e.shouldRender)?(0,s.jsx)(C,{header:(0,s.jsx)(Q,{}),primaryMenu:(0,s.jsx)(e2,{}),secondaryMenu:(0,s.jsx)(e4,{})}):null}let e6={navbarHideable:"navbarHideable_bChn",navbarHidden:"navbarHidden_zsXl"};function e9(e){return(0,s.jsx)("div",{role:"presentation",...e,className:(0,i.Z)("navbar-sidebar__backdrop",e.className)})}function e7(e){let{children:t}=e,{navbar:{hideOnScroll:r,style:a}}=(0,v.L)(),o=(0,q.e)(),{navbarRef:c,isNavbarVisible:u}=function(e){let[t,r]=(0,n.useState)(e),s=(0,n.useRef)(!1),i=(0,n.useRef)(0),a=(0,n.useCallback)(e=&gt;{null!==e&amp;&amp;(i.current=e.getBoundingClientRect().height)},[]);return(0,k.RF)((t,n)=&gt;{let{scrollY:a}=t;if(!e)return;if(a&lt;i.current){r(!0);return}if(s.current){s.current=!1;return}let o=n?.scrollY,c=document.documentElement.scrollHeight-i.current,p=window.innerHeight;o&amp;&amp;a&gt;=o?r(!1):a+p&lt;c&amp;&amp;r(!0)}),(0,d.S)(t=&gt;{if(!e)return;let n=t.location.hash;if(n?document.getElementById(n.substring(1)):void 0){s.current=!0,r(!1);return}r(!0)}),{navbarRef:a,isNavbarVisible:t}}(r);return(0,s.jsxs)("nav",{ref:c,"aria-label":(0,p.I)({id:"theme.NavBar.navAriaLabel",message:"Main",description:"The ARIA label for the main navigation"}),className:(0,i.Z)("navbar","navbar--fixed-top",r&amp;&amp;[e6.navbarHideable,!u&amp;&amp;e6.navbarHidden],{"navbar--dark":"dark"===a,"navbar--primary":"primary"===a,"navbar-sidebar--show":o.shown}),children:[t,(0,s.jsx)(e9,{onClick:o.toggle}),(0,s.jsx)(e8,{})]})}var e3=r("586643");function e5(e){return(0,s.jsx)("button",{type:"button",...e,children:(0,s.jsx)(p.Z,{id:"theme.ErrorPageContent.tryAgain",description:"The label of the button to try again rendering when the React error boundary captures an error",children:"Try again"})})}function te(e){let{error:t}=e,r=(0,e3.getErrorCausalChain)(t).map(e=&gt;e.message).join("\n\nCause:\n");return(0,s.jsx)("p",{className:"errorBoundaryError_FiLL",children:r})}class tt extends n.Component{componentDidCatch(e,t){throw this.props.onError(e,t)}render(){return this.props.children}}function tr(e){let{width:t=30,height:r=30,className:n,...i}=e;return(0,s.jsx)("svg",{className:n,width:t,height:r,viewBox:"0 0 30 30","aria-hidden":"true",...i,children:(0,s.jsx)("path",{stroke:"currentColor",strokeLinecap:"round",strokeMiterlimit:"10",strokeWidth:"2",d:"M4 7h22M4 15h22M4 23h22"})})}function ts(){let{toggle:e,shown:t}=(0,q.e)();return(0,s.jsx)("button",{onClick:e,"aria-label":(0,p.I)({id:"theme.docs.sidebar.toggleSidebarButtonAriaLabel",message:"Toggle navigation bar",description:"The ARIA label for hamburger menu button of mobile navigation"}),"aria-expanded":t,className:"navbar__toggle clean-btn",type:"button",children:(0,s.jsx)(tr,{})})}function tn(e){let{items:t}=e;return(0,s.jsx)(s.Fragment,{children:t.map((e,t)=&gt;(0,s.jsx)(tt,{onError:t=&gt;Error(`A theme navbar item failed to render.
Please double-check the following navbar item (themeConfig.navbar.items) of your Docusaurus config:
${JSON.stringify(e,null,2)}`,{cause:t}),children:(0,s.jsx)(e1,{...e})},t))})}function ti(e){let{left:t,right:r}=e;return(0,s.jsxs)("div",{className:"navbar__inner",children:[(0,s.jsx)("div",{className:"navbar__items",children:t}),(0,s.jsx)("div",{className:"navbar__items navbar__items--right",children:r})]})}function ta(){let e=(0,q.e)(),t=(0,v.L)().navbar.items,[r,n]=function(e){function t(e){return(e.position??"right")==="left"}return[e.filter(t),e.filter(e=&gt;!t(e))]}(t),i=t.find(e=&gt;"search"===e.type);return(0,s.jsx)(ti,{left:(0,s.jsxs)(s.Fragment,{children:[!e.disabled&amp;&amp;(0,s.jsx)(ts,{}),(0,s.jsx)(H,{}),(0,s.jsx)(tn,{items:r})]}),right:(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(tn,{items:n}),(0,s.jsx)(U,{className:"colorModeToggle_Hg9V"}),!i&amp;&amp;(0,s.jsx)(eU,{children:(0,s.jsx)(eM,{})})]})})}function to(){return(0,s.jsx)(e7,{children:(0,s.jsx)(ta,{})})}function tc(e){let{title:t,links:r}=e;return r?.length&gt;0?(0,T.BX)("ul",{css:(0,E.iv)`
        list-style: none;
        line-height: 2.5;
        margin: 0;
        padding: 0;
        white-space: nowrap;
        min-width: 230px;
      `,children:[(0,T.tZ)("li",{css:(0,E.iv)`
          font-size: 1.25rem;
          font-weight: 700;
        `,children:t}),r.map((e,t)=&gt;(0,T.tZ)("li",{children:(0,T.tZ)(eK,{href:e.href,css:(0,E.iv)`
              color: white;
              &amp;:hover {
                text-decoration: none;
              }
            `,children:e.label})},t))]}):null}function tp(e){return(0,T.tZ)(eK,{href:e.href,css:(0,E.iv)`
        color: white;
        border-bottom: 1px solid white;
        transition: opacity 0.3s;
        &amp;:hover {
          text-decoration: none;
          border-bottom: 1px solid var(--ifm-color-primary);
        }
      `,children:e.children})}function td(e){let{className:t}=e,{footer:r}=(0,v.L)();if(!r)return null;let{links:s,logo:n}=r;return(0,T.BX)("footer",{className:t,css:(0,E.iv)`
        color: white;
        background-color: var(--ifm-footer-background-color);
        border-top: 1px solid var(--ifm-color-primary);
      `,children:[(0,T.BX)("div",{css:(0,E.iv)`
          margin: 0 auto;
          padding: 4rem 1.5rem;
          max-width: 1024px;
          display: flex;
          flex-direction: column;
          border-bottom: 1px solid var(--ifm-color-primary);
          background-image: url('/blocks/3-orange.svg');
          background-position: top 1rem right 10%;
          background-size: 35px 41px;
          background-repeat: no-repeat;
        `,children:[(0,T.tZ)(eK,{href:n?.href,children:(0,T.tZ)("img",{alt:n?.alt,src:n?.src,width:n?.width,height:n?.height})}),(0,T.tZ)("div",{css:(0,E.iv)`
            margin-top: 2rem;
            display: flex;
            flex-wrap: wrap;
            gap: 2rem;
            justify-content: space-between;
          `,children:"title"in s[0]?s.map((e,t)=&gt;(0,T.tZ)(tc,{title:e.title,links:e.items},t)):(0,T.tZ)(tc,{title:"",links:s})})]}),(0,T.BX)("div",{css:(0,E.iv)`
          display: flex;
          justify-content: center;
          text-align: center;
          font-size: 0.9rem;
          flex-wrap: wrap;
          gap: 0.25rem;
          padding: 1rem 0;
        `,children:[(0,T.BX)("div",{children:["Copyright \xa9 Tetrate ",new Date().getFullYear(),". All rights reserved."]}),(0,T.BX)("div",{children:[(0,T.tZ)(tp,{href:"https://tetrate.io/legal/",children:"Terms and Conditions"})," ","and"," ",(0,T.tZ)(tp,{href:"https://tetrate.io/privacy/",children:"Privacy"})]})]})]})}var tu=r("398226");let tl=(0,j.Qc)([L.S,b.p,k.OC,tu.L5,o.VC,function(e){let{children:t}=e;return(0,s.jsx)(I.n2,{children:(0,s.jsx)(q.M,{children:(0,s.jsx)($,{children:t})})})}]);function tm(e){let{children:t}=e;return(0,s.jsx)(tl,{children:t})}var th=r("128322");function tg(e){let{error:t,tryAgain:r}=e;return(0,s.jsx)("main",{className:"container margin-vert--xl",children:(0,s.jsx)("div",{className:"row",children:(0,s.jsxs)("div",{className:"col col--6 col--offset-3",children:[(0,s.jsx)(th.Z,{as:"h1",className:"hero__title",children:(0,s.jsx)(p.Z,{id:"theme.ErrorPageContent.title",description:"The title of the fallback page when the page crashed",children:"This page crashed."})}),(0,s.jsx)("div",{className:"margin-vert--lg",children:(0,s.jsx)(e5,{onClick:r,className:"button button--primary shadow--lw"})}),(0,s.jsx)("hr",{}),(0,s.jsx)("div",{className:"margin-vert--md",children:(0,s.jsx)(te,{error:t})})]})})})}function tf(e){let{children:t,noFooter:r,wrapperClassName:n,title:c,description:p}=e;return(0,f.t)(),(0,s.jsxs)(tm,{children:[(0,s.jsx)(o.d,{title:c,description:p}),(0,s.jsx)(y,{}),(0,s.jsx)(A,{}),(0,s.jsx)(to,{}),(0,s.jsx)("div",{id:u,className:(0,i.Z)(g.k.wrapper.main,"mainWrapper_UyTV",n),children:(0,s.jsx)(a.Z,{fallback:e=&gt;(0,s.jsx)(tg,{...e}),children:t})}),!r&amp;&amp;(0,s.jsx)(td,{})]})}},369439:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;f});var s=r("552322"),n=r("202784"),i=r("778943"),a=r("245961"),o=r("649221"),c=r("892408"),p=r("618293"),d=r("560061"),u=r("344987");let l={themedComponent:"themedComponent_DHUr","themedComponent--light":"themedComponent--light_DIHH","themedComponent--dark":"themedComponent--dark_Bv2M"};function m(e){let{className:t,children:r}=e,i=(0,d.Z)(),{colorMode:a}=(0,u.I)();return(0,s.jsx)(s.Fragment,{children:(i?"dark"===a?["dark"]:["light"]:["light","dark"]).map(e=&gt;{let i=r({theme:e,className:(0,p.Z)(t,l.themedComponent,l[`themedComponent--${e}`])});return(0,s.jsx)(n.Fragment,{children:i},e)})})}function h(e){let{sources:t,className:r,alt:n,...i}=e;return(0,s.jsx)(m,{className:r,children:e=&gt;{let{theme:r,className:a}=e;return(0,s.jsx)("img",{src:t[r],alt:n,className:a,...i})}})}function g(e){let{logo:t,alt:r,imageClassName:n}=e,i={light:(0,a.ZP)(t.src),dark:(0,a.ZP)(t.srcDark||t.src)},o=(0,s.jsx)(h,{className:t.className,sources:i,height:t.height,width:t.width,alt:r,style:t.style});return n?(0,s.jsx)("div",{className:n,children:o}):o}function f(e){let{siteConfig:{title:t}}=(0,o.Z)(),{navbar:{title:r,logo:n}}=(0,c.L)(),{imageClassName:p,titleClassName:d,...u}=e,l=(0,a.ZP)(n?.href||"/"),m=n?.alt??(r?"":t);return(0,s.jsxs)(i.Z,{to:l,...u,...n?.target&amp;&amp;{target:n.target},children:[n&amp;&amp;(0,s.jsx)(g,{logo:n,alt:m,imageClassName:p}),null!=r&amp;&amp;(0,s.jsx)("b",{className:d,children:r})]})}},755733:function(e,t,r){"use strict";r.d(t,{Z:function(){return i}});var s=r(552322);r(202784);var n=r(57505);function i(e){let{locale:t,version:r,tag:i}=e;return(0,s.jsxs)(n.Z,{children:[t&amp;&amp;(0,s.jsx)("meta",{name:"docusaurus_locale",content:t}),r&amp;&amp;(0,s.jsx)("meta",{name:"docusaurus_version",content:r}),i&amp;&amp;(0,s.jsx)("meta",{name:"docusaurus_tag",content:i}),t&amp;&amp;(0,s.jsx)("meta",{name:"docsearch:language",content:t}),r&amp;&amp;(0,s.jsx)("meta",{name:"docsearch:version",content:r}),i&amp;&amp;(0,s.jsx)("meta",{name:"docsearch:docusaurus_tag",content:i})]})}},336663:function(e,t,r){"use strict";r.d(t,{u:function(){return c},z:function(){return h}});var s=r(552322),n=r(202784),i=r(560061),a=r(884294),o=r(448312);function c(e){let{initialState:t}=e,[r,s]=(0,n.useState)(t??!1),i=(0,n.useCallback)(()=&gt;{s(e=&gt;!e)},[]);return{collapsed:r,setCollapsed:s,toggleCollapsed:i}}let p={display:"none",overflow:"hidden",height:"0px"},d={display:"block",overflow:"visible",height:"auto"};function u(e,t){let r=t?p:d;e.style.display=r.display,e.style.overflow=r.overflow,e.style.height=r.height}function l(e){let{as:t="div",collapsed:r,children:a,animation:c,onCollapseTransitionEnd:l,className:m,disableSSRStyle:h}=e,g=(0,i.Z)(),f=(0,n.useRef)(null);return!function(e){let{collapsibleRef:t,collapsed:r,animation:s}=e,i=(0,n.useRef)(!1);(0,n.useEffect)(()=&gt;{let e=t.current;function n(){let t=function(){let t=e.scrollHeight,r=s?.duration??function(e){if((0,o.n)())return 1;let t=e/36;return Math.round((4+15*t**.25+t/5)*10)}(t),n=s?.easing??"ease-in-out";return{transition:`height ${r}ms ${n}`,height:`${t}px`}}();e.style.transition=t.transition,e.style.height=t.height}if(!i.current){u(e,r),i.current=!0;return}return e.style.willChange="height",function(){let t=requestAnimationFrame(()=&gt;{r?(n(),requestAnimationFrame(()=&gt;{e.style.height=p.height,e.style.overflow=p.overflow})):(e.style.display="block",requestAnimationFrame(()=&gt;{n()}))});return()=&gt;cancelAnimationFrame(t)}()},[t,r,s])}({collapsibleRef:f,collapsed:r,animation:c}),(0,s.jsx)(t,{ref:f,style:h?void 0:function(e){let{collapsed:t,isBrowser:r}=e;if(!r)return t?p:d}({collapsed:r,isBrowser:g}),onTransitionEnd:e=&gt;{"height"===e.propertyName&amp;&amp;(u(f.current,r),l?.(r))},className:m,children:a})}function m(e){let{collapsed:t,...r}=e,[i,o]=(0,n.useState)(!t),[c,p]=(0,n.useState)(t);return(0,a.Z)(()=&gt;{t||o(!0)},[t]),(0,a.Z)(()=&gt;{i&amp;&amp;p(t)},[i,t]),i?(0,s.jsx)(l,{...r,collapsed:c}):null}function h(e){let{lazy:t,...r}=e;return(0,s.jsx)(t?m:l,{...r})}},130114:function(e,t,r){"use strict";r.d(t,{n:function(){return g},p:function(){return h}});var s=r(552322),n=r(202784),i=r(560061),a=r(649569),o=r(337327),c=r(892408);let p=(0,a.WA)("docusaurus.announcement.dismiss"),d=(0,a.WA)("docusaurus.announcement.id"),u=()=&gt;"true"===p.get(),l=e=&gt;p.set(String(e)),m=n.createContext(null);function h(e){let{children:t}=e,r=function(){let{announcementBar:e}=(0,c.L)(),t=(0,i.Z)(),[r,s]=(0,n.useState)(()=&gt;!!t&amp;&amp;u());(0,n.useEffect)(()=&gt;{s(u())},[]);let a=(0,n.useCallback)(()=&gt;{l(!0),s(!0)},[]);return(0,n.useEffect)(()=&gt;{if(!e)return;let{id:t}=e,r=d.get();"annoucement-bar"===r&amp;&amp;(r="announcement-bar");let n=t!==r;d.set(t),n&amp;&amp;l(!1),(n||!u())&amp;&amp;s(!1)},[e]),(0,n.useMemo)(()=&gt;({isActive:!!e&amp;&amp;!r,close:a}),[e,r,a])}();return(0,s.jsx)(m.Provider,{value:r,children:t})}function g(){let e=(0,n.useContext)(m);if(!e)throw new o.i6("AnnouncementBarProvider");return e}},344987:function(e,t,r){"use strict";r.d(t,{I:function(){return y},S:function(){return f}});var s=r(552322),n=r(202784),i=r(158724),a=r(337327),o=r(649569),c=r(892408);let p=n.createContext(void 0),d="theme",u=(0,o.WA)(d),l={light:"light",dark:"dark"},m=e=&gt;e===l.dark?l.dark:l.light,h=e=&gt;i.default.canUseDOM?m(document.documentElement.getAttribute("data-theme")):m(e),g=e=&gt;{u.set(m(e))};function f(e){let{children:t}=e,r=function(){let{colorMode:{defaultMode:e,disableSwitch:t,respectPrefersColorScheme:r}}=(0,c.L)(),[s,i]=(0,n.useState)(h(e));(0,n.useEffect)(()=&gt;{t&amp;&amp;u.del()},[t]);let a=(0,n.useCallback)(function(t){let s=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:{},{persist:n=!0}=s;t?(i(t),n&amp;&amp;g(t)):(r?i(window.matchMedia("(prefers-color-scheme: dark)").matches?l.dark:l.light):i(e),u.del())},[r,e]);(0,n.useEffect)(()=&gt;{document.documentElement.setAttribute("data-theme",m(s))},[s]),(0,n.useEffect)(()=&gt;{if(t)return;let e=e=&gt;{if(e.key!==d)return;let t=u.get();null!==t&amp;&amp;a(m(t))};return window.addEventListener("storage",e),()=&gt;window.removeEventListener("storage",e)},[t,a]);let o=(0,n.useRef)(!1);return(0,n.useEffect)(()=&gt;{if(t&amp;&amp;!r)return;let e=window.matchMedia("(prefers-color-scheme: dark)"),s=()=&gt;{if(window.matchMedia("print").matches||o.current){o.current=window.matchMedia("print").matches;return}a(null)};return e.addListener(s),()=&gt;e.removeListener(s)},[a,t,r]),(0,n.useMemo)(()=&gt;({colorMode:s,setColorMode:a,get isDarkTheme(){return s===l.dark},setLightTheme(){a(l.light)},setDarkTheme(){a(l.dark)}}),[s,a])}();return(0,s.jsx)(p.Provider,{value:r,children:t})}function y(){let e=(0,n.useContext)(p);if(null==e)throw new a.i6("ColorModeProvider","Please see https://docusaurus.io/docs/api/themes/configuration#use-color-mode.");return e}},598419:function(e,t,r){"use strict";r.d(t,{M:function(){return u},e:function(){return l}});var s=r(552322),n=r(202784),i=r(33449),a=r(203247),o=r(483809),c=r(892408),p=r(337327);let d=n.createContext(void 0);function u(e){let{children:t}=e,r=function(){let e=function(){let e=(0,i.HY)(),{items:t}=(0,c.L)().navbar;return 0===t.length&amp;&amp;!e.component}(),t=(0,a.i)(),r=!e&amp;&amp;"mobile"===t,[s,p]=(0,n.useState)(!1);(0,o.Rb)(()=&gt;{if(s)return p(!1),!1});let d=(0,n.useCallback)(()=&gt;{p(e=&gt;!e)},[]);return(0,n.useEffect)(()=&gt;{"desktop"===t&amp;&amp;p(!1)},[t]),(0,n.useMemo)(()=&gt;({disabled:e,shouldRender:r,toggle:d,shown:s}),[e,r,d,s])}();return(0,s.jsx)(d.Provider,{value:r,children:t})}function l(){let e=n.useContext(d);if(void 0===e)throw new p.i6("NavbarMobileSidebarProvider");return e}},33449:function(e,t,r){"use strict";r.d(t,{HY:function(){return c},Zo:function(){return p},n2:function(){return o}});var s=r(552322),n=r(202784),i=r(337327);let a=n.createContext(null);function o(e){let{children:t}=e,r=(0,n.useState)({component:null,props:null});return(0,s.jsx)(a.Provider,{value:r,children:t})}function c(){let e=(0,n.useContext)(a);if(!e)throw new i.i6("NavbarSecondaryMenuContentProvider");return e[0]}function p(e){let{component:t,props:r}=e,s=(0,n.useContext)(a);if(!s)throw new i.i6("NavbarSecondaryMenuContentProvider");let[,o]=s,c=(0,i.Ql)(r);return(0,n.useEffect)(()=&gt;{o({component:t,props:c})},[o,t,c]),(0,n.useEffect)(()=&gt;()=&gt;o({component:null,props:null}),[o]),null}},40382:function(e,t,r){"use strict";r.d(t,{h:()=&gt;n,t:()=&gt;i});var s=r("202784");let n="navigation-with-keyboard";function i(){(0,s.useEffect)(()=&gt;{function e(e){"keydown"===e.type&amp;&amp;"Tab"===e.key&amp;&amp;document.body.classList.add(n),"mousedown"===e.type&amp;&amp;document.body.classList.remove(n)}return document.addEventListener("keydown",e),document.addEventListener("mousedown",e),()=&gt;{document.body.classList.remove(n),document.removeEventListener("keydown",e),document.removeEventListener("mousedown",e)}},[])}},203247:function(e,t,r){"use strict";r.d(t,{i:function(){return a}});var s=r(202784),n=r(158724);let i={desktop:"desktop",mobile:"mobile"};function a(){let{desktopBreakpoint:e=996}=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{},[t,r]=(0,s.useState)(()=&gt;"ssr");return(0,s.useEffect)(()=&gt;{function t(){r(function(e){if(!n.default.canUseDOM)throw Error("getWindowSize() should only be called after React hydration");return window.innerWidth&gt;e?i.desktop:i.mobile}(e))}return t(),window.addEventListener("resize",t),()=&gt;{window.removeEventListener("resize",t)}},[e]),t}},326679:function(e,t,r){"use strict";r.d(t,{J:function(){return a},_q:function(){return o},jA:function(){return i}});var s=r(649221),n=r(29005);function i(){for(var e=arguments.length,t=Array(e),s=0;s&lt;e;s++)t[s]=arguments[s];return r(136128).jA(...t)}function a(){for(var e=arguments.length,t=Array(e),s=0;s&lt;e;s++)t[s]=arguments[s];return r(136128).J(...t)}function o(){let{i18n:e}=(0,s.Z)(),t=r(136128).z1(),i=[n.H,...t];return{locale:e.currentLocale,tags:i}}},968483:function(e,t,r){"use strict";r.d(t,{k:function(){return s}});let s={page:{blogListPage:"blog-list-page",blogPostPage:"blog-post-page",blogTagsListPage:"blog-tags-list-page",blogTagPostListPage:"blog-tags-post-list-page",blogAuthorsListPage:"blog-authors-list-page",blogAuthorsPostsPage:"blog-authors-posts-page",docsDocPage:"docs-doc-page",docsTagsListPage:"docs-tags-list-page",docsTagDocListPage:"docs-tags-doc-list-page",mdxPage:"mdx-page"},wrapper:{main:"main-wrapper",blogPages:"blog-wrapper",docsPages:"docs-wrapper",mdxPages:"mdx-wrapper"},common:{editThisPage:"theme-edit-this-page",lastUpdated:"theme-last-updated",backToTopButton:"theme-back-to-top-button",codeBlock:"theme-code-block",admonition:"theme-admonition",unlistedBanner:"theme-unlisted-banner",draftBanner:"theme-draft-banner",admonitionType:e=&gt;`theme-admonition-${e}`},layout:{},docs:{docVersionBanner:"theme-doc-version-banner",docVersionBadge:"theme-doc-version-badge",docBreadcrumbs:"theme-doc-breadcrumbs",docMarkdown:"theme-doc-markdown",docTocMobile:"theme-doc-toc-mobile",docTocDesktop:"theme-doc-toc-desktop",docFooter:"theme-doc-footer",docFooterTagsRow:"theme-doc-footer-tags-row",docFooterEditMetaRow:"theme-doc-footer-edit-meta-row",docSidebarContainer:"theme-doc-sidebar-container",docSidebarMenu:"theme-doc-sidebar-menu",docSidebarItemCategory:"theme-doc-sidebar-item-category",docSidebarItemLink:"theme-doc-sidebar-item-link",docSidebarItemCategoryLevel:e=&gt;`theme-doc-sidebar-item-category-level-${e}`,docSidebarItemLinkLevel:e=&gt;`theme-doc-sidebar-item-link-level-${e}`},blog:{blogFooterTagsRow:"theme-blog-footer-tags-row",blogFooterEditMetaRow:"theme-blog-footer-edit-meta-row"},pages:{pageFooterEditMetaRow:"theme-pages-footer-edit-meta-row"}}},448312:function(e,t,r){"use strict";function s(){return window.matchMedia("(prefers-reduced-motion: reduce)").matches}r.d(t,{n:function(){return s}})},483809:function(e,t,r){"use strict";r.d(t,{Rb:function(){return a},_X:function(){return o}});var s=r(202784),n=r(107267),i=r(337327);function a(e){!function(e){let t=(0,n.k6)(),r=(0,i.zX)(e);(0,s.useEffect)(()=&gt;t.block((e,t)=&gt;r(e,t)),[t,r])}((t,r)=&gt;{if("POP"===r)return e(t,r)})}function o(e){return function(e){let t=(0,n.k6)();return(0,s.useSyncExternalStore)(t.listen,()=&gt;e(t),()=&gt;e(t))}(t=&gt;null===e?null:new URLSearchParams(t.location.search).get(e))}},367010:function(e,t,r){"use strict";function s(e){let t=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:(e,t)=&gt;e===t;return e.filter((r,s)=&gt;e.findIndex(e=&gt;t(e,r))!==s)}function n(e){return Array.from(new Set(e))}r.d(t,{jj:function(){return n},lx:function(){return s}})},844700:function(e,t,r){"use strict";r.d(t,{VC:()=&gt;m,d:()=&gt;d,FG:()=&gt;l});var s=r("552322"),n=r("202784"),i=r("618293"),a=r("57505"),o=r("427373"),c=r("245961"),p=r("649221");function d(e){let{title:t,description:r,keywords:n,image:i,children:o}=e,d=function(e){let{siteConfig:t}=(0,p.Z)(),{title:r,titleDelimiter:s}=t;return e?.trim().length?`${e.trim()} ${s} ${r}`:r}(t),{withBaseUrl:u}=(0,c.Cg)(),l=i?u(i,{absolute:!0}):void 0;return(0,s.jsxs)(a.Z,{children:[t&amp;&amp;(0,s.jsx)("title",{children:d}),t&amp;&amp;(0,s.jsx)("meta",{property:"og:title",content:d}),r&amp;&amp;(0,s.jsx)("meta",{name:"description",content:r}),r&amp;&amp;(0,s.jsx)("meta",{property:"og:description",content:r}),n&amp;&amp;(0,s.jsx)("meta",{name:"keywords",content:Array.isArray(n)?n.join(","):n}),l&amp;&amp;(0,s.jsx)("meta",{property:"og:image",content:l}),l&amp;&amp;(0,s.jsx)("meta",{name:"twitter:image",content:l}),o]})}let u=n.createContext(void 0);function l(e){let{className:t,children:r}=e,o=n.useContext(u),c=(0,i.Z)(o,t);return(0,s.jsxs)(u.Provider,{value:c,children:[(0,s.jsx)(a.Z,{children:(0,s.jsx)("html",{className:c})}),r]})}function m(e){var t;let{children:r}=e,a=function(){let e=n.useContext(o._);if(!e)throw Error("Unexpected: no Docusaurus route context found");return e}(),c=(t=a.plugin.name,`plugin-${t.replace(/docusaurus-(?:plugin|theme)-(?:content-)?/gi,"")}`),p=`plugin-id-${a.plugin.id}`;return(0,s.jsx)(l,{className:(0,i.Z)(c,p),children:r})}},337327:function(e,t,r){"use strict";r.d(t,{D9:function(){return o},Qc:function(){return d},Ql:function(){return p},i6:function(){return c},zX:function(){return a}});var s=r(552322),n=r(202784),i=r(884294);function a(e){let t=(0,n.useRef)(e);return(0,i.Z)(()=&gt;{t.current=e},[e]),(0,n.useCallback)(function(){for(var e=arguments.length,r=Array(e),s=0;s&lt;e;s++)r[s]=arguments[s];return t.current(...r)},[])}function o(e){let t=(0,n.useRef)();return(0,i.Z)(()=&gt;{t.current=e}),t.current}class c extends Error{constructor(e,t){super(),this.name="ReactContextError",this.message=`Hook ${this.stack?.split("\n")[1]?.match(/at (?:\w+\.)?(?&lt;name&gt;\w+)/)?.groups.name??""} is called outside the &lt;${e}&gt;. ${t??""}`}}function p(e){let t=Object.entries(e);return t.sort((e,t)=&gt;e[0].localeCompare(t[0])),(0,n.useMemo)(()=&gt;e,t.flat())}function d(e){return t=&gt;{let{children:r}=t;return(0,s.jsx)(s.Fragment,{children:e.reduceRight((e,t)=&gt;(0,s.jsx)(t,{children:e}),r)})}}},171470:function(e,t,r){"use strict";function s(e,t){return void 0!==e&amp;&amp;void 0!==t&amp;&amp;RegExp(e,"gi").test(t)}r.d(t,{F:function(){return s}})},834918:function(e,t,r){"use strict";r.d(t,{Mg:function(){return a},Ns:function(){return o}});var s=r(202784),n=r(430913),i=r(649221);function a(e,t){let r=e=&gt;(!e||e.endsWith("/")?e:`${e}/`)?.toLowerCase();return r(e)===r(t)}function o(){let{baseUrl:e}=(0,i.Z)().siteConfig;return(0,s.useMemo)(()=&gt;(function(e){let{baseUrl:t,routes:r}=e;function s(e){return e.path===t&amp;&amp;!0===e.exact}function n(e){return e.path===t&amp;&amp;!e.exact}return function e(t){if(0===t.length)return;let r=t.find(s);return r||e(t.filter(n).flatMap(e=&gt;e.routes??[]))}(r)})({routes:n.Z,baseUrl:e}),[e])}},28944:function(e,t,r){"use strict";r.d(t,{Ct:function(){return g},OC:function(){return d},RF:function(){return m},o5:function(){return h}});var s=r(552322),n=r(202784),i=r(158724),a=r(560061),o=r(884294),c=r(337327);let p=n.createContext(void 0);function d(e){let{children:t}=e,r=function(){let e=(0,n.useRef)(!0);return(0,n.useMemo)(()=&gt;({scrollEventsEnabledRef:e,enableScrollEvents:()=&gt;{e.current=!0},disableScrollEvents:()=&gt;{e.current=!1}}),[])}();return(0,s.jsx)(p.Provider,{value:r,children:t})}function u(){let e=(0,n.useContext)(p);if(null==e)throw new c.i6("ScrollControllerProvider");return e}let l=()=&gt;i.default.canUseDOM?{scrollX:window.pageXOffset,scrollY:window.pageYOffset}:null;function m(e){let t=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:[],{scrollEventsEnabledRef:r}=u(),s=(0,n.useRef)(l()),i=(0,c.zX)(e);(0,n.useEffect)(()=&gt;{let e=()=&gt;{if(!r.current)return;let e=l();i(e,s.current),s.current=e},t={passive:!0};return e(),window.addEventListener("scroll",e,t),()=&gt;window.removeEventListener("scroll",e,t)},[i,r,...t])}function h(){let e=u(),t=function(){let e=(0,n.useRef)({elem:null,top:0}),t=(0,n.useCallback)(t=&gt;{e.current={elem:t,top:t.getBoundingClientRect().top}},[]),r=(0,n.useCallback)(()=&gt;{let{current:{elem:t,top:r}}=e;if(!t)return{restored:!1};let s=t.getBoundingClientRect().top-r;return s&amp;&amp;window.scrollBy({left:0,top:s}),e.current={elem:null,top:0},{restored:0!==s}},[]);return(0,n.useMemo)(()=&gt;({save:t,restore:r}),[r,t])}(),r=(0,n.useRef)(void 0),s=(0,n.useCallback)(s=&gt;{t.save(s),e.disableScrollEvents(),r.current=()=&gt;{let{restored:s}=t.restore();if(r.current=void 0,s){let t=()=&gt;{e.enableScrollEvents(),window.removeEventListener("scroll",t)};window.addEventListener("scroll",t)}else e.enableScrollEvents()}},[e,t]);return(0,o.Z)(()=&gt;{queueMicrotask(()=&gt;r.current?.())}),{blockElementScrollPositionUntilNextRender:s}}function g(){let e=(0,n.useRef)(null),t=(0,a.Z)()&amp;&amp;"smooth"===getComputedStyle(document.documentElement).scrollBehavior;return{startScroll:r=&gt;{e.current=t?(window.scrollTo({top:r,behavior:"smooth"}),()=&gt;{}):function(e){let t=null,r=document.documentElement.scrollTop&gt;e;return!function s(){let n=document.documentElement.scrollTop;(r&amp;&amp;n&gt;e||!r&amp;&amp;n&lt;e)&amp;&amp;(t=requestAnimationFrame(s),window.scrollTo(0,Math.floor((n-e)*.85)+e))}(),()=&gt;t&amp;&amp;cancelAnimationFrame(t)}(r)},cancelScroll:()=&gt;e.current?.()}}},29005:function(e,t,r){"use strict";r.d(t,{H:function(){return s}});let s="default"},649569:function(e,t,r){"use strict";r.d(t,{Nk:function(){return d},WA:function(){return p}});var s=r(202784),n=r(345874);let i=n.d;function a(e){let{key:t,oldValue:r,newValue:s,storage:n}=e;if(r===s)return;let i=document.createEvent("StorageEvent");i.initStorageEvent("storage",!1,!1,t,r,s,window.location.href,n),window.dispatchEvent(i)}let o=!1,c={get:()=&gt;null,set:()=&gt;{},del:()=&gt;{},listen:()=&gt;()=&gt;{}};function p(e,t){let r=`${e}${n.u}`;if("undefined"==typeof window)return function(e){function t(){throw Error(`Illegal storage API usage for storage key "${e}".
Docusaurus storage APIs are not supposed to be called on the server-rendering process.
Please only call storage APIs in effects and event handlers.`)}return{get:t,set:t,del:t,listen:t}}(r);let s=function(){let e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:i;if("undefined"==typeof window)throw Error("Browser storage is not available on Node.js/Docusaurus SSR process.");if("none"===e)return null;try{return window[e]}catch(e){var t;return t=e,o||(console.warn(`Docusaurus browser storage is not available.
Possible reasons: running Docusaurus in an iframe, in an incognito browser session, or using too strict browser privacy settings.`,t),o=!0),null}}(t?.persistence);return null===s?c:{get:()=&gt;{try{return s.getItem(r)}catch(e){return console.error(`Docusaurus storage error, can't get key=${r}`,e),null}},set:e=&gt;{try{let t=s.getItem(r);s.setItem(r,e),a({key:r,oldValue:t,newValue:e,storage:s})}catch(t){console.error(`Docusaurus storage error, can't set ${r}=${e}`,t)}},del:()=&gt;{try{let e=s.getItem(r);s.removeItem(r),a({key:r,oldValue:e,newValue:null,storage:s})}catch(e){console.error(`Docusaurus storage error, can't delete key=${r}`,e)}},listen:e=&gt;{try{let t=t=&gt;{t.storageArea===s&amp;&amp;t.key===r&amp;&amp;e(t)};return window.addEventListener("storage",t),()=&gt;window.removeEventListener("storage",t)}catch(e){return console.error(`Docusaurus storage error, can't listen for changes of key=${r}`,e),()=&gt;{}}}}}function d(e,t){let r=(0,s.useRef)(()=&gt;null===e?c:p(e,t)).current(),n=(0,s.useCallback)(e=&gt;"undefined"==typeof window?()=&gt;{}:r.listen(e),[r]);return[(0,s.useSyncExternalStore)(n,()=&gt;r.get(),()=&gt;null),r]}},548466:function(e,t,r){"use strict";r.d(t,{l:function(){return a}});var s=r(649221),n=r(107267),i=r(586643);function a(){let{siteConfig:{baseUrl:e,url:t,trailingSlash:r},i18n:{defaultLocale:a,currentLocale:o}}=(0,s.Z)(),{pathname:c}=(0,n.TH)(),p=(0,i.applyTrailingSlash)(c,{trailingSlash:r,baseUrl:e}),d=o===a?e:e.replace(`/${o}/`,"/"),u=p.replace(e,"");return{createUrl:function(e){let{locale:r,fullyQualified:s}=e;return`${s?t:""}${r===a?`${d}`:`${d}${r}/`}${u}`}}}},882523:function(e,t,r){"use strict";r.d(t,{S:function(){return a}});var s=r(202784),n=r(107267),i=r(337327);function a(e){let t=(0,n.TH)(),r=(0,i.D9)(t),a=(0,i.zX)(e);(0,s.useEffect)(()=&gt;{r&amp;&amp;t!==r&amp;&amp;a({location:t,previousLocation:r})},[a,t,r])}},892408:function(e,t,r){"use strict";r.d(t,{L:function(){return n}});var s=r(649221);function n(){return(0,s.Z)().siteConfig.themeConfig}},613495:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.addTrailingSlash=n,t.default=function(e,t){let{trailingSlash:r,baseUrl:s}=t;if(e.startsWith("#")||void 0===r)return e;let[a]=e.split(/[#?]/),o="/"===a||a===s?a:r?n(a):i(a);return e.replace(a,o)},t.addLeadingSlash=function(e){return(0,s.addPrefix)(e,"/")},t.removeTrailingSlash=i;let s=r(258460);function n(e){return e.endsWith("/")?e:`${e}/`}function i(e){return(0,s.removeSuffix)(e,"/")}},990378:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.getErrorCausalChain=function e(t){return t.cause?[t,...e(t.cause)]:[t]}},586643:function(e,t,r){"use strict";t.getErrorCausalChain=t.applyTrailingSlash=void 0;let s=r(395365);var n=r(613495);Object.defineProperty(t,"applyTrailingSlash",{enumerable:!0,get:function(){return s.__importDefault(n).default}}),r(258460);var i=r(990378);Object.defineProperty(t,"getErrorCausalChain",{enumerable:!0,get:function(){return i.getErrorCausalChain}})},258460:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.addPrefix=function(e,t){return e.startsWith(t)?e:`${t}${e}`},t.removeSuffix=function(e,t){return""===t?e:e.endsWith(t)?e.slice(0,-t.length):e},t.addSuffix=function(e,t){return e.endsWith(t)?e:`${e}${t}`},t.removePrefix=function(e,t){return e.startsWith(t)?e.slice(t.length):e}},876681:function(e,t,r){"use strict";r.r(t),r.d(t,{default:()=&gt;g});var s=r("75150"),n=Object.assign||function(e){for(var t=1;t&lt;arguments.length;t++){var r=arguments[t];for(var s in r)Object.prototype.hasOwnProperty.call(r,s)&amp;&amp;(e[s]=r[s])}return e},i=function(e){return"IMG"===e.tagName},a=function(e){return e&amp;&amp;1===e.nodeType},o=function(e){return".svg"===(e.currentSrc||e.src).substr(-4).toLowerCase()},c=function(e){try{if(Array.isArray(e))return e.filter(i);if(NodeList.prototype.isPrototypeOf(e))return[].slice.call(e).filter(i);if(a(e))return[e].filter(i);if("string"==typeof e)return[].slice.call(document.querySelectorAll(e)).filter(i);return[]}catch(e){throw TypeError("The provided selector is invalid.\nExpects a CSS selector, a Node element, a NodeList or an array.\nSee: https://github.com/francoischalifour/medium-zoom")}},p=function(e){var t=document.createElement("div");return t.classList.add("medium-zoom-overlay"),t.style.background=e,t},d=function(e){var t=e.getBoundingClientRect(),r=t.top,s=t.left,n=t.width,i=t.height,a=e.cloneNode(),o=window.pageYOffset||document.documentElement.scrollTop||document.body.scrollTop||0,c=window.pageXOffset||document.documentElement.scrollLeft||document.body.scrollLeft||0;return a.removeAttribute("id"),a.style.position="absolute",a.style.top=r+o+"px",a.style.left=s+c+"px",a.style.width=n+"px",a.style.height=i+"px",a.style.transform="",a},u=function(e,t){var r=n({bubbles:!1,cancelable:!1,detail:void 0},t);if("function"==typeof window.CustomEvent)return new CustomEvent(e,r);var s=document.createEvent("CustomEvent");return s.initCustomEvent(e,r.bubbles,r.cancelable,r.detail),s};!function(e,t){void 0===t&amp;&amp;(t={});var r=t.insertAt;if(e&amp;&amp;"undefined"!=typeof document){var s=document.head||document.getElementsByTagName("head")[0],n=document.createElement("style");n.type="text/css","top"===r&amp;&amp;s.firstChild?s.insertBefore(n,s.firstChild):s.appendChild(n),n.styleSheet?n.styleSheet.cssText=e:n.appendChild(document.createTextNode(e))}}(".medium-zoom-overlay{position:fixed;top:0;right:0;bottom:0;left:0;opacity:0;transition:opacity .3s;will-change:opacity}.medium-zoom--opened .medium-zoom-overlay{cursor:pointer;cursor:zoom-out;opacity:1}.medium-zoom-image{cursor:pointer;cursor:zoom-in;transition:transform .3s cubic-bezier(.2,0,.2,1)!important}.medium-zoom-image--hidden{visibility:hidden}.medium-zoom-image--opened{position:relative;cursor:pointer;cursor:zoom-out;will-change:transform}");let l=function e(t){var r=arguments.length&gt;1&amp;&amp;void 0!==arguments[1]?arguments[1]:{},s=window.Promise||function(e){function t(){}e(t,t)},i=function(){for(var e=arguments.length,t=Array(e),r=0;r&lt;e;r++)t[r]=arguments[r];var s=t.reduce(function(e,t){return[].concat(e,c(t))},[]);return s.filter(function(e){return -1===g.indexOf(e)}).forEach(function(e){g.push(e),e.classList.add("medium-zoom-image")}),f.forEach(function(e){var t=e.type,r=e.listener,n=e.options;s.forEach(function(e){e.addEventListener(t,r,n)})}),S},l=function(){var e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{},t=e.target,r=function(){var e={width:document.documentElement.clientWidth,height:document.documentElement.clientHeight,left:0,top:0,right:0,bottom:0},t=void 0,r=void 0;if(b.container){if(b.container instanceof Object)t=(e=n({},e,b.container)).width-e.left-e.right-2*b.margin,r=e.height-e.top-e.bottom-2*b.margin;else{var s=(a(b.container)?b.container:document.querySelector(b.container)).getBoundingClientRect();e=n({},e,{width:s.width,height:s.height,left:s.left,top:s.top})}}t=t||e.width-2*b.margin,r=r||e.height-2*b.margin;var i=w.zoomedHd||w.original,c=o(i)?t:i.naturalWidth||t,p=o(i)?r:i.naturalHeight||r,d=i.getBoundingClientRect(),u=d.top,l=d.left,m=d.width,h=d.height,g=Math.min(Math.min(Math.max(m,c),t)/m,Math.min(Math.max(h,p),r)/h),f=(-l+(t-m)/2+b.margin+e.left)/g,y=(-u+(r-h)/2+b.margin+e.top)/g,v="scale("+g+") translate3d("+f+"px, "+y+"px, 0)";w.zoomed.style.transform=v,w.zoomedHd&amp;&amp;(w.zoomedHd.style.transform=v)};return new s(function(e){if(t&amp;&amp;-1===g.indexOf(t)||w.zoomed){e(S);return}if(t)w.original=t;else if(g.length&gt;0){var s=g;w.original=s[0]}else{e(S);return}if(w.original.dispatchEvent(u("medium-zoom:open",{detail:{zoom:S}})),v=window.pageYOffset||document.documentElement.scrollTop||document.body.scrollTop||0,y=!0,w.zoomed=d(w.original),document.body.appendChild(x),b.template){var n=a(b.template)?b.template:document.querySelector(b.template);w.template=document.createElement("div"),w.template.appendChild(n.content.cloneNode(!0)),document.body.appendChild(w.template)}if(w.original.parentElement&amp;&amp;"PICTURE"===w.original.parentElement.tagName&amp;&amp;w.original.currentSrc&amp;&amp;(w.zoomed.src=w.original.currentSrc),document.body.appendChild(w.zoomed),window.requestAnimationFrame(function(){document.body.classList.add("medium-zoom--opened")}),w.original.classList.add("medium-zoom-image--hidden"),w.zoomed.classList.add("medium-zoom-image--opened"),w.zoomed.addEventListener("click",m),w.zoomed.addEventListener("transitionend",function t(){y=!1,w.zoomed.removeEventListener("transitionend",t),w.original.dispatchEvent(u("medium-zoom:opened",{detail:{zoom:S}})),e(S)}),w.original.getAttribute("data-zoom-src")){w.zoomedHd=w.zoomed.cloneNode(),w.zoomedHd.removeAttribute("srcset"),w.zoomedHd.removeAttribute("sizes"),w.zoomedHd.removeAttribute("loading"),w.zoomedHd.src=w.zoomed.getAttribute("data-zoom-src"),w.zoomedHd.onerror=function(){clearInterval(i),console.warn("Unable to reach the zoom image target "+w.zoomedHd.src),w.zoomedHd=null,r()};var i=setInterval(function(){w.zoomedHd.complete&amp;&amp;(clearInterval(i),w.zoomedHd.classList.add("medium-zoom-image--opened"),w.zoomedHd.addEventListener("click",m),document.body.appendChild(w.zoomedHd),r())},10)}else if(w.original.hasAttribute("srcset")){w.zoomedHd=w.zoomed.cloneNode(),w.zoomedHd.removeAttribute("sizes"),w.zoomedHd.removeAttribute("loading");var o=w.zoomedHd.addEventListener("load",function(){w.zoomedHd.removeEventListener("load",o),w.zoomedHd.classList.add("medium-zoom-image--opened"),w.zoomedHd.addEventListener("click",m),document.body.appendChild(w.zoomedHd),r()})}else r()})},m=function(){return new s(function(e){if(y||!w.original){e(S);return}y=!0,document.body.classList.remove("medium-zoom--opened"),w.zoomed.style.transform="",w.zoomedHd&amp;&amp;(w.zoomedHd.style.transform=""),w.template&amp;&amp;(w.template.style.transition="opacity 150ms",w.template.style.opacity=0),w.original.dispatchEvent(u("medium-zoom:close",{detail:{zoom:S}})),w.zoomed.addEventListener("transitionend",function t(){w.original.classList.remove("medium-zoom-image--hidden"),document.body.removeChild(w.zoomed),w.zoomedHd&amp;&amp;document.body.removeChild(w.zoomedHd),document.body.removeChild(x),w.zoomed.classList.remove("medium-zoom-image--opened"),w.template&amp;&amp;document.body.removeChild(w.template),y=!1,w.zoomed.removeEventListener("transitionend",t),w.original.dispatchEvent(u("medium-zoom:closed",{detail:{zoom:S}})),w.original=null,w.zoomed=null,w.zoomedHd=null,w.template=null,e(S)})})},h=function(){var e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{},t=e.target;return w.original?m():l({target:t})},g=[],f=[],y=!1,v=0,b=r,w={original:null,zoomed:null,zoomedHd:null,template:null};"[object Object]"===Object.prototype.toString.call(t)?b=t:(t||"string"==typeof t)&amp;&amp;i(t);var x=p((b=n({margin:0,background:"#fff",scrollOffset:40,container:null,template:null},b)).background);document.addEventListener("click",function(e){var t=e.target;if(t===x){m();return}-1!==g.indexOf(t)&amp;&amp;h({target:t})}),document.addEventListener("keyup",function(e){var t=e.key||e.keyCode;("Escape"===t||"Esc"===t||27===t)&amp;&amp;m()}),document.addEventListener("scroll",function(){if(!y&amp;&amp;w.original){var e=window.pageYOffset||document.documentElement.scrollTop||document.body.scrollTop||0;Math.abs(v-e)&gt;b.scrollOffset&amp;&amp;setTimeout(m,150)}}),window.addEventListener("resize",m);var S={open:l,close:m,toggle:h,update:function(){var e=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{};if(e.background&amp;&amp;(x.style.background=e.background),e.container&amp;&amp;e.container instanceof Object&amp;&amp;(e.container=n({},b.container,e.container)),e.template){var t=a(e.template)?e.template:document.querySelector(e.template);e.template=t}return b=n({},b,e),g.forEach(function(e){e.dispatchEvent(u("medium-zoom:update",{detail:{zoom:S}}))}),S},clone:function(){var t=arguments.length&gt;0&amp;&amp;void 0!==arguments[0]?arguments[0]:{};return e(n({},b,t))},attach:i,detach:function(){for(var e=arguments.length,t=Array(e),r=0;r&lt;e;r++)t[r]=arguments[r];w.zoomed&amp;&amp;m();var s=t.length&gt;0?t.reduce(function(e,t){return[].concat(e,c(t))},[]):g;return s.forEach(function(e){e.classList.remove("medium-zoom-image"),e.dispatchEvent(u("medium-zoom:detach",{detail:{zoom:S}}))}),g=g.filter(function(e){return -1===s.indexOf(e)}),S},on:function(e,t){var r=arguments.length&gt;2&amp;&amp;void 0!==arguments[2]?arguments[2]:{};return g.forEach(function(s){s.addEventListener("medium-zoom:"+e,t,r)}),f.push({type:"medium-zoom:"+e,listener:t,options:r}),S},off:function(e,t){var r=arguments.length&gt;2&amp;&amp;void 0!==arguments[2]?arguments[2]:{};return g.forEach(function(s){s.removeEventListener("medium-zoom:"+e,t,r)}),f=f.filter(function(r){return!(r.type==="medium-zoom:"+e&amp;&amp;r.listener.toString()===t.toString())}),S},getOptions:function(){return b},getImages:function(){return g},getZoomedImage:function(){return w.original}};return S},{themeConfig:m}=s.default;function h(e){var t,r;return document.querySelector('html[data-theme="dark"]')?(null===(t=e.background)||void 0===t?void 0:t.dark)||"rgb(50, 50, 50)":(null===(r=e.background)||void 0===r?void 0:r.light)||"rgb(255, 255, 255)"}let g=function(){let e;if("undefined"==typeof window)return null;let{zoom:t}=m,{selector:r=".markdown img",config:s={}}=t||{};if(!t)return null;s.background=h(t);var n=new MutationObserver(function(){e&amp;&amp;e.update({background:h(t)})});let i=document.querySelector("html");return n.observe(i,{attributes:!0,attributeFilter:["data-theme"]}),setTimeout(()=&gt;{e&amp;&amp;e.detach(),e=l(r,s)},1e3),{onRouteUpdate(){setTimeout(()=&gt;{e&amp;&amp;e.detach(),e=l(r,s)},1e3)}}}()},355175:function(e,t,r){"use strict";var s=this&amp;&amp;this.__importDefault||function(e){return e&amp;&amp;e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),s(r(158724)).default.canUseDOM&amp;&amp;(window.Prism=window.Prism||{},window.Prism.manual=!0)},780650:function(e,t,r){"use strict";r.d(t,{O:function(){return a}});var s=r(202784),n=r(107267),i=r(649221);function a(){let e=(0,n.k6)(),{siteConfig:{baseUrl:t}}=(0,i.Z)(),[r,a]=(0,s.useState)("");return(0,s.useEffect)(()=&gt;{a(new URLSearchParams(window.location.search).get("q")??"")},[]),{searchQuery:r,setSearchQuery:(0,s.useCallback)(t=&gt;{let r=new URLSearchParams(window.location.search);t?r.set("q",t):r.delete("q"),e.replace({search:r.toString()}),a(t)},[e]),generateSearchPageLink:(0,s.useCallback)(e=&gt;`${t}search?q=${encodeURIComponent(e)}`,[t])}}},506229:function(e,t,r){"use strict";r.d(t,{_r:function(){return i}});var s=r(995367);let n={},i=()=&gt;(0,s.OD)("docusaurus-plugin-content-docs")??n},430913:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;l}),r("202784");var s=r("552322"),n=r("389028"),i=r.n(n),a=r("637138");let o={"0015a17e":[()=&gt;r.e("38584").then(r.bind(r,177111)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",177111],"0043252d":[()=&gt;r.e("76829").then(r.bind(r,856391)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/application_access_bindings.mdx",856391],"0076bf0f":[()=&gt;r.e("15598").then(r.t.bind(r,444240,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-290.json",444240],"0085247b":[()=&gt;r.e("77958").then(r.bind(r,190569)),"@site/versioned_docs/version-1.11.x/setup/security-context.mdx",190569],"009224dc":[()=&gt;r.e("98402").then(r.bind(r,644510)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",644510],"0092ac1d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("41898")]).then(r.bind(r,380738)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/tls-validation.mdx",380738],"009ee07d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("35926")]).then(r.bind(r,893181)),"@site/versioned_docs/version-1.11.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",893181],"00cd6815":[()=&gt;r.e("48594").then(r.t.bind(r,530294,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-8aa.json",530294],"00dd8e5c":[()=&gt;r.e("35136").then(r.bind(r,816047)),"@site/versioned_docs/version-next/howto/gitops/gitops.mdx",816047],"00f538b0":[()=&gt;r.e("42626").then(r.bind(r,316602)),"@site/versioned_docs/version-1.11.x/operations/telemetry/key-metrics.md",316602],"01087a99":[()=&gt;Promise.all([r.e("86212"),r.e("33579")]).then(r.bind(r,885273)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/operating/monitor.mdx",885273],"010c9526":[()=&gt;r.e("43233").then(r.t.bind(r,523500,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-vault-4ce.json",523500],"0126a8bd":[()=&gt;r.e("81735").then(r.t.bind(r,854152,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-grpc-api-aa7.json",854152],"013072af":[()=&gt;r.e("25975").then(r.bind(r,166716)),"@site/versioned_docs/version-1.12.x/operations/postgresql/managing-kubegres.mdx",166716],"0156cf14":[()=&gt;r.e("54166").then(r.bind(r,117108)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/ui.md",117108],"015ad18a":[()=&gt;r.e("83901").then(r.bind(r,780262)),"@site/versioned_docs/version-1.10.x/operations/telemetry/distributed-tracing.md",780262],"01613ec2":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("88893")]).then(r.bind(r,83264)),"@site/versioned_docs/version-1.11.x/design-guides/ha-dr-mp/index.mdx",83264],"017377da":[()=&gt;r.e("57651").then(r.t.bind(r,679239,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-elasticsearch-abc.json",679239],"019453a6":[()=&gt;r.e("28115").then(r.t.bind(r,467977,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-features-825.json",467977],"01a1a675":[()=&gt;r.e("10233").then(r.bind(r,755131)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/tenant_service.mdx",755131],"01a4210d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("69241")]).then(r.bind(r,759956)),"@site/versioned_docs/version-1.10.x/howto/authorization/sidecar.mdx",759956],"01a4e16a":[()=&gt;r.e("48170").then(r.bind(r,547919)),"@site/versioned_docs/version-1.8.x/reference/samples/httpbin.mdx",547919],"01ae554b":[()=&gt;r.e("48027").then(r.bind(r,151022)),"@site/versioned_docs/version-1.7.x/refs/tsb/application/v2/application.mdx",151022],"01bbc235":[()=&gt;r.e("23176").then(r.bind(r,268906)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",268906],"01d4248e":[()=&gt;r.e("52585").then(r.bind(r,517804)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",517804],"01d7d7a8":[()=&gt;r.e("63835").then(r.t.bind(r,260378,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-diagnostic-v-2-grpc-3cc.json",260378],"01fa5598":[()=&gt;r.e("14606").then(r.bind(r,976668)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",976668],"01ff7d31":[()=&gt;r.e("24798").then(r.bind(r,521857)),"@site/versioned_docs/version-1.9.x/howto/security-domains.mdx",521857],"023bf392":[()=&gt;r.e("8143").then(r.t.bind(r,394541,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-grpc-api-reference-fc2.json",394541],"0252476e":[()=&gt;r.e("53233").then(r.t.bind(r,198980,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-247.json",198980],"025635fc":[()=&gt;Promise.all([r.e("86212"),r.e("48816")]).then(r.bind(r,296614)),"@site/versioned_docs/version-1.6.x/setup/firewall-information.mdx",296614],"0273d591":[()=&gt;r.e("64806").then(r.t.bind(r,321217,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-application-v-2-yaml-713.json",321217],"0288b507":[()=&gt;r.e("26336").then(r.bind(r,267621)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",267621],"02bd2947":[()=&gt;r.e("30806").then(r.bind(r,280487)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/gateways-management.mdx",280487],"02c3cb1e":[()=&gt;r.e("40975").then(r.bind(r,391822)),"@site/versioned_docs/version-next/reference/cli/reference/edit.md",391822],"02df3931":[()=&gt;r.e("51833").then(r.bind(r,336376)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/completion.md",336376],"02f34170":[()=&gt;r.e("84752").then(r.bind(r,829138)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",829138],"02f42153":[()=&gt;r.e("42907").then(r.t.bind(r,398415,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-yaml-api-reference-81f.json",398415],"034fad36":[()=&gt;r.e("59592").then(r.bind(r,148832)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/ecs-workloads.mdx",148832],"035142ad":[()=&gt;r.e("41576").then(r.t.bind(r,457792,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-tags-tsb-quickstart-f93.json",457792],"035aa0b9":[()=&gt;r.e("61144").then(r.bind(r,154527)),"@site/versioned_docs/version-next/reference/k8s-api/guide.mdx",154527],"036b753f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("53715")]).then(r.bind(r,28647)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/external-rate-limiting.mdx",28647],"036d6cd4":[()=&gt;r.e("87155").then(r.bind(r,708382)),"@site/versioned_docs/version-next/reference/yaml-api/guide.mdx",708382],"0370b563":[()=&gt;r.e("25030").then(r.bind(r,320574)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",320574],"039b97ca":[()=&gt;Promise.all([r.e("86212"),r.e("89393")]).then(r.bind(r,376244)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",376244],"039df4ea":[()=&gt;r.e("7047").then(r.bind(r,621117)),"@site/versioned_docs/version-1.12.x/operations/users/oidc-azure.mdx",621117],"03c0d966":[()=&gt;r.e("9071").then(r.t.bind(r,677559,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-security-v-2-yaml-ca4.json",677559],"03e8e5b9":[()=&gt;r.e("54921").then(r.bind(r,216224)),"@site/versioned_docs/version-1.7.x/refs/tsb/traffic/v2/traffic_setting.mdx",216224],"040ad056":[()=&gt;r.e("63688").then(r.bind(r,928406)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/service-to-service.mdx",928406],"0420d491":[()=&gt;r.e("97440").then(r.bind(r,21710)),"@site/versioned_docs/version-1.9.x/quickstart/workspace.mdx",21710],"04220f58":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("73532")]).then(r.bind(r,498511)),"@site/versioned_docs/version-1.7.x/quickstart/traffic-shifting.mdx",498511],"0425c71e":[()=&gt;r.e("65731").then(r.bind(r,372398)),"@site/versioned_docs/version-1.9.x/release-notes-announcements/feature-status.mdx",372398],"042e2245":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("65151")]).then(r.bind(r,558999)),"@site/versioned_docs/version-1.7.x/howto/gateway/end-user-auth-keycloak.mdx",558999],"04331e46":[()=&gt;Promise.all([r.e("86212"),r.e("97869")]).then(r.bind(r,70532)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/cross-cluster.mdx",70532],"043dbd53":[()=&gt;r.e("30867").then(r.bind(r,386771)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",386771],"044e888e":[()=&gt;r.e("90647").then(r.bind(r,545037)),"@site/versioned_docs/version-1.10.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",545037],"04564775":[()=&gt;r.e("77070").then(r.bind(r,469453)),"@site/versioned_docs/version-1.9.x/concepts/operators/data-plane.mdx",469453],"046a4a5a":[()=&gt;r.e("71105").then(r.bind(r,624099)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",624099],"04a9c9fb":[()=&gt;r.e("91057").then(r.bind(r,304967)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/gateway.mdx",304967],"04b2d774":[()=&gt;r.e("18863").then(r.bind(r,980238)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token.mdx",980238],"04b38c20":[()=&gt;r.e("48851").then(r.bind(r,391707)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/overview.mdx",391707],"04b74742":[()=&gt;r.e("44873").then(r.bind(r,728678)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/validate.md",728678],"05044893":[()=&gt;r.e("56084").then(r.t.bind(r,352509,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-security-v-2-yaml-b15.json",352509],"0519f40f":[()=&gt;r.e("18350").then(r.bind(r,94075)),"@site/versioned_docs/version-next/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",94075],"052ec942":[()=&gt;r.e("13735").then(r.bind(r,261822)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/info.mdx",261822],"0532c633":[()=&gt;r.e("67070").then(r.t.bind(r,599564,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-iam-v-2-grpc-5cf.json",599564],"0540dca3":[()=&gt;r.e("67408").then(r.t.bind(r,218783,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-users-943.json",218783],"05510768":[()=&gt;r.e("96416").then(r.bind(r,944702)),"@site/versioned_docs/version-next/refs/tsb/security/v2/istio_security_direct.mdx",944702],"05785040":[()=&gt;r.e("37167").then(r.bind(r,2912)),"@site/versioned_docs/version-1.7.x/refs/tsb/observability/telemetry/v2/metric.mdx",2912],"057ca389":[()=&gt;Promise.all([r.e("86212"),r.e("15603")]).then(r.bind(r,782885)),"@site/versioned_docs/version-1.7.x/setup/requirements-and-download.mdx",782885],"05887cd2":[()=&gt;r.e("34039").then(r.bind(r,990237)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io.md",990237],"058ab215":[()=&gt;Promise.all([r.e("86212"),r.e("93969")]).then(r.bind(r,426949)),"@site/versioned_docs/version-1.8.x/howto/authorization/toc.mdx",426949],"058b72c1":[()=&gt;r.e("26030").then(r.bind(r,192614)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/organization.mdx",192614],"0594fb32":[()=&gt;r.e("45339").then(r.bind(r,176217)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/status.mdx",176217],"05a33b36":[()=&gt;r.e("98978").then(r.t.bind(r,60404,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_7_x/redocApiLayoutV1-1_7_x.json",60404],"05b9c640":[()=&gt;r.e("98286").then(r.bind(r,935192)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",935192],"05e4a20a":[()=&gt;r.e("4044").then(r.bind(r,740192)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/policy_service.mdx",740192],"05f8b4e7":[()=&gt;Promise.all([r.e("86212"),r.e("18091")]).then(r.bind(r,704782)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/prepare.mdx",704782],"060a4d95":[()=&gt;Promise.all([r.e("86212"),r.e("82968")]).then(r.bind(r,727003)),"@site/versioned_docs/version-1.7.x/release-notes-announcements/toc.mdx",727003],"060b8ffa":[()=&gt;r.e("8631").then(r.bind(r,526908)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/service_security_setting.mdx",526908],"061f770e":[()=&gt;r.e("30633").then(r.bind(r,11816)),"@site/versioned_docs/version-1.8.x/index.mdx",11816],"06215192":[()=&gt;r.e("18196").then(r.bind(r,744026)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",744026],"0634620a":[()=&gt;r.e("39236").then(r.t.bind(r,381447,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-yaml-api-17d.json",381447],"0636ec76":[()=&gt;r.e("21102").then(r.bind(r,275730)),"@site/versioned_docs/version-1.9.x/operations/telemetry/key-metrics.md",275730],"06527be9":[()=&gt;r.e("85449").then(r.bind(r,700098)),"@site/versioned_docs/version-next/troubleshooting/gateway-troubleshooting.mdx",700098],"066313fa":[()=&gt;r.e("94101").then(r.t.bind(r,25089,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-workload-onboarding-onboarding-runtime-904.json",25089],"06737fba":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("56447")]).then(r.bind(r,834374)),"@site/versioned_docs/version-1.7.x/quickstart/permissions.mdx",834374],"0673ef3a":[()=&gt;r.e("55871").then(r.t.bind(r,443455,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-types-v-2-yaml-053.json",443455],"067c4c53":[()=&gt;Promise.all([r.e("86212"),r.e("52362")]).then(r.bind(r,19569)),"@site/versioned_docs/version-1.9.x/howto/authorization/toc.mdx",19569],"06cbded6":[()=&gt;r.e("89220").then(r.bind(r,662576)),"@site/versioned_docs/version-1.9.x/release-notes.mdx",662576],"06cd4039":[()=&gt;r.e("9978").then(r.t.bind(r,905785,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-howto-143.json",905785],"06e10a78":[()=&gt;r.e("28864").then(r.bind(r,770666)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-concepts.mdx",770666],"06e18444":[()=&gt;r.e("48000").then(r.bind(r,29755)),"@site/versioned_docs/version-1.7.x/howto/traffic/external-site-https.mdx",29755],"06e89ece":[()=&gt;Promise.all([r.e("86212"),r.e("91902")]).then(r.bind(r,351540)),"@site/versioned_docs/version-next/design-guides/app-onboarding/cross-cluster.mdx",351540],"06ebda84":[()=&gt;r.e("5742").then(r.bind(r,5541)),"@site/versioned_docs/version-1.9.x/setup/isolation-boundaries.mdx",5541],"06f62641":[()=&gt;r.e("1522").then(r.bind(r,535790)),"@site/versioned_docs/version-1.11.x/refs/tsb/auth/v2/auth.mdx",535790],"06f75a41":[()=&gt;r.e("27616").then(r.bind(r,301384)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/traffic_setting.mdx",301384],"0723c9e2":[()=&gt;r.e("58901").then(r.t.bind(r,541976,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-howto-gateway-45c.json",541976],"073ad08d":[()=&gt;r.e("30469").then(r.bind(r,814793)),"@site/versioned_docs/version-next/operations/users/admin-password.mdx",814793],"074aecbc":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("46206")]).then(r.bind(r,567603)),"@site/versioned_docs/version-1.9.x/howto/authorization/sidecar.mdx",567603],"07680960":[()=&gt;Promise.all([r.e("86212"),r.e("199")]).then(r.bind(r,207409)),"@site/versioned_docs/version-1.7.x/setup/self-managed/onboarding-clusters.mdx",207409],"0786182c":[()=&gt;r.e("83785").then(r.bind(r,374985)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",374985],"078f62dd":[()=&gt;r.e("37779").then(r.bind(r,710272)),"@site/versioned_docs/version-1.11.x/operations/users/admin-password.mdx",710272],"07934c0b":[()=&gt;r.e("45427").then(r.bind(r,915924)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/waf_settings.mdx",915924],"079717ad":[()=&gt;r.e("25295").then(r.bind(r,760476)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/gateway_service.mdx",760476],"07a77455":[()=&gt;r.e("34259").then(r.bind(r,790655)),"@site/versioned_docs/version-1.7.x/refs/install/kubernetes/k8s.mdx",790655],"07b1c2a5":[()=&gt;Promise.all([r.e("86212"),r.e("44071")]).then(r.bind(r,509978)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",509978],"07b29314":[()=&gt;r.e("23717").then(r.bind(r,570827)),"@site/versioned_docs/version-1.7.x/howto/authorization/ingress-gateway.mdx",570827],"07c4cf35":[()=&gt;r.e("70575").then(r.t.bind(r,268254,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-gateway-v-2-grpc-04d.json",268254],"07db89b1":[()=&gt;r.e("78745").then(r.bind(r,650625)),"@site/versioned_docs/version-next/operations/features/tls-origin-multi-cluster.mdx",650625],"07f0b665":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("83444")]).then(r.bind(r,582725)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/tls-validation.mdx",582725],"0805b6d5":[()=&gt;r.e("42395").then(r.bind(r,464879)),"@site/versioned_docs/version-1.10.x/howto/authorization/tls-verification.mdx",464879],"080ebd67":[()=&gt;r.e("50581").then(r.bind(r,620530)),"@site/versioned_docs/version-1.8.x/refs/tsb/observability/telemetry/v2/source.mdx",620530],"083d889d":[()=&gt;r.e("87084").then(r.bind(r,819509)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/policy_service.mdx",819509],"08586c56":[()=&gt;r.e("41039").then(r.bind(r,888982)),"@site/versioned_docs/version-1.7.x/howto/wasm/wasm-try.mdx",888982],"085ca6bf":[()=&gt;r.e("88017").then(r.bind(r,740878)),"@site/versioned_docs/version-1.6.x/refs/tsb/types/v2/types.mdx",740878],"08663da0":[()=&gt;r.e("56417").then(r.t.bind(r,447562,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-k-8-s-api-585.json",447562],"086d1dc2":[()=&gt;r.e("15197").then(r.bind(r,100937)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",100937],"0873210a":[()=&gt;r.e("47872").then(r.bind(r,524554)),"@site/versioned_docs/version-next/howto/rate-limiting/internal-rate-limiting.mdx",524554],"08735d73":[()=&gt;r.e("66520").then(r.bind(r,975029)),"@site/versioned_docs/version-next/operations/telemetry/red-metrics.mdx",975029],"08a51c11":[()=&gt;r.e("90892").then(r.bind(r,675389)),"@site/versioned_docs/version-1.12.x/concepts/security.mdx",675389],"08d2a325":[()=&gt;r.e("37616").then(r.t.bind(r,701835,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-workload-onboarding-onboarding-agent-82d.json",701835],"08d63731":[()=&gt;r.e("32552").then(r.bind(r,85150)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/team_service.mdx",85150],"08f4169f":[()=&gt;r.e("17988").then(r.bind(r,438021)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",438021],"08fcb7c2":[()=&gt;r.e("93843").then(r.bind(r,385143)),"@site/versioned_docs/version-next/howto/wasm/wasm-proxy.mdx",385143],"090bfce0":[()=&gt;r.e("51628").then(r.t.bind(r,484564,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-category-working-with-tetrate-customer-support-6e6.json",484564],"0956657c":[()=&gt;r.e("52892").then(r.bind(r,891157)),"@site/versioned_docs/version-1.10.x/reference/rest-api/guide.mdx",891157],"0979420e":[()=&gt;r.e("6752").then(r.bind(r,843115)),"@site/versioned_docs/version-1.9.x/refs/tsb/traffic/v2/traffic_setting.mdx",843115],"098108d2":[()=&gt;r.e("54409").then(r.bind(r,559587)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/get.md",559587],"09856525":[()=&gt;r.e("22694").then(r.bind(r,940054)),"@site/versioned_docs/version-next/refs/onboarding/private/types/discovery/v1alpha1/discovery.mdx",940054],"098b7f42":[()=&gt;r.e("57377").then(r.bind(r,686366)),"@site/versioned_docs/version-1.11.x/refs/iam/v2/oidc_service.mdx",686366],"09d0a5b5":[()=&gt;Promise.all([r.e("86212"),r.e("1200")]).then(r.bind(r,760333)),"@site/versioned_docs/version-1.9.x/howto/gateway/unified-gateway-upgrade.mdx",760333],"0a31ff21":[()=&gt;r.e("97638").then(r.bind(r,117019)),"@site/versioned_docs/version-1.10.x/troubleshooting/Maximum-header-size-exceed.mdx",117019],"0a3728af":[()=&gt;r.e("69744").then(r.bind(r,693889)),"@site/versioned_docs/version-next/howto/authorization/tier1-gateway.mdx",693889],"0a587c50":[()=&gt;r.e("36252").then(r.bind(r,276778)),"@site/versioned_docs/version-1.8.x/setup/self-managed/uninstallation.mdx",276778],"0a7206f4":[()=&gt;r.e("31098").then(r.bind(r,837099)),"@site/versioned_docs/version-1.9.x/operations/telemetry/new-relic.mdx",837099],"0a799946":[()=&gt;r.e("26607").then(r.t.bind(r,498402,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-traffic-v-2-grpc-01d.json",498402],"0a79ff24":[()=&gt;r.e("98164").then(r.bind(r,667900)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/tenant.mdx",667900],"0a7e4255":[()=&gt;r.e("93688").then(r.bind(r,849657)),"@site/versioned_docs/version-1.8.x/refs/tsb/application/v2/api.mdx",849657],"0a81fde1":[()=&gt;r.e("30593").then(r.bind(r,794556)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/managing.mdx",794556],"0a834847":[()=&gt;r.e("19794").then(r.bind(r,232047)),"@site/versioned_docs/version-1.6.x/setup/self-managed/zipkin-cleanup.mdx",232047],"0ab35e63":[()=&gt;r.e("3991").then(r.t.bind(r,759050,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-k-8-s-api-135.json",759050],"0ab95b1b":[()=&gt;r.e("83819").then(r.t.bind(r,143912,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-observability-telemetry-v-2-grpc-260.json",143912],"0ac91703":[()=&gt;r.e("98154").then(r.bind(r,351026)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",351026],"0ae1b458":[()=&gt;r.e("96550").then(r.bind(r,240345)),"@site/versioned_docs/version-1.8.x/refs/tsb/traffic/v2/traffic_service.mdx",240345],"0aea5229":[()=&gt;r.e("81065").then(r.bind(r,739699)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/kubectl.mdx",739699],"0b0061fe":[()=&gt;r.e("75845").then(r.bind(r,194410)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/auth.mdx",194410],"0b1d978c":[()=&gt;r.e("46136").then(r.bind(r,517435)),"@site/versioned_docs/version-1.10.x/setup/helm/controlplane.mdx",517435],"0b319dea":[()=&gt;r.e("71589").then(r.bind(r,884730)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/security-management.mdx",884730],"0b351234":[()=&gt;r.e("86913").then(r.bind(r,9333)),"@site/versioned_docs/version-1.6.x/operations/features/gateway-deletion-webhook.mdx",9333],"0b470a07":[()=&gt;r.e("61517").then(r.t.bind(r,607279,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-istiointernal-v-2-grpc-51e.json",607279],"0b5be9fc":[()=&gt;r.e("53028").then(r.t.bind(r,159853,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-users-c49.json",159853],"0b89b152":[()=&gt;r.e("88010").then(r.bind(r,934372)),"@site/versioned_docs/version-1.11.x/index.mdx",934372],"0b919a47":[()=&gt;r.e("40317").then(r.bind(r,549565)),"@site/versioned_docs/version-1.10.x/operations/users/admin-password.mdx",549565],"0bb4c045":[()=&gt;r.e("52149").then(r.bind(r,949018)),"@site/versioned_docs/version-next/refs/tsb/v2/workspace_service.mdx",949018],"0be53d5f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("26285")]).then(r.bind(r,117102)),"@site/versioned_docs/version-1.6.x/quickstart/ingress-gateway.mdx",117102],"0bf036fd":[()=&gt;r.e("96302").then(r.bind(r,187207)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",187207],"0c17511e":[()=&gt;r.e("17915").then(r.bind(r,900213)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/ingress_gateway.mdx",900213],"0c1dd53d":[()=&gt;r.e("87144").then(r.bind(r,307279)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",307279],"0c2040a9":[()=&gt;r.e("12630").then(r.bind(r,671780)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/binding.mdx",671780],"0c2c5631":[()=&gt;r.e("41406").then(r.bind(r,751016)),"@site/versioned_docs/version-next/refs/install/dataplane/v1alpha1/spec.mdx",751016],"0c3b0915":[()=&gt;r.e("15373").then(r.t.bind(r,769032,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-cli-458.json",769032],"0c74d55e":[()=&gt;r.e("45306").then(r.bind(r,859599)),"@site/versioned_docs/version-1.9.x/howto/gateway/host-based-egress-access-control.mdx",859599],"0c88e6ea":[()=&gt;r.e("55904").then(r.bind(r,181501)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/tenant_setting.mdx",181501],"0c948f26":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("44596")]).then(r.bind(r,247035)),"@site/versioned_docs/version-next/howto/gateway/weighted-distribution-and-fallback.mdx",247035],"0ca38cfd":[()=&gt;r.e("17630").then(r.bind(r,659752)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",659752],"0cb1fb17":[()=&gt;Promise.all([r.e("86212"),r.e("15148")]).then(r.bind(r,755627)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/prepare.mdx",755627],"0cc52358":[()=&gt;Promise.all([r.e("86212"),r.e("7674")]).then(r.bind(r,294092)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/high-availability.mdx",294092],"0cc843d8":[()=&gt;Promise.all([r.e("86212"),r.e("7871")]).then(r.bind(r,183569)),"@site/versioned_docs/version-1.10.x/quickstart/apps.mdx",183569],"0cdca835":[()=&gt;r.e("64371").then(r.bind(r,178e3)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/ui.md",178e3],"0ce9ffda":[()=&gt;Promise.all([r.e("86212"),r.e("89427")]).then(r.bind(r,816085)),"@site/versioned_docs/version-1.11.x/quickstart/apps.mdx",816085],"0d09d517":[()=&gt;r.e("26786").then(r.bind(r,985773)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",985773],"0d0abed5":[()=&gt;r.e("18662").then(r.bind(r,835771)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/ui.md",835771],"0d58e136":[()=&gt;r.e("27176").then(r.bind(r,834426)),"@site/versioned_docs/version-1.12.x/refs/tsb/registry/v2/lookup_service.mdx",834426],"0d6c26e3":[()=&gt;r.e("91171").then(r.bind(r,499199)),"@site/versioned_docs/version-1.10.x/refs/iam/v2/oidc_service.mdx",499199],"0d7430c3":[()=&gt;r.e("76534").then(r.bind(r,240557)),"@site/versioned_docs/version-1.12.x/howto/gitops/argo-rollouts.mdx",240557],"0d825633":[()=&gt;r.e("35571").then(r.bind(r,531423)),"@site/versioned_docs/version-1.11.x/howto/authorization/ingress-gateway.mdx",531423],"0d8e8d31":[()=&gt;r.e("79713").then(r.bind(r,864811)),"@site/versioned_docs/version-1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",864811],"0da296ca":[()=&gt;r.e("33464").then(r.bind(r,73618)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/security_access_bindings.mdx",73618],"0de24eeb":[()=&gt;r.e("49364").then(r.bind(r,797610)),"@site/versioned_docs/version-1.10.x/operations/features/label-annotation.mdx",797610],"0df63a31":[()=&gt;r.e("21946").then(r.bind(r,211523)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/tier1_gateway.mdx",211523],"0e0571f9":[()=&gt;r.e("66163").then(r.bind(r,49580)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/install/v1alpha1/spec.mdx",49580],"0e0fcd45":[()=&gt;r.e("17815").then(r.t.bind(r,484738,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-workload-onboarding-f33.json",484738],"0e25476f":[()=&gt;Promise.all([r.e("86212"),r.e("40214")]).then(r.bind(r,973708)),"@site/versioned_docs/version-1.9.x/setup/self-managed/toc.mdx",973708],"0e29c777":[()=&gt;r.e("49806").then(r.bind(r,657265)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",657265],"0e2a4ce3":[()=&gt;r.e("62944").then(r.bind(r,523699)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",523699],"0e2eb375":[()=&gt;r.e("50934").then(r.bind(r,22582)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",22582],"0e370039":[()=&gt;r.e("3376").then(r.t.bind(r,255050,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-knowledge-base-96f.json",255050],"0e3993f2":[()=&gt;r.e("76822").then(r.bind(r,817330)),"@site/versioned_docs/version-1.7.x/howto/authorization/tier1-gateway.mdx",817330],"0e3b2643":[()=&gt;Promise.all([r.e("86212"),r.e("14009")]).then(r.bind(r,257830)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/toc.mdx",257830],"0e76040c":[()=&gt;r.e("20797").then(r.bind(r,502367)),"@site/versioned_docs/version-1.12.x/howto/gateway/service-identity-propagation.mdx",502367],"0e80956c":[()=&gt;r.e("30278").then(r.bind(r,602097)),"@site/versioned_docs/version-1.12.x/howto/wasm/wasm-try.mdx",602097],"0e95169e":[()=&gt;r.e("29901").then(r.bind(r,836788)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/operations.mdx",836788],"0e9dde96":[()=&gt;Promise.all([r.e("86212"),r.e("72175")]).then(r.bind(r,213453)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",213453],"0ea8c8c0":[()=&gt;r.e("59783").then(r.bind(r,265969)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",265969],"0edb2a0a":[()=&gt;r.e("90090").then(r.t.bind(r,945903,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-features-120.json",945903],"0ee34c2a":[()=&gt;Promise.all([r.e("86212"),r.e("96451")]).then(r.bind(r,463445)),"@site/versioned_docs/version-1.9.x/design-guides/ha-dr-mp/ha-managementplane.mdx",463445],"0ef8f362":[()=&gt;r.e("66111").then(r.bind(r,985313)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",985313],"0f063a09":[()=&gt;r.e("97572").then(r.bind(r,320496)),"@site/versioned_docs/version-next/setup/self-managed/demo-installation.mdx",320496],"0f2a4fae":[()=&gt;r.e("99890").then(r.bind(r,66782)),"@site/versioned_docs/version-next/concepts/operators/management-plane.mdx",66782],"0f320fa9":[()=&gt;r.e("69297").then(r.bind(r,461009)),"@site/versioned_docs/version-1.9.x/operations/features/configure-gitops.mdx",461009],"0f3def3e":[()=&gt;r.e("45075").then(r.bind(r,504187)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",504187],"0f723814":[()=&gt;Promise.all([r.e("86212"),r.e("56862")]).then(r.bind(r,853336)),"@site/versioned_docs/version-next/howto/gateway/shared-ingress.mdx",853336],"0f779d75":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("83214")]).then(r.bind(r,951540)),"@site/versioned_docs/version-1.7.x/howto/gateway/distributed-ingress.mdx",951540],"0f827259":[()=&gt;r.e("75722").then(r.bind(r,85065)),"@site/versioned_docs/version-1.9.x/setup/certificate/certificate-requirements.mdx",85065],"0f97d343":[()=&gt;r.e("98962").then(r.bind(r,860989)),"@site/versioned_docs/version-1.10.x/workingwithsupport/workingWithTetrateSupport.mdx",860989],"0fbcc896":[()=&gt;r.e("72254").then(r.bind(r,919663)),"@site/versioned_docs/version-1.9.x/howto/promql-using-skywalking.mdx",919663],"0fe20a8b":[()=&gt;r.e("57411").then(r.bind(r,953723)),"@site/versioned_docs/version-1.7.x/setup/certificate/certificate-setup.mdx",953723],"0fe81830":[()=&gt;r.e("63875").then(r.t.bind(r,425121,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-extension-v-2-yaml-95f.json",425121],"10049e36":[()=&gt;r.e("14207").then(r.bind(r,492893)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",492893],"100eb3ba":[()=&gt;r.e("53359").then(r.bind(r,444900)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/traffic_service.mdx",444900],"100f1abf":[()=&gt;r.e("54667").then(r.bind(r,355043)),"@site/versioned_docs/version-1.11.x/setup/remote-registry.mdx",355043],"102fc63e":[()=&gt;r.e("14243").then(r.bind(r,571442)),"@site/versioned_docs/version-1.7.x/operations/configuration-promotion.mdx",571442],"10434c5a":[()=&gt;r.e("10037").then(r.bind(r,181959)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",181959],"104bd185":[()=&gt;r.e("13300").then(r.t.bind(r,58399,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-security-v-2-grpc-1b2.json",58399],"10586e0e":[()=&gt;r.e("65410").then(r.bind(r,454717)),"@site/versioned_docs/version-next/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",454717],"106d7bf7":[()=&gt;r.e("98008").then(r.bind(r,452439)),"@site/versioned_docs/version-1.11.x/refs/tsb/segmentation/v1/service.mdx",452439],"107af701":[()=&gt;r.e("63668").then(r.t.bind(r,181985,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-upgrades-1e8.json",181985],"108e946b":[()=&gt;r.e("96272").then(r.bind(r,718353)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/service_traffic_setting.mdx",718353],"108f9807":[()=&gt;Promise.all([r.e("86212"),r.e("38221")]).then(r.bind(r,138503)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/monitor.mdx",138503],"1092da9c":[()=&gt;Promise.all([r.e("86212"),r.e("22918")]).then(r.bind(r,34863)),"@site/versioned_docs/version-1.12.x/quickstart/deploy-sample-app.mdx",34863],"109abd04":[()=&gt;r.e("62745").then(r.bind(r,524874)),"@site/versioned_docs/version-1.12.x/concepts/observability.mdx",524874],"109b0706":[()=&gt;r.e("37203").then(r.t.bind(r,105830,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-grpc-api-d41.json",105830],"10ae1a0c":[()=&gt;r.e("73072").then(r.bind(r,689382)),"@site/versioned_docs/version-1.9.x/operations/postgresql/backup-and-restore.mdx",689382],"10bd84e8":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("55725")]).then(r.bind(r,242840)),"@site/versioned_docs/version-1.12.x/howto/gateway/weighted-distribution-and-fallback.mdx",242840],"10c6e708":[()=&gt;r.e("50741").then(r.bind(r,135110)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",135110],"10cbe1dc":[()=&gt;r.e("98677").then(r.bind(r,397120)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/validate.md",397120],"10eaca38":[()=&gt;r.e("59853").then(r.bind(r,562957)),"@site/versioned_docs/version-next/howto/wasm/wasm-try.mdx",562957],"10ff1f4d":[()=&gt;r.e("57871").then(r.bind(r,642725)),"@site/versioned_docs/version-1.10.x/operations/configuration-promotion.mdx",642725],"111e8f7b":[()=&gt;r.e("64655").then(r.bind(r,556068)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/gateway_group.mdx",556068],"1137f0ac":[()=&gt;r.e("4644").then(r.bind(r,413135)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/edit.md",413135],"114385c5":[()=&gt;r.e("94214").then(r.bind(r,813005)),"@site/versioned_docs/version-next/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",813005],"114506a4":[()=&gt;r.e("32638").then(r.bind(r,915978)),"@site/versioned_docs/version-1.9.x/workingwithsupport/workingWithTetrateSupport.mdx",915978],"1145ce4f":[()=&gt;r.e("87807").then(r.t.bind(r,965319,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-rbac-v-2-yaml-162.json",965319],"114cb4da":[()=&gt;r.e("94253").then(r.bind(r,215755)),"@site/versioned_docs/version-1.11.x/operations/telemetry/alerting-guidelines.mdx",215755],"115d4d2e":[()=&gt;r.e("98354").then(r.bind(r,758351)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",758351],"115d5e9b":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("93590")]).then(r.bind(r,549881)),"@site/versioned_docs/version-1.9.x/quickstart/tenant.mdx",549881],0xb23dfc:[()=&gt;Promise.all([r.e("86212"),r.e("54841")]).then(r.bind(r,915651)),"@site/versioned_docs/version-1.11.x/operations/telemetry/telemetry-architecture.mdx",915651],"11752b77":[()=&gt;r.e("58987").then(r.bind(r,595758)),"@site/versioned_docs/version-next/setup/migrate-tctl-to-helm.mdx",595758],"117dec76":[()=&gt;r.e("76154").then(r.bind(r,268851)),"@site/versioned_docs/version-1.9.x/howto/wasm/wasm-extension.mdx",268851],"117e1c70":[()=&gt;r.e("70494").then(r.bind(r,27761)),"@site/versioned_docs/version-1.7.x/howto/service-accounts.mdx",27761],"1193a2b5":[()=&gt;r.e("25024").then(r.bind(r,545470)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/binding.mdx",545470],"119a321e":[()=&gt;r.e("65587").then(r.bind(r,147338)),"@site/versioned_docs/version-1.10.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",147338],"11c8c2ef":[()=&gt;r.e("27").then(r.bind(r,973913)),"@site/versioned_docs/version-1.11.x/setup/helm/managementplane.mdx",973913],"11cf695b":[()=&gt;r.e("62040").then(r.bind(r,769914)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",769914],"11f17983":[()=&gt;r.e("3517").then(r.bind(r,477950)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/cluster_service.mdx",477950],"1202aa4f":[()=&gt;r.e("98625").then(r.t.bind(r,992497,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-telemetry-839.json",992497],"120c1f27":[()=&gt;r.e("818").then(r.bind(r,193151)),"@site/versioned_docs/version-next/reference/cli/reference/collect.md",193151],"1227283e":[()=&gt;r.e("21539").then(r.bind(r,204725)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",204725],0xbbdff5:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("38474")]).then(r.bind(r,93209)),"@site/versioned_docs/version-next/howto/traffic/load-balance.mdx",93209],"1243e96c":[()=&gt;r.e("91762").then(r.t.bind(r,249307,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-application-v-2-grpc-4ec.json",249307],"1248070f":[()=&gt;r.e("29958").then(r.bind(r,950137)),"@site/versioned_docs/version-1.9.x/howto/authorization/tier1-gateway.mdx",950137],"124caa40":[()=&gt;r.e("72321").then(r.bind(r,264050)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",264050],"126510ed":[()=&gt;r.e("48805").then(r.bind(r,976309)),"@site/versioned_docs/version-1.10.x/howto/gateway/unified-gateway.mdx",976309],"126f9b74":[()=&gt;Promise.all([r.e("86212"),r.e("38036")]).then(r.bind(r,610464)),"@site/versioned_docs/version-1.9.x/release-notes-announcements/toc.mdx",610464],"127b7aeb":[()=&gt;r.e("72502").then(r.bind(r,145862)),"@site/versioned_docs/version-1.6.x/setup/helm/dataplane.mdx",145862],"12a4fd3a":[()=&gt;r.e("92842").then(r.bind(r,762760)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",762760],"12ac0921":[()=&gt;r.e("10259").then(r.bind(r,548455)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/service-to-service.mdx",548455],"12b0412a":[()=&gt;r.e("1102").then(r.bind(r,708442)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/whoami.md",708442],"12b65d0c":[()=&gt;r.e("71786").then(r.bind(r,156800)),"@site/versioned_docs/version-1.11.x/concepts/tsb-and-istio.mdx",156800],"12d4a9e9":[()=&gt;r.e("45139").then(r.t.bind(r,926230,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-install-5ef.json",926230],0xc69583:[()=&gt;r.e("97453").then(r.bind(r,584823)),"@site/versioned_docs/version-1.12.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",584823],"132f70b5":[()=&gt;r.e("49053").then(r.bind(r,670291)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",670291],"1331e691":[()=&gt;r.e("85292").then(r.bind(r,504925)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/overview.mdx",504925],"137ced21":[()=&gt;r.e("23201").then(r.t.bind(r,926772,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-knowledge-base-8ee.json",926772],"1399fac0":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("4213")]).then(r.bind(r,8902)),"@site/versioned_docs/version-1.9.x/quickstart/permissions.mdx",8902],"13a3d515":[()=&gt;r.e("76745").then(r.bind(r,263682)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",263682],"13b25a90":[()=&gt;r.e("4283").then(r.bind(r,650717)),"@site/versioned_docs/version-1.10.x/setup/security-context.mdx",650717],"13b27692":[()=&gt;r.e("89480").then(r.t.bind(r,631718,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-tags-featured-737.json",631718],"13b7238c":[()=&gt;r.e("87478").then(r.bind(r,277150)),"@site/versioned_docs/version-1.9.x/operations/telemetry/alerting-guidelines.mdx",277150],"13c61485":[()=&gt;r.e("44594").then(r.t.bind(r,87037,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-elasticsearch-a7e.json",87037],"13e62d79":[()=&gt;r.e("91720").then(r.bind(r,915633)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/auth.mdx",915633],"13ef7316":[()=&gt;r.e("33574").then(r.bind(r,499651)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/completion.md",499651],"13f3a9dd":[()=&gt;r.e("51390").then(r.t.bind(r,622560,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-cli-reference-b52.json",622560],"140072dd":[()=&gt;r.e("65501").then(r.bind(r,847900)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",847900],"1409d0d7":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("76786")]).then(r.bind(r,30965)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/index.mdx",30965],"140c0967":[()=&gt;r.e("46332").then(r.bind(r,767758)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/info.mdx",767758],"141219ce":[()=&gt;r.e("20432").then(r.bind(r,199237)),"@site/versioned_docs/version-1.8.x/setup/upgrade-best-practices.md",199237],"1416ad94":[()=&gt;r.e("48092").then(r.bind(r,362552)),"@site/versioned_docs/version-1.11.x/howto/gateway/multi-cluster-traffic-failover-priority.mdx",362552],"141a6391":[()=&gt;Promise.all([r.e("86212"),r.e("13060")]).then(r.bind(r,296744)),"@site/versioned_docs/version-1.12.x/setup/upgrades/cni-upgrade.mdx",296744],"141cba40":[()=&gt;r.e("87601").then(r.bind(r,694681)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tctl.mdx",694681],"14269a81":[()=&gt;r.e("93102").then(r.bind(r,576516)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/role.mdx",576516],"148c18f9":[()=&gt;r.e("97434").then(r.bind(r,307996)),"@site/versioned_docs/version-next/refs/tsb/v2/tenant_setting.mdx",307996],"148c779f":[()=&gt;r.e("7842").then(r.t.bind(r,96360,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-registry-v-2-yaml-201.json",96360],"1495b33e":[()=&gt;r.e("64755").then(r.bind(r,106808)),"@site/versioned_docs/version-1.9.x/howto/gateway/service-identity-propagation.mdx",106808],"149ddc4d":[()=&gt;r.e("13889").then(r.bind(r,945986)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/permissions.mdx",945986],"14bdbcae":[()=&gt;r.e("32473").then(r.bind(r,717103)),"@site/versioned_docs/version-1.8.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",717103],"14cc63cf":[()=&gt;r.e("61532").then(r.bind(r,640748)),"@site/versioned_docs/version-1.9.x/setup/resource-planning.mdx",640748],"14eb3368":[()=&gt;Promise.all([r.e("86212"),r.e("14743"),r.e("81983")]).then(r.bind(r,357889)),"@theme/DocCategoryGeneratedIndexPage",357889],"14ecf531":[()=&gt;r.e("39007").then(r.bind(r,451963)),"@site/versioned_docs/version-next/cheatsheet/index.mdx",451963],"14f2ac85":[()=&gt;Promise.all([r.e("86212"),r.e("79307")]).then(r.bind(r,19962)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/deploy-service.mdx",19962],"14f63511":[()=&gt;r.e("21857").then(r.bind(r,303144)),"@site/versioned_docs/version-next/operations/kube-customization.mdx",303144],"14f776b0":[()=&gt;r.e("36564").then(r.bind(r,114983)),"@site/versioned_docs/version-1.8.x/operations/configuration-promotion.mdx",114983],"14f93826":[()=&gt;r.e("21735").then(r.bind(r,31073)),"@site/versioned_docs/version-next/troubleshooting/component-status.mdx",31073],"15027c2a":[()=&gt;r.e("76719").then(r.bind(r,13372)),"@site/versioned_docs/version-1.10.x/howto/wasm/wasm-try.mdx",13372],0xe7b777:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("71419")]).then(r.bind(r,978820)),"@site/versioned_docs/version-1.9.x/howto/gateway/end-user-auth-keycloak.mdx",978820],"15677f3a":[()=&gt;r.e("27380").then(r.t.bind(r,900568,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-extension-v-2-grpc-349.json",900568],"156d4ae8":[()=&gt;r.e("94219").then(r.bind(r,194528)),"@site/versioned_docs/version-1.9.x/concepts/tsb-and-istio.mdx",194528],"158b6748":[()=&gt;r.e("57157").then(r.t.bind(r,369432,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-gateway-v-2-grpc-fbd.json",369432],"15a5fa35":[()=&gt;Promise.all([r.e("86212"),r.e("47574")]).then(r.bind(r,185279)),"@site/versioned_docs/version-1.6.x/setup/upgrades/revisioned-to-revisioned.mdx",185279],"15caf63a":[()=&gt;r.e("86666").then(r.t.bind(r,212302,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-v-2-yaml-5b5.json",212302],"15ccf5bb":[()=&gt;r.e("12329").then(r.bind(r,297600)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/cluster.mdx",297600],"16635cdd":[()=&gt;r.e("57023").then(r.t.bind(r,282682,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-operators-b14.json",282682],"16669fa6":[()=&gt;r.e("89650").then(r.bind(r,703375)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/security-management.mdx",703375],"16aa47de":[()=&gt;r.e("70212").then(r.bind(r,482553)),"@site/versioned_docs/version-1.6.x/howto/authorization/tier1-gateway.mdx",482553],"16ab9b91":[()=&gt;r.e("2470").then(r.bind(r,762100)),"@site/versioned_docs/version-1.10.x/design-guides/ha-dr-mp/scenarios.mdx",762100],"16b19495":[()=&gt;r.e("138").then(r.t.bind(r,257561,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-tags-acd.json",257561],"16b5b7d9":[()=&gt;r.e("12540").then(r.bind(r,473206)),"@site/versioned_docs/version-1.10.x/operations/graceful-connection-drain.mdx",473206],"16c3079f":[()=&gt;r.e("45952").then(r.bind(r,515453)),"@site/versioned_docs/version-next/operations/multiple-iam-keys.mdx",515453],"16f2f0b7":[()=&gt;r.e("97787").then(r.t.bind(r,800063,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-tags-357.json",800063],"17217f52":[()=&gt;r.e("45216").then(r.bind(r,684923)),"@site/versioned_docs/version-1.9.x/howto/gateway/multi-cluster-traffic-failover-priority.mdx",684923],"1724ef1c":[()=&gt;r.e("61504").then(r.bind(r,49732)),"@site/versioned_docs/version-1.9.x/refs/tsb/auth/v2/auth.mdx",49732],"1735cf3d":[()=&gt;Promise.all([r.e("86212"),r.e("46130")]).then(r.bind(r,369866)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/before-you-begin.mdx",369866],"173af852":[()=&gt;r.e("40945").then(r.bind(r,113908)),"@site/versioned_docs/version-1.11.x/operations/users/configuring-ldap.mdx",113908],0x109a1aa:[()=&gt;r.e("20770").then(r.bind(r,124639)),"@site/versioned_docs/version-next/refs/onboarding/config/types/core/v1alpha1/condition.mdx",124639],"174c3e85":[()=&gt;Promise.all([r.e("86212"),r.e("53292")]).then(r.bind(r,487368)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",487368],"1759af17":[()=&gt;r.e("42728").then(r.bind(r,625838)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/security_service.mdx",625838],"178191be":[()=&gt;r.e("94599").then(r.t.bind(r,394389,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-v-2-grpc-244.json",394389],0x110c0e5:[()=&gt;r.e("44027").then(r.bind(r,669949)),"@site/versioned_docs/version-1.12.x/operations/vault/postgresql.mdx",669949],0x11113f9:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("22590"),r.e("87048")]).then(r.bind(r,229286)),"@theme/DocItem",229286],"17a1c818":[()=&gt;r.e("94534").then(r.t.bind(r,819126,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-design-guides-dr-mp-03f.json",819126],"17a20378":[()=&gt;r.e("41658").then(r.bind(r,65548)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",65548],"17e3f8b8":[()=&gt;r.e("45149").then(r.t.bind(r,919381,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-tags-tsb-concepts-0e1.json",919381],"17f5e071":[()=&gt;r.e("80340").then(r.bind(r,339980)),"@site/versioned_docs/version-1.12.x/concepts/service-mesh.mdx",339980],"17fc9241":[()=&gt;Promise.all([r.e("86212"),r.e("58339")]).then(r.bind(r,49203)),"@site/versioned_docs/version-1.9.x/quickstart/deploy-sample-app.mdx",49203],"180e9c39":[()=&gt;r.e("85707").then(r.t.bind(r,898467,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-k-8-s-api-tsb-crds-gen-d2d.json",898467],"181288a3":[()=&gt;r.e("53131").then(r.t.bind(r,106119,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-application-v-2-yaml-de7.json",106119],"182dfa7e":[()=&gt;r.e("59251").then(r.bind(r,341609)),"@site/versioned_docs/version-1.11.x/concepts/operators/control-plane.mdx",341609],"1831a9ca":[()=&gt;Promise.all([r.e("86212"),r.e("42594")]).then(r.bind(r,318584)),"@site/versioned_docs/version-1.8.x/setup/requirements-and-download.mdx",318584],"183c0d86":[()=&gt;r.e("7431").then(r.bind(r,654259)),"@site/versioned_docs/version-next/howto/security-domains.mdx",654259],0x11900b2:[()=&gt;r.e("7379").then(r.bind(r,11684)),"@site/versioned_docs/version-1.7.x/operations/users/admin-password.mdx",11684],"1842150c":[()=&gt;r.e("6256").then(r.bind(r,242979)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",242979],"1844541b":[()=&gt;r.e("93018").then(r.bind(r,111075)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/application_access_bindings.mdx",111075],0x11af933:[()=&gt;r.e("32015").then(r.bind(r,373683)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/info.mdx",373683],"186add3e":[()=&gt;r.e("17862").then(r.bind(r,284150)),"@site/versioned_docs/version-1.9.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",284150],"1873fcf7":[()=&gt;r.e("11336").then(r.bind(r,130867)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/promote-service.mdx",130867],"18abb07b":[()=&gt;r.e("70664").then(r.bind(r,833219)),"@site/versioned_docs/version-1.9.x/operations/multiple-iam-keys.mdx",833219],"19002fa5":[()=&gt;r.e("21071").then(r.t.bind(r,695979,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-bc2.json",695979],"191fccf9":[()=&gt;r.e("82250").then(r.bind(r,697715)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",697715],"192d40a8":[()=&gt;r.e("52169").then(r.t.bind(r,55263,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-elasticsearch-0df.json",55263],0x127da61:[()=&gt;r.e("3173").then(r.bind(r,93921)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",93921],"193d5f64":[()=&gt;r.e("56053").then(r.bind(r,210855)),"@site/versioned_docs/version-1.11.x/setup/certificate/certificate-requirements.mdx",210855],"195270d3":[()=&gt;r.e("79602").then(r.t.bind(r,235848,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-telemetry-f06.json",235848],"195c7f48":[()=&gt;r.e("19217").then(r.bind(r,296037)),"@site/versioned_docs/version-1.12.x/setup/resource-planning.mdx",296037],"196cd056":[()=&gt;r.e("13071").then(r.bind(r,9178)),"@site/versioned_docs/version-1.11.x/refs/tsb/profile/v2/profile_service.mdx",9178],"196fd1b4":[()=&gt;r.e("10974").then(r.bind(r,18405)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/ingress_gateway.mdx",18405],"198abadc":[()=&gt;r.e("72925").then(r.bind(r,669985)),"@site/versioned_docs/version-1.11.x/refs/tsb/extension/v2/wasm_extension.mdx",669985],"19928dfb":[()=&gt;r.e("24337").then(r.bind(r,223099)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",223099],"19bf2410":[()=&gt;r.e("50169").then(r.bind(r,112503)),"@site/versioned_docs/version-1.12.x/setup/helm/upgrade.mdx",112503],"19dd7970":[()=&gt;r.e("69750").then(r.bind(r,656916)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/guide.mdx",656916],"19e0fbfd":[()=&gt;r.e("26213").then(r.t.bind(r,587656,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-features-d63.json",587656],"19f663d4":[()=&gt;r.e("1393").then(r.bind(r,223425)),"@site/versioned_docs/version-1.8.x/howto/wasm/wasm-try.mdx",223425],"19fbeab8":[()=&gt;r.e("29815").then(r.bind(r,753173)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/organization.mdx",753173],"1a036f39":[()=&gt;r.e("38958").then(r.bind(r,260956)),"@site/versioned_docs/version-1.6.x/refs/tsb/application/v2/openapi_extensions.mdx",260956],"1a112b26":[()=&gt;r.e("749").then(r.bind(r,332916)),"@site/versioned_docs/version-next/reference/cli/reference/whoami.md",332916],"1a2f7cd6":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("76784")]).then(r.bind(r,173180)),"@site/versioned_docs/version-next/howto/rate-limiting/tls-validation.mdx",173180],"1a3d5080":[()=&gt;r.e("30778").then(r.bind(r,335714)),"@site/versioned_docs/version-1.9.x/howto/traffic/configure-multi-port-service-route.mdx",335714],"1a4e3797":[()=&gt;Promise.all([r.e("86212"),r.e("39273"),r.e("85230")]).then(r.bind(r,652393)),"@theme/SearchPage",652393],"1a68fde7":[()=&gt;r.e("35822").then(r.bind(r,581045)),"@site/versioned_docs/version-next/cheatsheet/sheets/traffic-management.mdx",581045],"1a9ee947":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("37747")]).then(r.bind(r,371192)),"@site/versioned_docs/version-1.8.x/quickstart/permissions.mdx",371192],"1ab57c16":[()=&gt;r.e("2820").then(r.bind(r,685691)),"@site/versioned_docs/version-1.11.x/concepts/operators/management-plane.mdx",685691],"1ac8bfbe":[()=&gt;r.e("16718").then(r.t.bind(r,803968,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-users-567.json",803968],"1ace72d1":[()=&gt;r.e("67517").then(r.bind(r,501109)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/egress_gateway.mdx",501109],"1ae3ae58":[()=&gt;r.e("6885").then(r.bind(r,713071)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",713071],"1b15eacd":[()=&gt;r.e("6579").then(r.bind(r,491032)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/organization_service.mdx",491032],"1b1ba584":[()=&gt;r.e("76631").then(r.bind(r,426829)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/troubleshooting.mdx",426829],"1b2f5fe1":[()=&gt;r.e("65096").then(r.bind(r,452241)),"@site/versioned_docs/version-1.11.x/howto/wasm/wasm-try.mdx",452241],"1b3a521b":[()=&gt;r.e("19919").then(r.bind(r,988211)),"@site/versioned_docs/version-next/cheatsheet/sheets/kubectl.mdx",988211],"1b72fa0e":[()=&gt;r.e("19101").then(r.bind(r,638407)),"@site/versioned_docs/version-1.11.x/operations/telemetry/new-relic.mdx",638407],"1b79036b":[()=&gt;r.e("57352").then(r.bind(r,815848)),"@site/versioned_docs/version-next/refs/tsb/v2/organization_setting.mdx",815848],"1b8cd004":[()=&gt;r.e("2006").then(r.bind(r,300540)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/setup.mdx",300540],"1ba1e400":[()=&gt;r.e("30490").then(r.bind(r,707474)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/team.mdx",707474],"1bd01224":[()=&gt;r.e("56785").then(r.bind(r,820660)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2.mdx",820660],"1bd62b16":[()=&gt;r.e("16867").then(r.bind(r,180860)),"@site/versioned_docs/version-next/operations/features/deletion-protection.mdx",180860],"1bd95ac8":[()=&gt;r.e("70632").then(r.t.bind(r,116345,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-v-2-grpc-807.json",116345],"1be3926c":[()=&gt;r.e("39447").then(r.bind(r,937328)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/tenant_service.mdx",937328],"1c02928d":[()=&gt;r.e("6289").then(r.bind(r,492408)),"@site/versioned_docs/version-1.7.x/refs/tsb/traffic/v2/traffic_service.mdx",492408],"1c02b456":[()=&gt;Promise.all([r.e("86212"),r.e("42979")]).then(r.bind(r,99004)),"@site/versioned_docs/version-1.11.x/howto/gateway/unified-gateway-upgrade.mdx",99004],"1c18e0a6":[()=&gt;r.e("94688").then(r.bind(r,372987)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",372987],"1c238706":[()=&gt;r.e("86710").then(r.t.bind(r,450548,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-howto-traffic-2fd.json",450548],"1c2ccb75":[()=&gt;Promise.all([r.e("86212"),r.e("62935")]).then(r.bind(r,660506)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/gateway-security.mdx",660506],"1c365ecf":[()=&gt;r.e("52645").then(r.bind(r,238500)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/managing.mdx",238500],"1c39473a":[()=&gt;r.e("28469").then(r.bind(r,533561)),"@site/versioned_docs/version-1.11.x/operations/migrate-organization.mdx",533561],"1c42f91f":[()=&gt;r.e("87878").then(r.bind(r,70861)),"@site/versioned_docs/version-1.11.x/operations/vault/elasticsearch.mdx",70861],"1c4d176f":[()=&gt;r.e("47362").then(r.t.bind(r,340009,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-security-v-2-yaml-425.json",340009],"1c65f2fd":[()=&gt;r.e("36724").then(r.bind(r,386236)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/team_service.mdx",386236],"1c670bf1":[()=&gt;r.e("46294").then(r.bind(r,995246)),"@site/versioned_docs/version-1.10.x/operations/users/oidc-azure.mdx",995246],"1c6c92c2":[()=&gt;r.e("48247").then(r.bind(r,123412)),"@site/versioned_docs/version-1.12.x/operations/users/users-roles-and-permissions.mdx",123412],"1ca15b54":[()=&gt;Promise.all([r.e("86212"),r.e("10324")]).then(r.bind(r,958209)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",958209],"1ca7772a":[()=&gt;r.e("9506").then(r.bind(r,477655)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/service-account.md",477655],"1cff4b33":[()=&gt;r.e("136").then(r.t.bind(r,518718,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-howto-1de.json",518718],"1d07e63e":[()=&gt;r.e("31690").then(r.bind(r,676171)),"@site/versioned_docs/version-1.8.x/concepts/service-mesh.mdx",676171],"1d0af4bb":[()=&gt;r.e("21965").then(r.bind(r,972055)),"@site/versioned_docs/version-1.11.x/operations/features/istio-cni.mdx",972055],"1d0dc4ba":[()=&gt;r.e("50180").then(r.bind(r,849428)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/role_service.mdx",849428],"1d272c78":[()=&gt;Promise.all([r.e("86212"),r.e("10760")]).then(r.bind(r,470045)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/demo-1.mdx",470045],"1d27d9f6":[()=&gt;r.e("39760").then(r.t.bind(r,404971,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-q-v-2-grpc-706.json",404971],"1d2ecacd":[()=&gt;r.e("58619").then(r.t.bind(r,957176,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-application-v-2-grpc-97c.json",957176],"1d302da8":[()=&gt;r.e("32574").then(r.bind(r,180827)),"@site/versioned_docs/version-1.6.x/operations/telemetry/alerting-guidelines.mdx",180827],"1d602862":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("85482")]).then(r.bind(r,826029)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/index.mdx",826029],"1d9261b7":[()=&gt;r.e("58122").then(r.bind(r,186265)),"@site/versioned_docs/version-next/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",186265],"1d9a309c":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("68764")]).then(r.bind(r,671538)),"@site/versioned_docs/version-1.6.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",671538],"1d9d27c4":[()=&gt;r.e("23575").then(r.t.bind(r,657275,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-q-v-2-grpc-5f6.json",657275],"1dedf48b":[()=&gt;r.e("23128").then(r.t.bind(r,614567,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-tags-1b5.json",614567],"1def90cf":[()=&gt;r.e("99095").then(r.t.bind(r,177122,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-iam-v-2-grpc-839.json",177122],"1df46177":[()=&gt;r.e("75624").then(r.bind(r,328877)),"@site/versioned_docs/version-1.6.x/operations/features/edge-dns-resolution.mdx",328877],"1df93b7f":[()=&gt;r.e("48706").then(r.bind(r,976730)),"@site/src/pages/index.tsx",976730],"1e01819b":[()=&gt;r.e("90630").then(r.bind(r,922424)),"@site/versioned_docs/version-1.11.x/setup/helm/helm.mdx",922424],"1e0b488a":[()=&gt;r.e("92667").then(r.bind(r,636350)),"@site/versioned_docs/version-1.8.x/setup/helm/helm.mdx",636350],"1e366134":[()=&gt;r.e("10226").then(r.bind(r,985824)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",985824],"1e544661":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("12859")]).then(r.bind(r,222248)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/external-rate-limiting.mdx",222248],"1e573f9d":[()=&gt;r.e("23534").then(r.bind(r,101164)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/introduction.mdx",101164],"1e7e0969":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("55460")]).then(r.bind(r,877202)),"@site/versioned_docs/version-1.11.x/howto/traffic/canary-releases.mdx",877202],"1e820038":[()=&gt;r.e("22825").then(r.bind(r,202486)),"@site/versioned_docs/version-next/quickstart/config-groups.mdx",202486],"1e8b51e8":[()=&gt;r.e("22987").then(r.t.bind(r,638163,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-aws-191.json",638163],"1e92227b":[()=&gt;r.e("65166").then(r.bind(r,574675)),"@site/versioned_docs/version-1.8.x/howto/network-policies.mdx",574675],"1e94c2d8":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("16915")]).then(r.bind(r,549372)),"@site/versioned_docs/version-next/quickstart/traffic-shifting.mdx",549372],"1eae2c16":[()=&gt;r.e("52701").then(r.bind(r,880168)),"@site/versioned_docs/version-1.7.x/operations/elasticsearch/elasticsearch-role.mdx",880168],"1ec47baa":[()=&gt;r.e("79119").then(r.bind(r,67596)),"@site/versioned_docs/version-1.6.x/howto/traffic/migrating-VM-monoliths.mdx",67596],"1ee4e0b1":[()=&gt;r.e("31257").then(r.bind(r,983012)),"@site/versioned_docs/version-1.8.x/concepts/security.mdx",983012],"1f1514b2":[()=&gt;r.e("93851").then(r.bind(r,779127)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/tenant.mdx",779127],"1f4bc73f":[()=&gt;r.e("12659").then(r.bind(r,236134)),"@site/versioned_docs/version-1.6.x/howto/traffic/configure-multi-port-service-route.mdx",236134],"1f57b2f8":[()=&gt;r.e("58473").then(r.bind(r,728502)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/traffic_service.mdx",728502],"1f7ea90a":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("30077")]).then(r.bind(r,85676)),"@site/versioned_docs/version-1.6.x/quickstart/traffic-shifting.mdx",85676],"1f894db7":[()=&gt;r.e("80751").then(r.bind(r,241493)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",241493],"1f9ff34b":[()=&gt;r.e("82384").then(r.bind(r,11470)),"@site/versioned_docs/version-1.7.x/release-notes-announcements/feature-status.mdx",11470],"1fd4ec3b":[()=&gt;r.e("89497").then(r.bind(r,17467)),"@site/versioned_docs/version-1.11.x/refs/tsb/segmentation/v1/policy.mdx",17467],"1fd5a933":[()=&gt;r.e("82224").then(r.bind(r,260594)),"@site/versioned_docs/version-next/refs/tsb/q/v2/approvals_service.mdx",260594],"1fdfedf5":[()=&gt;r.e("90574").then(r.bind(r,151927)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",151927],"1fea56ee":[()=&gt;r.e("75705").then(r.bind(r,945659)),"@site/versioned_docs/version-1.6.x/concepts/service-mesh.mdx",945659],"1feec529":[()=&gt;r.e("6129").then(r.bind(r,50476)),"@site/versioned_docs/version-1.12.x/howto/wasm/wasm-proxy.mdx",50476],"1ff8c965":[()=&gt;r.e("64753").then(r.bind(r,745649)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",745649],"2000a31a":[()=&gt;r.e("5676").then(r.t.bind(r,902944,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-samples-c7c.json",902944],"20073baa":[()=&gt;r.e("91251").then(r.bind(r,143803)),"@site/versioned_docs/version-1.12.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",143803],"2008963e":[()=&gt;r.e("90921").then(r.bind(r,953538)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/gateway_service.mdx",953538],"2033551f":[()=&gt;r.e("8936").then(r.t.bind(r,590586,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-howto-076.json",590586],"2048c5c7":[()=&gt;r.e("91906").then(r.bind(r,374547)),"@site/versioned_docs/version-1.6.x/refs/tsb/registry/v2/registration_service.mdx",374547],"2060f524":[()=&gt;r.e("23269").then(r.bind(r,985833)),"@site/versioned_docs/version-next/refs/onboarding/private/types/sidecar/v1alpha1/configuration.mdx",985833],"207c00dc":[()=&gt;r.e("66248").then(r.bind(r,736886)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/tier1_gateway.mdx",736886],"208672f4":[()=&gt;r.e("1843").then(r.bind(r,314024)),"@site/versioned_docs/version-1.6.x/refs/tsb/registry/v2/service.mdx",314024],"209a6444":[()=&gt;r.e("48750").then(r.bind(r,979)),"@site/versioned_docs/version-1.7.x/refs/tsb/q/v2/permissions_service.mdx",979],"20aceebc":[()=&gt;r.e("43426").then(r.bind(r,385912)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/workspace.mdx",385912],"20b275d1":[()=&gt;r.e("7854").then(r.bind(r,218975)),"@site/versioned_docs/version-1.9.x/refs/install/kubernetes/k8s.mdx",218975],"20dd5560":[()=&gt;r.e("88369").then(r.bind(r,410817)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",410817],"20ea2cde":[()=&gt;r.e("41880").then(r.bind(r,426303)),"@site/versioned_docs/version-1.11.x/operations/configuration-promotion.mdx",426303],"20f5515c":[()=&gt;r.e("92841").then(r.bind(r,337831)),"@site/versioned_docs/version-1.8.x/operations/telemetry/alerting-guidelines.mdx",337831],"2168be7d":[()=&gt;r.e("57287").then(r.bind(r,292984)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-concepts.mdx",292984],"217fdbeb":[()=&gt;r.e("17987").then(r.bind(r,540310)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/validate.md",540310],"2190564c":[()=&gt;r.e("80125").then(r.bind(r,837076)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/workspace_setting.mdx",837076],"21b9d9f0":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("92553")]).then(r.bind(r,58483)),"@site/versioned_docs/version-1.6.x/quickstart/permissions.mdx",58483],"21c4a7f9":[()=&gt;r.e("62577").then(r.t.bind(r,358436,19)),"@generated/docusaurus-plugin-redoc/1_11_x/__plugin.json",358436],"21c76ad1":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("49268")]).then(r.bind(r,751951)),"@site/versioned_docs/version-1.11.x/howto/gateway/end-user-auth-keycloak.mdx",751951],"21dd80d6":[()=&gt;r.e("57217").then(r.t.bind(r,157477,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-workload-onboarding-onboarding-authorization-e82.json",157477],"2204614f":[()=&gt;r.e("51007").then(r.bind(r,887136)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",887136],"220ec72b":[()=&gt;r.e("53146").then(r.t.bind(r,815182,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-istiointernal-v-2-grpc-e0a.json",815182],"2233e332":[()=&gt;r.e("86019").then(r.bind(r,827706)),"@site/versioned_docs/version-1.7.x/operations/postgresql.mdx",827706],"223d6662":[()=&gt;r.e("40964").then(r.bind(r,152795)),"@site/versioned_docs/version-1.10.x/howto/wasm/wasm-proxy.mdx",152795],"223d7bd6":[()=&gt;r.e("63514").then(r.t.bind(r,953253,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/next/redocApiLayoutV1-next.json",953253],"2250ee86":[()=&gt;r.e("20220").then(r.bind(r,501818)),"@site/versioned_docs/version-1.12.x/troubleshooting/tsb-ui-metrics.mdx",501818],"225d2803":[()=&gt;r.e("79902").then(r.t.bind(r,382482,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-extension-v-2-yaml-902.json",382482],"228e5833":[()=&gt;r.e("32349").then(r.bind(r,86331)),"@site/versioned_docs/version-1.8.x/refs/tsb/registry/v2/registration_service.mdx",86331],"228ed991":[()=&gt;r.e("48240").then(r.bind(r,271797)),"@site/versioned_docs/version-1.6.x/troubleshooting/configuration-status.mdx",271797],"22c6650c":[()=&gt;r.e("88211").then(r.t.bind(r,608516,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-tags-tsb-concepts-476.json",608516],"22c9bfe4":[()=&gt;r.e("22535").then(r.bind(r,88843)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/policy_service.mdx",88843],"230e9633":[()=&gt;Promise.all([r.e("86212"),r.e("77040")]).then(r.bind(r,514427)),"@site/versioned_docs/version-1.7.x/howto/gateway/https-with-proxy-protocol.mdx",514427],"231acd0f":[()=&gt;r.e("98895").then(r.bind(r,653921)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/security_access_bindings.mdx",653921],"233c5d66":[()=&gt;r.e("20271").then(r.bind(r,141071)),"@site/versioned_docs/version-1.8.x/reference/grpc-api/guide.mdx",141071],"234524b5":[()=&gt;r.e("9114").then(r.bind(r,446363)),"@site/versioned_docs/version-1.7.x/quickstart/workspace.mdx",446363],"234bd398":[()=&gt;r.e("40769").then(r.t.bind(r,354318,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-tags-tsb-quickstart-e3c.json",354318],"236e6237":[()=&gt;r.e("95754").then(r.t.bind(r,905012,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-howto-gateway-563.json",905012],"2391664a":[()=&gt;r.e("76369").then(r.bind(r,797970)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/version.md",797970],"23c83581":[()=&gt;Promise.all([r.e("86212"),r.e("87779")]).then(r.bind(r,249548)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",249548],"23ccb6c8":[()=&gt;r.e("42339").then(r.bind(r,959879)),"@site/versioned_docs/version-1.7.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",959879],"23d2f25d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("64804")]).then(r.bind(r,606352)),"@site/versioned_docs/version-1.9.x/quickstart/ingress-gateway.mdx",606352],"23f213ee":[()=&gt;r.e("39269").then(r.bind(r,427474)),"@site/versioned_docs/version-1.10.x/howto/waf.mdx",427474],"240f8571":[()=&gt;r.e("50499").then(r.bind(r,350238)),"@site/versioned_docs/version-1.8.x/howto/hpa-using-skywalking.mdx",350238],"241ba1c7":[()=&gt;r.e("95999").then(r.bind(r,613067)),"@site/versioned_docs/version-1.6.x/setup/helm/upgrade.mdx",613067],"2421cb75":[()=&gt;r.e("38420").then(r.bind(r,837843)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",837843],"24234f9d":[()=&gt;r.e("77982").then(r.bind(r,597997)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",597997],"242bca94":[()=&gt;r.e("37501").then(r.bind(r,336970)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service.mdx",336970],0x175c537:[()=&gt;r.e("87850").then(r.bind(r,413021)),"@site/versioned_docs/version-1.10.x/howto/security-domains.mdx",413021],"247aeccb":[()=&gt;r.e("35208").then(r.bind(r,299232)),"@site/versioned_docs/version-1.8.x/refs/iam/v2/oidc_service.mdx",299232],"248a7aa3":[()=&gt;r.e("82370").then(r.bind(r,624989)),"@site/versioned_docs/version-next/refs/tsb/application/v2/application.mdx",624989],"24c1ae7a":[()=&gt;r.e("63106").then(r.bind(r,583624)),"@site/versioned_docs/version-1.8.x/concepts/tsb-and-istio.mdx",583624],"24e4589c":[()=&gt;r.e("33531").then(r.bind(r,389303)),"@site/versioned_docs/version-1.12.x/setup/helm/uninstallation.mdx",389303],"250e1234":[()=&gt;r.e("31541").then(r.bind(r,224795)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/tctl.md",224795],"2518acb0":[()=&gt;r.e("53328").then(r.bind(r,747634)),"@site/versioned_docs/version-next/knowledge-base/faq.mdx",747634],"257f7de8":[()=&gt;r.e("52368").then(r.bind(r,787494)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",787494],"257fff07":[()=&gt;r.e("31070").then(r.bind(r,423632)),"@site/versioned_docs/version-next/refs/tsb/profile/v2/profile.mdx",423632],"258ad07b":[()=&gt;r.e("34982").then(r.t.bind(r,876106,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-workload-onboarding-onboarding-authorization-f28.json",876106],"259624c5":[()=&gt;r.e("24616").then(r.bind(r,643213)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tctl.mdx",643213],"25bee4c9":[()=&gt;r.e("90275").then(r.bind(r,283683)),"@site/versioned_docs/version-1.12.x/howto/traffic/configure-multi-port-service-route.mdx",283683],"25bf1d3d":[()=&gt;r.e("5890").then(r.bind(r,319351)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/traffic_group.mdx",319351],"25d44b66":[()=&gt;r.e("78660").then(r.bind(r,382104)),"@site/versioned_docs/version-1.8.x/release-notes-announcements/feature-status.mdx",382104],"25d5f36c":[()=&gt;r.e("10050").then(r.t.bind(r,865225,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-istiointernal-v-2-yaml-c59.json",865225],"25de0981":[()=&gt;r.e("69525").then(r.bind(r,163636)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",163636],"25e670c9":[()=&gt;r.e("32792").then(r.bind(r,203887)),"@site/versioned_docs/version-1.10.x/refs/tsb/q/v2/approvals_service.mdx",203887],"25f9ba86":[()=&gt;r.e("78944").then(r.bind(r,335322)),"@site/versioned_docs/version-1.7.x/release-notes.mdx",335322],"2614d2f2":[()=&gt;r.e("76715").then(r.bind(r,931708)),"@site/versioned_docs/version-1.10.x/operations/vault/postgresql.mdx",931708],0x18f1033:[()=&gt;r.e("89887").then(r.bind(r,899522)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/tier1_gateway.mdx",899522],"261fafbb":[()=&gt;r.e("60811").then(r.bind(r,663102)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/info.mdx",663102],0x190dfbe:[()=&gt;r.e("61916").then(r.bind(r,664404)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig.md",664404],"26483a20":[()=&gt;r.e("86706").then(r.bind(r,576666)),"@site/versioned_docs/version-1.7.x/reference/yaml-api/guide.mdx",576666],"264b88d8":[()=&gt;r.e("25038").then(r.bind(r,352802)),"@site/versioned_docs/version-1.10.x/setup/fips.md",352802],"2671c056":[()=&gt;r.e("92953").then(r.t.bind(r,979830,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-install-c70.json",979830],"269da90f":[()=&gt;r.e("25936").then(r.bind(r,282526)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",282526],"26a05306":[()=&gt;r.e("87783").then(r.bind(r,394861)),"@site/versioned_docs/version-1.12.x/refs/tsb/dashboard/v1/dashboard_service.mdx",394861],"26bf84e3":[()=&gt;r.e("33644").then(r.t.bind(r,621087,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-rbac-v-2-yaml-b2d.json",621087],"26c3c763":[()=&gt;r.e("32199").then(r.bind(r,211269)),"@site/versioned_docs/version-next/quickstart/workspace.mdx",211269],"26ccbadb":[()=&gt;r.e("63966").then(r.t.bind(r,587317,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-9ef.json",587317],"26df94fd":[()=&gt;r.e("25948").then(r.bind(r,927548)),"@site/versioned_docs/version-1.8.x/design-guides/ha-dr-mp/scenarios.mdx",927548],"26e92433":[()=&gt;r.e("63151").then(r.t.bind(r,471817,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-yaml-api-b42.json",471817],"26f5547a":[()=&gt;r.e("30146").then(r.bind(r,115616)),"@site/versioned_docs/version-1.6.x/troubleshooting/identify-underperforming-services.mdx",115616],"26fdfda6":[()=&gt;r.e("35031").then(r.bind(r,435449)),"@site/versioned_docs/version-1.9.x/knowledge-base/gitops.mdx",435449],0x19cab77:[()=&gt;r.e("31883").then(r.bind(r,672675)),"@site/versioned_docs/version-1.11.x/setup/fips.md",672675],"2712f3ad":[()=&gt;r.e("52693").then(r.bind(r,751787)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/login.md",751787],"271b8f93":[()=&gt;Promise.all([r.e("86212"),r.e("54879")]).then(r.bind(r,722864)),"@site/versioned_docs/version-1.10.x/setup/upgrades/cni-upgrade.mdx",722864],"27325e39":[()=&gt;r.e("5536").then(r.bind(r,485905)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",485905],"27440c8e":[()=&gt;r.e("87560").then(r.bind(r,151817)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/debug.md",151817],"2747d23a":[()=&gt;r.e("37130").then(r.bind(r,692386)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",692386],"274a9d82":[()=&gt;r.e("54115").then(r.t.bind(r,572661,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-gateway-v-2-yaml-ff7.json",572661],"275286ce":[()=&gt;r.e("56245").then(r.t.bind(r,494441,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-tags-1e1.json",494441],"27692cb0":[()=&gt;r.e("17467").then(r.bind(r,785664)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",785664],"277024ec":[()=&gt;r.e("92230").then(r.bind(r,641168)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/completion.md",641168],"278b5c38":[()=&gt;r.e("32617").then(r.bind(r,348633)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/workspace_service.mdx",348633],"278ba062":[()=&gt;r.e("50688").then(r.bind(r,102499)),"@site/versioned_docs/version-1.12.x/howto/gateway/unified-gateway.mdx",102499],"279b0948":[()=&gt;r.e("12612").then(r.bind(r,186981)),"@site/versioned_docs/version-1.8.x/howto/promql-using-skywalking.mdx",186981],"279b56a5":[()=&gt;r.e("48887").then(r.bind(r,450921)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/install.md",450921],"27a16c3f":[()=&gt;r.e("33020").then(r.bind(r,845349)),"@site/versioned_docs/version-next/refs/iam/v2/oidc_service.mdx",845349],"27a6cf9e":[()=&gt;r.e("44349").then(r.bind(r,465254)),"@site/versioned_docs/version-1.8.x/operations/vault/postgresql.mdx",465254],"27ad8bc8":[()=&gt;Promise.all([r.e("86212"),r.e("77135")]).then(r.bind(r,524363)),"@site/versioned_docs/version-1.7.x/setup/upgrades/revisioned-to-revisioned.mdx",524363],"27b1220b":[()=&gt;r.e("41478").then(r.bind(r,947128)),"@site/versioned_docs/version-1.6.x/release-notes-announcements/support-policy.mdx",947128],"27c0870e":[()=&gt;r.e("81363").then(r.bind(r,97437)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",97437],"27e495a5":[()=&gt;r.e("93691").then(r.bind(r,677455)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",677455],"27e69b82":[()=&gt;Promise.all([r.e("86212"),r.e("87102")]).then(r.bind(r,568989)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/cross-cluster.mdx",568989],"27e9de2c":[()=&gt;r.e("52499").then(r.bind(r,135971)),"@site/versioned_docs/version-1.8.x/refs/tsb/registry/v2/service.mdx",135971],"27efeb8d":[()=&gt;Promise.all([r.e("86212"),r.e("23373")]).then(r.bind(r,968540)),"@site/versioned_docs/version-1.12.x/quickstart/apps.mdx",968540],"27fd734b":[()=&gt;r.e("47845").then(r.bind(r,868854)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/permissions.mdx",868854],"2817a4a8":[()=&gt;r.e("58273").then(r.bind(r,762561)),"@site/versioned_docs/version-1.6.x/operations/elasticsearch/elasticsearch-role.mdx",762561],"281da8c0":[()=&gt;r.e("86894").then(r.bind(r,30596)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/tenant_setting.mdx",30596],"282a6f68":[()=&gt;r.e("16113").then(r.bind(r,617412)),"@site/versioned_docs/version-1.7.x/howto/network-policies.mdx",617412],"2845db63":[()=&gt;r.e("66195").then(r.bind(r,911570)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",911570],"2857f5af":[()=&gt;Promise.all([r.e("86212"),r.e("40957")]).then(r.bind(r,454744)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/security.mdx",454744],"285aab29":[()=&gt;r.e("21488").then(r.bind(r,700837)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/guide.mdx",700837],"287347f6":[()=&gt;r.e("58374").then(r.bind(r,543450)),"@site/versioned_docs/version-1.7.x/howto/wasm/wasm-proxy.mdx",543450],"2875a5f7":[()=&gt;Promise.all([r.e("86212"),r.e("57852")]).then(r.bind(r,932388)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/prepare.mdx",932388],"28778c0e":[()=&gt;r.e("58595").then(r.bind(r,725493)),"@site/versioned_docs/version-1.12.x/refs/tsb/segmentation/v1/rules.mdx",725493],"2896f6d1":[()=&gt;r.e("82330").then(r.bind(r,709336)),"@site/versioned_docs/version-1.6.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",709336],"28b5918c":[()=&gt;r.e("50650").then(r.bind(r,43332)),"@site/versioned_docs/version-next/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",43332],"28c94705":[()=&gt;r.e("15776").then(r.bind(r,780127)),"@site/versioned_docs/version-1.7.x/setup/self-managed/uninstallation.mdx",780127],"28cba099":[()=&gt;r.e("57494").then(r.bind(r,664182)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/gateway_group.mdx",664182],"28d95712":[()=&gt;r.e("21974").then(r.bind(r,289023)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/setup.mdx",289023],"28e986a1":[()=&gt;r.e("86101").then(r.bind(r,336630)),"@site/versioned_docs/version-next/refs/audit/v1/audit.mdx",336630],"28ed33e2":[()=&gt;r.e("5358").then(r.bind(r,926780)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/delete.md",926780],"28f0c913":[()=&gt;r.e("55049").then(r.bind(r,966234)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/tenant.mdx",966234],"2901323f":[()=&gt;r.e("59702").then(r.bind(r,788536)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/workspace_setting.mdx",788536],"290c8075":[()=&gt;r.e("71056").then(r.bind(r,447432)),"@site/versioned_docs/version-1.12.x/operations/users/tsb-fqns.mdx",447432],"290e21cc":[()=&gt;r.e("20102").then(r.t.bind(r,468847,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_7_x/redocApiSpecV1.2-1_7_x.json",468847],"291bc1e7":[()=&gt;r.e("50978").then(r.bind(r,58005)),"@site/versioned_docs/version-1.12.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",58005],"2923610f":[()=&gt;r.e("58487").then(r.bind(r,101660)),"@site/versioned_docs/version-next/troubleshooting/troubleshooting.mdx",101660],"294d1b94":[()=&gt;r.e("21755").then(r.t.bind(r,763809,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-profile-v-2-grpc-207.json",763809],"29b449a2":[()=&gt;r.e("19674").then(r.bind(r,275772)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin.mdx",275772],"29bbf4c9":[()=&gt;r.e("15214").then(r.bind(r,901796)),"@site/versioned_docs/version-1.10.x/refs/tsb/registry/v2/registration_service.mdx",901796],"29cada54":[()=&gt;r.e("87664").then(r.bind(r,917134)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",917134],"29ee9a83":[()=&gt;Promise.all([r.e("86212"),r.e("19515")]).then(r.bind(r,736781)),"@site/versioned_docs/version-next/design-guides/app-onboarding/prepare.mdx",736781],"29fea89f":[()=&gt;r.e("96490").then(r.bind(r,67198)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/team.mdx",67198],"2a048c55":[()=&gt;r.e("20442").then(r.bind(r,10939)),"@site/versioned_docs/version-1.10.x/refs/tsb/observability/telemetry/v2/source_service.mdx",10939],"2a23cad1":[()=&gt;r.e("74189").then(r.bind(r,49843)),"@site/versioned_docs/version-1.10.x/setup/self-managed/uninstallation.mdx",49843],"2a2e6f9d":[()=&gt;r.e("58833").then(r.bind(r,720084)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",720084],"2a2e9a58":[()=&gt;Promise.all([r.e("86212"),r.e("17443")]).then(r.bind(r,238342)),"@site/versioned_docs/version-1.8.x/setup/upgrades/revisioned-to-revisioned.mdx",238342],"2a30ad61":[()=&gt;r.e("41313").then(r.t.bind(r,784154,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-rbac-v-2-grpc-d6c.json",784154],"2a38a1a7":[()=&gt;r.e("66473").then(r.bind(r,888202)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",888202],"2a4ed34a":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("8076")]).then(r.bind(r,511042)),"@site/versioned_docs/version-1.6.x/howto/gateway/distributed-ingress.mdx",511042],"2a7d2b7e":[()=&gt;r.e("72354").then(r.t.bind(r,193950,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-tags-tsb-concepts-445.json",193950],"2a82e64d":[()=&gt;r.e("31730").then(r.bind(r,445609)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",445609],"2a937b25":[()=&gt;r.e("71677").then(r.bind(r,954792)),"@site/versioned_docs/version-1.10.x/howto/traffic/migrating-VM-monoliths.mdx",954792],"2a98eed2":[()=&gt;r.e("70448").then(r.bind(r,994066)),"@site/versioned_docs/version-1.10.x/operations/telemetry/key-metrics.md",994066],"2ac54dd8":[()=&gt;r.e("87583").then(r.bind(r,91586)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/security-management.mdx",91586],"2ac7c96b":[()=&gt;r.e("62642").then(r.bind(r,681566)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",681566],"2ae002e5":[()=&gt;r.e("37694").then(r.bind(r,358521)),"@site/versioned_docs/version-1.6.x/refs/tsb/traffic/v2/traffic_group.mdx",358521],"2ae13922":[()=&gt;r.e("29678").then(r.bind(r,578195)),"@site/versioned_docs/version-1.10.x/operations/features/configure-gitops.mdx",578195],"2ae8f791":[()=&gt;r.e("7605").then(r.bind(r,902104)),"@site/versioned_docs/version-1.8.x/operations/vault/elasticsearch.mdx",902104],"2aec3f7b":[()=&gt;r.e("11551").then(r.bind(r,549519)),"@site/versioned_docs/version-1.11.x/reference/grpc-api/guide.mdx",549519],"2b1386ed":[()=&gt;r.e("49833").then(r.bind(r,588425)),"@site/versioned_docs/version-next/setup/certificate/automated-certificate-management.mdx",588425],"2b515a58":[()=&gt;r.e("31570").then(r.bind(r,261866)),"@site/versioned_docs/version-1.10.x/refs/tsb/application/v2/openapi_extensions.mdx",261866],"2b6733f9":[()=&gt;Promise.all([r.e("86212"),r.e("69623")]).then(r.bind(r,699931)),"@site/versioned_docs/version-1.11.x/howto/authorization/toc.mdx",699931],"2b7e505b":[()=&gt;r.e("79331").then(r.bind(r,497525)),"@site/versioned_docs/version-1.7.x/operations/telemetry/key-metrics.md",497525],"2b9d9245":[()=&gt;r.e("68442").then(r.bind(r,41690)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/ecs-workloads.mdx",41690],"2ba2c606":[()=&gt;r.e("51250").then(r.bind(r,274427)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-terminology.mdx",274427],"2bca4088":[()=&gt;r.e("33087").then(r.bind(r,564966)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/on-premise-workloads.mdx",564966],"2bccee42":[()=&gt;r.e("41391").then(r.bind(r,15846)),"@site/versioned_docs/version-1.12.x/refs/audit/v1/audit.mdx",15846],"2bd2cd97":[()=&gt;r.e("17007").then(r.t.bind(r,999393,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-v-2-grpc-b3b.json",999393],"2be0d110":[()=&gt;r.e("61810").then(r.bind(r,311845)),"@site/versioned_docs/version-next/operations/configure-log-levels.mdx",311845],"2bf1ab91":[()=&gt;r.e("96208").then(r.bind(r,664378)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/workspace_setting.mdx",664378],"2c00c0a5":[()=&gt;r.e("47231").then(r.bind(r,11188)),"@site/versioned_docs/version-1.11.x/howto/waf.mdx",11188],"2c4dc16d":[()=&gt;r.e("50994").then(r.bind(r,538951)),"@site/versioned_docs/version-1.9.x/refs/tsb/application/v2/api.mdx",538951],"2c75241e":[()=&gt;r.e("2894").then(r.bind(r,210576)),"@site/versioned_docs/version-next/setup/isolation-boundaries.mdx",210576],"2c80977b":[()=&gt;r.e("75309").then(r.bind(r,727790)),"@site/versioned_docs/version-1.8.x/troubleshooting/debug-container.mdx",727790],"2c860962":[()=&gt;Promise.all([r.e("86212"),r.e("71624")]).then(r.bind(r,393327)),"@site/versioned_docs/version-1.6.x/concepts/toc.mdx",393327],"2c876b48":[()=&gt;r.e("49835").then(r.t.bind(r,615373,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-extension-v-2-grpc-1b5.json",615373],"2c99069d":[()=&gt;r.e("70485").then(r.bind(r,115525)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/status_service.mdx",115525],"2c9f848b":[()=&gt;r.e("61539").then(r.bind(r,711643)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/version.md",711643],"2ce3b6f8":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("78813")]).then(r.bind(r,890936)),"@site/versioned_docs/version-1.12.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",890936],"2d38bcd8":[()=&gt;r.e("26021").then(r.bind(r,418158)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/workspace_setting.mdx",418158],"2d52655e":[()=&gt;r.e("10931").then(r.t.bind(r,317746,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-cli-e9e.json",317746],"2d546b5c":[()=&gt;r.e("72548").then(r.bind(r,973608)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",973608],"2d751208":[()=&gt;r.e("94588").then(r.bind(r,85579)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",85579],"2db27eaf":[()=&gt;r.e("90635").then(r.bind(r,751434)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts.mdx",751434],"2df13ed5":[()=&gt;r.e("87749").then(r.bind(r,667483)),"@site/versioned_docs/version-1.11.x/operations/users/new-user-local-idp.mdx",667483],"2dfd014e":[()=&gt;r.e("70606").then(r.bind(r,783324)),"@site/versioned_docs/version-1.9.x/reference/yaml-api/guide.mdx",783324],"2e1d658b":[()=&gt;r.e("8813").then(r.bind(r,641440)),"@site/versioned_docs/version-1.10.x/reference/samples/sleep-service.mdx",641440],"2e3db203":[()=&gt;Promise.all([r.e("86212"),r.e("20357")]).then(r.bind(r,253233)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/prepare.mdx",253233],"2e497cee":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("21639")]).then(r.bind(r,396305)),"@site/versioned_docs/version-1.10.x/howto/gateway/distributed-ingress.mdx",396305],"2e670646":[()=&gt;Promise.all([r.e("86212"),r.e("38485")]).then(r.bind(r,379732)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",379732],"2e837f9c":[()=&gt;r.e("78996").then(r.bind(r,932826)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service.mdx",932826],"2e879d97":[()=&gt;r.e("9642").then(r.bind(r,445752)),"@site/versioned_docs/version-1.11.x/setup/upgrade-best-practices.md",445752],"2ed4acc0":[()=&gt;r.e("85038").then(r.bind(r,800044)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/service_route.mdx",800044],"2ed87c8a":[()=&gt;r.e("20058").then(r.bind(r,581703)),"@site/versioned_docs/version-1.6.x/refs/istio.io/api/operator/v1alpha1/operator.mdx",581703],"2ed975e3":[()=&gt;r.e("80531").then(r.bind(r,996693)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/install.md",996693],"2f1b6f5a":[()=&gt;r.e("34755").then(r.t.bind(r,585782,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-yaml-api-de8.json",585782],"2f1fe10a":[()=&gt;r.e("49642").then(r.bind(r,86330)),"@site/versioned_docs/version-1.9.x/setup/components.mdx",86330],"2f469864":[()=&gt;r.e("73169").then(r.bind(r,550054)),"@site/versioned_docs/version-1.7.x/howto/hpa-using-skywalking.mdx",550054],"2f548106":[()=&gt;r.e("39354").then(r.bind(r,177929)),"@site/versioned_docs/version-1.12.x/refs/install/common/common_config.mdx",177929],"2f65e3f1":[()=&gt;r.e("77492").then(r.bind(r,545240)),"@site/versioned_docs/version-next/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service.mdx",545240],"2f7eaa32":[()=&gt;r.e("23200").then(r.t.bind(r,38200,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-quickstart-b83.json",38200],"2f8e8ffd":[()=&gt;r.e("27461").then(r.bind(r,552278)),"@site/versioned_docs/version-1.6.x/setup/components.mdx",552278],"2f8fe8a8":[()=&gt;r.e("19601").then(r.bind(r,414081)),"@site/versioned_docs/version-1.11.x/refs/tsb/dashboard/v1/dashboard_service.mdx",414081],"2fb70b18":[()=&gt;r.e("74359").then(r.bind(r,205647)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service.mdx",205647],"2fbe33a7":[()=&gt;r.e("53254").then(r.bind(r,214631)),"@site/versioned_docs/version-1.9.x/quickstart/introduction.mdx",214631],"2fc2c155":[()=&gt;Promise.all([r.e("86212"),r.e("37525")]).then(r.bind(r,5861)),"@site/versioned_docs/version-1.12.x/howto/gateway/unified-gateway-upgrade.mdx",5861],"2fd0684d":[()=&gt;r.e("30376").then(r.bind(r,383267)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/tier1_gateway.mdx",383267],"3014ea68":[()=&gt;r.e("67510").then(r.bind(r,357111)),"@site/versioned_docs/version-1.9.x/operations/users/oidc-azure.mdx",357111],"301de5f4":[()=&gt;r.e("71856").then(r.bind(r,601177)),"@site/versioned_docs/version-1.11.x/reference/yaml-api/guide.mdx",601177],"303741b2":[()=&gt;r.e("65268").then(r.t.bind(r,91171,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-yaml-api-reference-179.json",91171],"304b5c37":[()=&gt;r.e("45492").then(r.bind(r,26369)),"@site/versioned_docs/version-next/operations/telemetry/new-relic.mdx",26369],"3063aa5d":[()=&gt;r.e("502").then(r.bind(r,944645)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",944645],"307565b7":[()=&gt;r.e("57793").then(r.bind(r,329967)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/istio_security_direct.mdx",329967],0x1d56196:[()=&gt;r.e("3942").then(r.bind(r,363)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",363],"3078d164":[()=&gt;r.e("50491").then(r.bind(r,328549)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",328549],"307ee384":[()=&gt;r.e("72762").then(r.bind(r,158603)),"@site/versioned_docs/version-next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service.mdx",158603],"307f9c3d":[()=&gt;r.e("26988").then(r.bind(r,239395)),"@site/versioned_docs/version-1.12.x/setup/certificate/certificate-requirements.mdx",239395],"30a04540":[()=&gt;r.e("28553").then(r.t.bind(r,510063,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-telemetry-d0e.json",510063],"30db4aaa":[()=&gt;r.e("90713").then(r.t.bind(r,229807,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-v-2-yaml-f30.json",229807],"30dc731b":[()=&gt;r.e("15397").then(r.bind(r,962107)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",962107],"311c032f":[()=&gt;r.e("46816").then(r.t.bind(r,602333,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-iam-v-2-grpc-ae6.json",602333],"3130253e":[()=&gt;r.e("21263").then(r.bind(r,194782)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",194782],"314d5ccc":[()=&gt;r.e("89011").then(r.bind(r,334737)),"@site/versioned_docs/version-1.6.x/howto/wasm/wasm-overview.mdx",334737],0x1e317e1:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("41858")]).then(r.bind(r,736278)),"@site/versioned_docs/version-1.10.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",736278],"316f1bcc":[()=&gt;r.e("14186").then(r.t.bind(r,707976,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_12_x/redocApiLayoutV1-1_12_x.json",707976],"3192e20e":[()=&gt;r.e("68675").then(r.bind(r,637910)),"@site/versioned_docs/version-1.7.x/refs/tsb/traffic/v2/traffic_group.mdx",637910],"31ce2228":[()=&gt;r.e("16882").then(r.bind(r,177633)),"@site/versioned_docs/version-1.10.x/concepts/glossary.md",177633],"31d4fc86":[()=&gt;r.e("38612").then(r.bind(r,405110)),"@site/versioned_docs/version-1.10.x/operations/users/users-roles-and-permissions.mdx",405110],"31d50142":[()=&gt;r.e("66636").then(r.bind(r,247739)),"@site/versioned_docs/version-next/reference/cli/reference/workload-entry-annotations.md",247739],"31d54499":[()=&gt;r.e("4242").then(r.bind(r,991403)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration.mdx",991403],"31f1889e":[()=&gt;Promise.all([r.e("86212"),r.e("2393")]).then(r.bind(r,375709)),"@site/versioned_docs/version-next/setup/self-managed/toc.mdx",375709],"31f25979":[()=&gt;r.e("12880").then(r.bind(r,238625)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/workspace_service.mdx",238625],"31fc3026":[()=&gt;r.e("84885").then(r.bind(r,312782)),"@site/versioned_docs/version-1.10.x/operations/elasticsearch/elasticsearch-role.mdx",312782],"320af265":[()=&gt;r.e("40361").then(r.bind(r,308825)),"@site/versioned_docs/version-next/reference/cli/reference/service-account.md",308825],"320efceb":[()=&gt;r.e("93759").then(r.bind(r,525027)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/whoami.md",525027],"3214e697":[()=&gt;r.e("20903").then(r.bind(r,801240)),"@site/versioned_docs/version-next/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",801240],"32396d6f":[()=&gt;r.e("53661").then(r.bind(r,722100)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/apply.md",722100],"3245c80d":[()=&gt;r.e("66137").then(r.t.bind(r,591161,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-observability-telemetry-v-2-yaml-971.json",591161],"3246fa5b":[()=&gt;r.e("99439").then(r.t.bind(r,495233,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-workload-onboarding-onboarding-agent-c07.json",495233],"3276d00d":[()=&gt;r.e("33998").then(r.bind(r,800663)),"@site/versioned_docs/version-1.6.x/concepts/security.mdx",800663],"3277808b":[()=&gt;r.e("82623").then(r.bind(r,11713)),"@site/versioned_docs/version-1.6.x/refs/tsb/application/v2/api.mdx",11713],0x1f7796c:[()=&gt;r.e("40060").then(r.t.bind(r,194033,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-cli-reference-868.json",194033],"32a517a4":[()=&gt;r.e("28647").then(r.bind(r,101054)),"@site/versioned_docs/version-1.7.x/concepts/terminology.mdx",101054],"32d0b0b8":[()=&gt;r.e("29857").then(r.bind(r,371326)),"@site/versioned_docs/version-next/operations/users/tsb-fqns.mdx",371326],"32dfb13a":[()=&gt;r.e("23229").then(r.bind(r,784931)),"@site/versioned_docs/version-1.7.x/reference/grpc-api/guide.mdx",784931],"32f235e3":[()=&gt;r.e("21503").then(r.bind(r,995433)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",995433],"32f36e01":[()=&gt;r.e("47668").then(r.bind(r,516962)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/gateway_access_bindings.mdx",516962],"32fe92c2":[()=&gt;r.e("37248").then(r.bind(r,527085)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/permissions.mdx",527085],"33027d1c":[()=&gt;r.e("11701").then(r.bind(r,992570)),"@site/versioned_docs/version-1.8.x/refs/tsb/application/v2/application_service.mdx",992570],"33082e5a":[()=&gt;r.e("86741").then(r.bind(r,386685)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/tctl.md",386685],"330ffcb1":[()=&gt;r.e("54740").then(r.bind(r,879616)),"@site/versioned_docs/version-1.7.x/operations/users/oidc-azure.mdx",879616],"334a9bff":[()=&gt;r.e("29114").then(r.bind(r,661501)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",661501],"334eb0e6":[()=&gt;r.e("70141").then(r.bind(r,181285)),"@site/versioned_docs/version-1.8.x/refs/tsb/application/v2/openapi_extensions.mdx",181285],"33548d09":[()=&gt;r.e("3933").then(r.bind(r,308060)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",308060],"337ae2de":[()=&gt;r.e("23654").then(r.bind(r,146279)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-quickstart.mdx",146279],"337ec615":[()=&gt;r.e("24370").then(r.bind(r,521200)),"@site/versioned_docs/version-next/concepts/observability.mdx",521200],"3389ffef":[()=&gt;r.e("53579").then(r.t.bind(r,176461,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-release-notes-announcements-c66.json",176461],"339524db":[()=&gt;r.e("20117").then(r.t.bind(r,118554,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-traffic-v-2-grpc-5bc.json",118554],"3399a3fd":[()=&gt;r.e("34991").then(r.bind(r,580559)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",580559],"33ace08e":[()=&gt;r.e("35434").then(r.bind(r,762332)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/ingress-gateway.mdx",762332],"33cd0b2b":[()=&gt;r.e("241").then(r.bind(r,290190)),"@site/versioned_docs/version-next/operations/features/label-annotation.mdx",290190],"33de02e4":[()=&gt;r.e("41853").then(r.t.bind(r,775118,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-workload-onboarding-9c7.json",775118],"33e25052":[()=&gt;r.e("97494").then(r.bind(r,194875)),"@site/versioned_docs/version-1.9.x/operations/features/streaming-log.mdx",194875],"340ca70d":[()=&gt;r.e("32241").then(r.bind(r,359749)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/experimental.md",359749],"342d709e":[()=&gt;r.e("44825").then(r.t.bind(r,655931,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-tags-tsb-quickstart-bcf.json",655931],"3456e8fc":[()=&gt;Promise.all([r.e("86212"),r.e("54871")]).then(r.bind(r,737058)),"@site/versioned_docs/version-1.10.x/quickstart/deploy-sample-app.mdx",737058],"345ac292":[()=&gt;r.e("22806").then(r.bind(r,381632)),"@site/versioned_docs/version-1.11.x/refs/tsb/observability/telemetry/v2/source.mdx",381632],"346a9512":[()=&gt;r.e("93961").then(r.bind(r,413309)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/security-management.mdx",413309],"34b7b77b":[()=&gt;r.e("41048").then(r.bind(r,234175)),"@site/versioned_docs/version-1.8.x/setup/helm/uninstallation.mdx",234175],"34c1ecac":[()=&gt;r.e("4002").then(r.t.bind(r,707771,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-audit-v-1-grpc-13d.json",707771],"34e320a8":[()=&gt;Promise.all([r.e("86212"),r.e("75652")]).then(r.bind(r,899121)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/toc.mdx",899121],"3502e2ba":[()=&gt;r.e("25733").then(r.bind(r,742593)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",742593],"354eed60":[()=&gt;r.e("64418").then(r.bind(r,108091)),"@site/versioned_docs/version-1.7.x/setup/resource-planning.mdx",108091],"356966a1":[()=&gt;r.e("58192").then(r.bind(r,845547)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",845547],"3570cfc0":[()=&gt;r.e("41770").then(r.bind(r,810354)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/istio_security_direct.mdx",810354],"35901fb5":[()=&gt;r.e("62721").then(r.bind(r,545393)),"@site/versioned_docs/version-1.10.x/howto/network-policies.mdx",545393],"35940f1c":[()=&gt;r.e("2575").then(r.bind(r,836863)),"@site/versioned_docs/version-1.10.x/howto/authorization/ingress-gateway.mdx",836863],"35957eec":[()=&gt;r.e("14389").then(r.bind(r,768231)),"@site/versioned_docs/version-1.7.x/refs/install/managementplane/v1alpha1/spec.mdx",768231],"35b7cad9":[()=&gt;r.e("90656").then(r.bind(r,870826)),"@site/versioned_docs/version-next/operations/configuration-promotion.mdx",870826],"35d2e356":[()=&gt;r.e("60719").then(r.t.bind(r,301176,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-tags-tsb-concepts-1e3.json",301176],"35d8abe3":[()=&gt;r.e("56277").then(r.bind(r,706120)),"@site/versioned_docs/version-1.12.x/refs/tsb/diagnostic/v2/diagnostic_service.mdx",706120],0x228f8a6:[()=&gt;r.e("56703").then(r.bind(r,197885)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/ui.md",197885],"3624bac4":[()=&gt;r.e("56171").then(r.bind(r,433701)),"@site/versioned_docs/version-1.6.x/reference/samples/sleep-service.mdx",433701],"364269c1":[()=&gt;r.e("57846").then(r.bind(r,454476)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",454476],"36495e45":[()=&gt;r.e("11364").then(r.bind(r,397084)),"@site/versioned_docs/version-1.8.x/howto/gateway/configure-oidc.mdx",397084],"36547aff":[()=&gt;r.e("55972").then(r.bind(r,979585)),"@site/versioned_docs/version-1.12.x/operations/features/streaming-log.mdx",979585],"365bc771":[()=&gt;r.e("12354").then(r.t.bind(r,240427,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-vault-135.json",240427],"365ddca3":[()=&gt;r.e("40624").then(r.bind(r,669317)),"@site/versioned_docs/version-next/refs/tsb/security/v2/security_service.mdx",669317],"36658a02":[()=&gt;r.e("16195").then(r.bind(r,983509)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",983509],"366a03ca":[()=&gt;r.e("70978").then(r.bind(r,616642)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/organization_setting.mdx",616642],"3671be31":[()=&gt;r.e("46077").then(r.t.bind(r,673531,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-category-working-with-tetrate-customer-support-8e3.json",673531],"3675a1e4":[()=&gt;r.e("37453").then(r.bind(r,10702)),"@site/versioned_docs/version-1.12.x/refs/tsb/segmentation/v1/policy.mdx",10702],"368c6786":[()=&gt;Promise.all([r.e("86212"),r.e("81863")]).then(r.bind(r,31814)),"@site/versioned_docs/version-1.10.x/operations/telemetry/telemetry-architecture.mdx",31814],0x2333ab9:[()=&gt;r.e("82001").then(r.t.bind(r,881285,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-postgresql-42f.json",881285],"3697c9a3":[()=&gt;r.e("13084").then(r.bind(r,696040)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/access_bindings.mdx",696040],"36986d48":[()=&gt;r.e("55141").then(r.bind(r,103259)),"@site/versioned_docs/version-1.12.x/operations/features/deletion-protection.mdx",103259],"3698cc64":[()=&gt;r.e("63559").then(r.bind(r,358076)),"@site/versioned_docs/version-1.11.x/concepts/observability.mdx",358076],"36b3a3fc":[()=&gt;r.e("37328").then(r.t.bind(r,820251,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-auth-v-2-yaml-5cc.json",820251],"36bdecc6":[()=&gt;r.e("8163").then(r.bind(r,502954)),"@site/versioned_docs/version-1.7.x/setup/self-managed/upgrade.mdx",502954],"36c6722f":[()=&gt;r.e("96935").then(r.t.bind(r,238075,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-audit-v-1-grpc-a6b.json",238075],"36d9f456":[()=&gt;r.e("35686").then(r.bind(r,630415)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service.mdx",630415],"36ee3c3a":[()=&gt;r.e("96012").then(r.bind(r,948972)),"@site/versioned_docs/version-1.7.x/howto/gitops/argo-rollouts.mdx",948972],"36f4392c":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("91185")]).then(r.bind(r,390332)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/onboarding-vms.mdx",390332],"3703d592":[()=&gt;Promise.all([r.e("86212"),r.e("70514")]).then(r.bind(r,996504)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/introduction.mdx",996504],"3720c009":[()=&gt;Promise.all([r.e("86212"),r.e("62898")]).then(r.bind(r,278868)),"@theme/DocTagsListPage",278868],"37285fb9":[()=&gt;r.e("20224").then(r.bind(r,774150)),"@site/versioned_docs/version-next/operations/vault/elasticsearch.mdx",774150],0x238f841:[()=&gt;r.e("4817").then(r.bind(r,381435)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/setup.mdx",381435],0x23a1ffc:[()=&gt;r.e("67139").then(r.t.bind(r,657308,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-gateway-v-2-yaml-972.json",657308],"374cdd99":[()=&gt;r.e("98355").then(r.bind(r,944534)),"@site/versioned_docs/version-next/concepts/traffic-management.mdx",944534],"376207fb":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("40901")]).then(r.bind(r,476531)),"@site/versioned_docs/version-1.12.x/quickstart/tenant.mdx",476531],"37682e02":[()=&gt;r.e("40222").then(r.bind(r,797807)),"@site/versioned_docs/version-1.11.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",797807],"377c34b5":[()=&gt;r.e("30243").then(r.bind(r,689792)),"@site/versioned_docs/version-next/concepts/tsb-and-ambient.mdx",689792],0x240dbf5:[()=&gt;r.e("50833").then(r.bind(r,631898)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/egress_gateway.mdx",631898],"3782191b":[()=&gt;r.e("37886").then(r.bind(r,655578)),"@site/versioned_docs/version-1.11.x/refs/private/iam/v1/iam.mdx",655578],"3782cd01":[()=&gt;r.e("79709").then(r.bind(r,718429)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts.mdx",718429],0x241ac06:[()=&gt;r.e("22611").then(r.bind(r,569834)),"@site/versioned_docs/version-next/howto/gateway/unfied-gateway-management-via-mp.mdx",569834],"37a171cc":[()=&gt;Promise.all([r.e("86212"),r.e("62870")]).then(r.bind(r,809042)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",809042],"37da6ef1":[()=&gt;r.e("96710").then(r.bind(r,4170)),"@site/versioned_docs/version-next/refs/onboarding/private/types/credential/aws/v1alpha1/sts.mdx",4170],"37e7c9ae":[()=&gt;r.e("18622").then(r.bind(r,36842)),"@site/versioned_docs/version-next/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",36842],"37f34413":[()=&gt;r.e("31219").then(r.bind(r,693300)),"@site/versioned_docs/version-1.10.x/setup/migrate-tctl-to-helm.mdx",693300],"37fd805b":[()=&gt;r.e("69810").then(r.bind(r,137680)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",137680],"3802cb3b":[()=&gt;r.e("21752").then(r.bind(r,795178)),"@site/versioned_docs/version-1.6.x/setup/resource-planning.mdx",795178],"380f10cc":[()=&gt;r.e("59774").then(r.bind(r,716855)),"@site/versioned_docs/version-1.9.x/operations/features/deletion-protection.mdx",716855],"380f96c5":[()=&gt;r.e("16961").then(r.bind(r,482673)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/security_group.mdx",482673],"3813cd29":[()=&gt;r.e("96925").then(r.bind(r,243967)),"@site/versioned_docs/version-1.10.x/howto/traffic/configure-multi-port-service-route.mdx",243967],"3814a413":[()=&gt;r.e("93950").then(r.bind(r,678851)),"@site/versioned_docs/version-1.8.x/operations/migrate-organization.mdx",678851],"384d0e08":[()=&gt;r.e("49383").then(r.bind(r,970054)),"@site/versioned_docs/version-1.12.x/operations/features/label-annotation.mdx",970054],"385cf17b":[()=&gt;r.e("9184").then(r.bind(r,719602)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",719602],"386f2075":[()=&gt;r.e("8449").then(r.t.bind(r,850775,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-howto-traffic-255.json",850775],"3893df2b":[()=&gt;r.e("69001").then(r.t.bind(r,906270,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-gateway-v-2-yaml-c31.json",906270],"38abf7d2":[()=&gt;r.e("61990").then(r.bind(r,898492)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/service_security_setting.mdx",898492],"38d57c6b":[()=&gt;r.e("28526").then(r.t.bind(r,333901,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-374.json",333901],"38db640b":[()=&gt;r.e("7166").then(r.t.bind(r,356349,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/next/redocApiSpecV1.2-next.json",356349],"38ef3c77":[()=&gt;r.e("75873").then(r.bind(r,256614)),"@site/versioned_docs/version-1.12.x/setup/helm/helm.mdx",256614],"38f2d848":[()=&gt;r.e("87097").then(r.t.bind(r,282406,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-users-a53.json",282406],"38f8acf7":[()=&gt;Promise.all([r.e("86212"),r.e("90175")]).then(r.bind(r,736809)),"@site/versioned_docs/version-next/howto/gateway/configure-and-route-nonhttp-traffic.mdx",736809],"393051af":[()=&gt;Promise.all([r.e("86212"),r.e("32612")]).then(r.bind(r,891617)),"@site/versioned_docs/version-1.9.x/operations/postgresql/azure-credentials.mdx",891617],0x2590fcc:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("42254")]).then(r.bind(r,681375)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/external-rate-limiting.mdx",681375],"3954dc2e":[()=&gt;r.e("34010").then(r.t.bind(r,855387,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-samples-1d0.json",855387],"3956d451":[()=&gt;r.e("92739").then(r.bind(r,562806)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",562806],"39890b52":[()=&gt;r.e("95144").then(r.bind(r,18559)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/application_access_bindings.mdx",18559],"399ae443":[()=&gt;r.e("78447").then(r.bind(r,440978)),"@site/versioned_docs/version-1.7.x/howto/promql-using-skywalking.mdx",440978],"39d43742":[()=&gt;r.e("1733").then(r.bind(r,685176)),"@site/versioned_docs/version-1.6.x/howto/service-accounts.mdx",685176],"39fa1934":[()=&gt;r.e("72757").then(r.bind(r,620360)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/operations.mdx",620360],"39fa2f31":[()=&gt;r.e("42644").then(r.bind(r,554074)),"@site/versioned_docs/version-next/refs/tsb/v2/organization.mdx",554074],"3a283b39":[()=&gt;Promise.all([r.e("86212"),r.e("73341")]).then(r.bind(r,587838)),"@site/versioned_docs/version-1.11.x/setup/firewall-information.mdx",587838],"3a4655e3":[()=&gt;Promise.all([r.e("86212"),r.e("3693")]).then(r.bind(r,161106)),"@site/versioned_docs/version-1.10.x/setup/self-managed/onboarding-clusters.mdx",161106],"3a4b5a30":[()=&gt;r.e("42360").then(r.bind(r,304845)),"@site/versioned_docs/version-next/refs/tsb/application/v2/openapi_extensions.mdx",304845],"3a6ab09d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("68498")]).then(r.bind(r,286920)),"@site/versioned_docs/version-1.12.x/quickstart/permissions.mdx",286920],"3a6cb274":[()=&gt;Promise.all([r.e("86212"),r.e("83945")]).then(r.bind(r,198716)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/manual/reinstall.mdx",198716],"3a6fdd43":[()=&gt;r.e("19926").then(r.bind(r,327460)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",327460],"3a779c2e":[()=&gt;r.e("99280").then(r.bind(r,132537)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/introduction.mdx",132537],"3a78f269":[()=&gt;Promise.all([r.e("86212"),r.e("6073")]).then(r.bind(r,191199)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/toc.mdx",191199],"3a8033c9":[()=&gt;r.e("72414").then(r.bind(r,464953)),"@site/versioned_docs/version-1.7.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",464953],"3a808c35":[()=&gt;r.e("56658").then(r.bind(r,266143)),"@site/versioned_docs/version-1.7.x/operations/features/internal-wasm-extensions.mdx",266143],"3a843cdd":[()=&gt;r.e("23743").then(r.bind(r,668287)),"@site/versioned_docs/version-next/howto/promql-using-oap.mdx",668287],"3a979227":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("23283")]).then(r.bind(r,410850)),"@site/versioned_docs/version-next/quickstart/permissions.mdx",410850],"3a9d8da4":[()=&gt;r.e("55324").then(r.bind(r,816693)),"@site/versioned_docs/version-next/reference/cli/reference/delete.md",816693],"3aee7809":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("22379")]).then(r.bind(r,775882)),"@site/versioned_docs/version-1.8.x/howto/gateway/end-user-auth-keycloak.mdx",775882],"3af81891":[()=&gt;r.e("60726").then(r.t.bind(r,554488,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-workload-onboarding-quickstart-a17.json",554488],"3b022fc7":[()=&gt;r.e("10404").then(r.t.bind(r,842920,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-registry-v-2-yaml-6a7.json",842920],"3b0260d8":[()=&gt;r.e("35096").then(r.bind(r,174984)),"@site/versioned_docs/version-1.9.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",174984],"3b1850ee":[()=&gt;r.e("60631").then(r.bind(r,699406)),"@site/versioned_docs/version-1.11.x/troubleshooting/identify-underperforming-services.mdx",699406],"3b25803f":[()=&gt;r.e("62299").then(r.bind(r,309462)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/istio_security_direct.mdx",309462],"3b4154e8":[()=&gt;r.e("62934").then(r.t.bind(r,406895,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-howto-wasm-f70.json",406895],"3b4306b8":[()=&gt;r.e("74850").then(r.bind(r,769370)),"@site/versioned_docs/version-1.10.x/refs/tsb/types/v2/types.mdx",769370],"3b443fd7":[()=&gt;r.e("50592").then(r.bind(r,77519)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/cluster.mdx",77519],"3b55a9a1":[()=&gt;r.e("5899").then(r.bind(r,148497)),"@site/versioned_docs/version-1.11.x/refs/audit/v1/audit.mdx",148497],"3b624dc5":[()=&gt;r.e("86059").then(r.bind(r,17804)),"@site/versioned_docs/version-1.6.x/concepts/observability.mdx",17804],"3b84783e":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("99049")]).then(r.bind(r,753864)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/tls-validation.mdx",753864],"3b957cbd":[()=&gt;r.e("46143").then(r.bind(r,992253)),"@site/versioned_docs/version-1.11.x/setup/helm/uninstallation.mdx",992253],"3b9873a9":[()=&gt;r.e("99235").then(r.t.bind(r,974777,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-features-6cc.json",974777],"3ba0d7cf":[()=&gt;r.e("9924").then(r.bind(r,687474)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tctl.mdx",687474],"3baecf44":[()=&gt;r.e("25872").then(r.bind(r,574955)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/status_service.mdx",574955],"3bbb4d90":[()=&gt;r.e("41731").then(r.bind(r,113806)),"@site/versioned_docs/version-1.12.x/reference/yaml-api/guide.mdx",113806],"3bc1e35c":[()=&gt;r.e("31773").then(r.t.bind(r,841529,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-rbac-v-2-yaml-8bf.json",841529],"3bc30d73":[()=&gt;r.e("22388").then(r.bind(r,722891)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/gateway.mdx",722891],"3bd64d97":[()=&gt;r.e("99789").then(r.bind(r,771032)),"@site/versioned_docs/version-1.10.x/operations/features/internal-wasm-extensions.mdx",771032],"3be89bfc":[()=&gt;r.e("39487").then(r.bind(r,77245)),"@site/versioned_docs/version-1.10.x/operations/configure-log-levels.mdx",77245],"3bec870e":[()=&gt;r.e("3867").then(r.bind(r,751017)),"@site/versioned_docs/version-next/operations/vault/istiod-ca.mdx",751017],"3bf10ec6":[()=&gt;r.e("18346").then(r.bind(r,353240)),"@site/versioned_docs/version-1.9.x/troubleshooting/Maximum-header-size-exceed.mdx",353240],"3bfce62f":[()=&gt;r.e("25917").then(r.bind(r,635432)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",635432],"3bfed8da":[()=&gt;r.e("11224").then(r.bind(r,759993)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/cluster_service.mdx",759993],"3bff7e68":[()=&gt;r.e("46781").then(r.t.bind(r,920650,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-auth-v-2-yaml-f6d.json",920650],"3c090b15":[()=&gt;r.e("641").then(r.bind(r,648987)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",648987],"3c296809":[()=&gt;r.e("69874").then(r.bind(r,711655)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/eastwest_gateway.mdx",711655],"3c30e7f9":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("15285")]).then(r.bind(r,270201)),"@site/versioned_docs/version-1.10.x/quickstart/tenant.mdx",270201],"3c34b7a8":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("92019")]).then(r.bind(r,225982)),"@site/versioned_docs/version-1.6.x/howto/traffic/load-balance.mdx",225982],"3c351309":[()=&gt;Promise.all([r.e("86212"),r.e("89150")]).then(r.bind(r,605860)),"@site/versioned_docs/version-1.8.x/concepts/toc.mdx",605860],"3c3a09de":[()=&gt;r.e("28453").then(r.bind(r,61721)),"@site/versioned_docs/version-next/operations/vault/postgresql.mdx",61721],"3c75d444":[()=&gt;r.e("27330").then(r.bind(r,487530)),"@site/versioned_docs/version-next/howto/gitops/clusterrole.mdx",487530],"3c7bfdb8":[()=&gt;r.e("52392").then(r.bind(r,608642)),"@site/versioned_docs/version-1.11.x/operations/telemetry/red-metrics.mdx",608642],"3ca6b710":[()=&gt;r.e("80731").then(r.bind(r,304662)),"@site/versioned_docs/version-next/reference/cli/reference/validate.md",304662],"3cab703f":[()=&gt;r.e("67475").then(r.bind(r,122350)),"@site/versioned_docs/version-1.12.x/refs/install/managementplane/v1alpha1/spec.mdx",122350],"3cb61e9e":[()=&gt;r.e("24318").then(r.t.bind(r,784072,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-observability-telemetry-v-2-grpc-ff9.json",784072],"3cd39340":[()=&gt;r.e("63140").then(r.bind(r,253749)),"@site/versioned_docs/version-next/troubleshooting/Maximum-header-size-exceed.mdx",253749],"3d157bf0":[()=&gt;r.e("8251").then(r.bind(r,200763)),"@site/versioned_docs/version-1.7.x/operations/telemetry/red-metrics.mdx",200763],"3d211261":[()=&gt;Promise.all([r.e("86212"),r.e("58593")]).then(r.bind(r,587762)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",587762],"3d280167":[()=&gt;r.e("23069").then(r.bind(r,36611)),"@site/versioned_docs/version-1.7.x/concepts/configuration-dataflow.mdx",36611],"3d31207b":[()=&gt;r.e("74854").then(r.bind(r,551686)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/istio_gateway_direct.mdx",551686],"3d33e61c":[()=&gt;r.e("25301").then(r.bind(r,821258)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/tier1_gateway.mdx",821258],"3d3638a9":[()=&gt;r.e("43541").then(r.bind(r,479639)),"@site/versioned_docs/version-1.9.x/howto/hpa-using-skywalking.mdx",479639],"3d54864f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("93530")]).then(r.bind(r,334109)),"@site/versioned_docs/version-1.9.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",334109],"3d791e94":[()=&gt;r.e("41076").then(r.bind(r,820102)),"@site/versioned_docs/version-next/concepts/operators/control-plane.mdx",820102],"3d841e12":[()=&gt;r.e("20801").then(r.bind(r,436423)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",436423],"3d9947d4":[()=&gt;r.e("58061").then(r.t.bind(r,546529,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-certificate-518.json",546529],"3dc15572":[()=&gt;r.e("25616").then(r.bind(r,452159)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",452159],"3deeca0c":[()=&gt;r.e("25836").then(r.bind(r,960439)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/security_setting.mdx",960439],"3deed2a6":[()=&gt;r.e("99296").then(r.t.bind(r,117014,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-application-v-2-grpc-36c.json",117014],"3defb21e":[()=&gt;r.e("80827").then(r.bind(r,51518)),"@site/versioned_docs/version-next/operations/features/edge-dns-resolution.mdx",51518],"3dfd7d2d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("50813")]).then(r.bind(r,939808)),"@site/versioned_docs/version-1.7.x/howto/authorization/sidecar.mdx",939808],"3e0f7de2":[()=&gt;r.e("78051").then(r.bind(r,966526)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/traffic-management.mdx",966526],"3e0fdcf6":[()=&gt;r.e("88318").then(r.bind(r,914160)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/config.md",914160],"3e101f25":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("75168")]).then(r.bind(r,495413)),"@site/versioned_docs/version-1.7.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",495413],"3e3abc1c":[()=&gt;r.e("17693").then(r.bind(r,244285)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/guide.mdx",244285],"3e3c6836":[()=&gt;r.e("48754").then(r.bind(r,73279)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",73279],"3e5e7066":[()=&gt;r.e("90782").then(r.t.bind(r,849289,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-observability-telemetry-v-2-grpc-3ea.json",849289],"3e6373ad":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("36723")]).then(r.bind(r,282694)),"@site/versioned_docs/version-1.7.x/quickstart/tenant.mdx",282694],"3e85d046":[()=&gt;r.e("97534").then(r.bind(r,469320)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/status_service.mdx",469320],"3ea1a167":[()=&gt;r.e("29145").then(r.t.bind(r,488424,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-howto-gitops-761.json",488424],"3ea77b24":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("22976")]).then(r.bind(r,631862)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/onboarding-vms.mdx",631862],"3ebb1bd7":[()=&gt;Promise.all([r.e("86212"),r.e("42590")]).then(r.bind(r,170340)),"@site/versioned_docs/version-1.11.x/concepts/toc.mdx",170340],"3ed74c05":[()=&gt;r.e("91439").then(r.bind(r,787614)),"@site/versioned_docs/version-1.7.x/knowledge-base/gitops.mdx",787614],"3efe7e94":[()=&gt;r.e("90212").then(r.bind(r,841518)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/security_setting.mdx",841518],"3f0ed8cd":[()=&gt;r.e("3967").then(r.bind(r,960655)),"@site/versioned_docs/version-next/refs/tsb/security/v2/security_group.mdx",960655],"3f26a03e":[()=&gt;r.e("33269").then(r.bind(r,160856)),"@site/versioned_docs/version-1.9.x/refs/tsb/extension/v2/wasm_service.mdx",160856],"3f2af64a":[()=&gt;r.e("37835").then(r.bind(r,781325)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/gateway_service.mdx",781325],"3f3b39d0":[()=&gt;Promise.all([r.e("86212"),r.e("84154")]).then(r.bind(r,573125)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/toc.mdx",573125],"3f6b853d":[()=&gt;r.e("80535").then(r.bind(r,4802)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/service_route.mdx",4802],"3f6b97ac":[()=&gt;r.e("8191").then(r.t.bind(r,345785,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-troubleshooting-b46.json",345785],"3f8359c6":[()=&gt;r.e("96562").then(r.t.bind(r,699139,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-types-v-2-yaml-9f1.json",699139],"3f8df9b5":[()=&gt;r.e("21545").then(r.bind(r,415768)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/install/v1alpha1/spec.mdx",415768],"3f952fc5":[()=&gt;r.e("2342").then(r.t.bind(r,42816,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-cli-guide-toc-b2d.json",42816],"3fc5f1bc":[()=&gt;r.e("16971").then(r.bind(r,707667)),"@site/versioned_docs/version-1.9.x/howto/service-accounts.mdx",707667],"3fcf88ab":[()=&gt;r.e("36694").then(r.t.bind(r,226656,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-registry-v-2-grpc-c54.json",226656],"3fd695fb":[()=&gt;r.e("56263").then(r.t.bind(r,163292,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-knowledge-base-bc0.json",163292],"3fdccde4":[()=&gt;r.e("45432").then(r.bind(r,287257)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service.mdx",287257],"3ffa122c":[()=&gt;r.e("28326").then(r.t.bind(r,229208,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-observability-telemetry-v-2-grpc-06a.json",229208],"400b5ea0":[()=&gt;Promise.all([r.e("86212"),r.e("36555")]).then(r.bind(r,804979)),"@site/versioned_docs/version-1.9.x/setup/upgrades/gateway-upgrade.mdx",804979],"40121d3a":[()=&gt;r.e("18827").then(r.bind(r,207172)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",207172],"4012ca14":[()=&gt;r.e("7775").then(r.bind(r,451793)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/status.mdx",451793],"40184b3b":[()=&gt;r.e("85982").then(r.bind(r,442215)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",442215],0x267986f:[()=&gt;r.e("2215").then(r.bind(r,759136)),"@site/versioned_docs/version-next/operations/postgresql/backup-and-restore.mdx",759136],"4034f149":[()=&gt;r.e("25990").then(r.bind(r,115734)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/kubectl.mdx",115734],"4037bd6e":[()=&gt;r.e("40192").then(r.bind(r,597552)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/tier1_gateway.mdx",597552],"403fb300":[()=&gt;r.e("3296").then(r.bind(r,432724)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",432724],"4052ffe1":[()=&gt;r.e("87047").then(r.bind(r,641075)),"@site/versioned_docs/version-1.7.x/refs/tsb/traffic/v2/service_route.mdx",641075],"40572d83":[()=&gt;r.e("98772").then(r.bind(r,773456)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/gateway_common.mdx",773456],"40624a5b":[()=&gt;r.e("50566").then(r.bind(r,63835)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/completion.md",63835],"406b59d4":[()=&gt;Promise.all([r.e("86212"),r.e("14711")]).then(r.bind(r,842183)),"@site/versioned_docs/version-1.6.x/setup/self-managed/management-plane-installation.mdx",842183],"40730a4a":[()=&gt;r.e("91809").then(r.bind(r,953217)),"@site/versioned_docs/version-1.10.x/howto/gateway/service-identity-propagation.mdx",953217],"408592d1":[()=&gt;r.e("98820").then(r.bind(r,563329)),"@site/versioned_docs/version-1.12.x/operations/users/user-synchronization.mdx",563329],0x2702da1:[()=&gt;r.e("37970").then(r.bind(r,592525)),"@site/versioned_docs/version-1.12.x/howto/gitops/gitops.mdx",592525],"40ae7af3":[()=&gt;r.e("39359").then(r.bind(r,170533)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/login.md",170533],"40be59f0":[()=&gt;r.e("32706").then(r.bind(r,221369)),"@site/versioned_docs/version-next/operations/elasticsearch/wipe-elastic.mdx",221369],"40cd1571":[()=&gt;r.e("8562").then(r.t.bind(r,136547,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-workload-onboarding-onboarding-agent-a7c.json",136547],"40d45afb":[()=&gt;r.e("25958").then(r.bind(r,842528)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/workspace_service.mdx",842528],"41043b99":[()=&gt;r.e("12263").then(r.t.bind(r,391504,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-workload-onboarding-357.json",391504],"410b86d5":[()=&gt;r.e("12267").then(r.t.bind(r,613133,19)),"@generated/docusaurus-plugin-redoc/1_7_x/__plugin.json",613133],"41169ef1":[()=&gt;Promise.all([r.e("86212"),r.e("20786")]).then(r.bind(r,474087)),"@site/versioned_docs/version-next/howto/authorization/toc.mdx",474087],"4118d128":[()=&gt;r.e("61242").then(r.bind(r,254886)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",254886],"4123af81":[()=&gt;r.e("80871").then(r.bind(r,742119)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",742119],"412cc116":[()=&gt;r.e("13969").then(r.bind(r,103624)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",103624],"41472a81":[()=&gt;r.e("9797").then(r.t.bind(r,795641,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-grpc-api-reference-b02.json",795641],"4147796e":[()=&gt;r.e("73658").then(r.bind(r,387643)),"@site/versioned_docs/version-next/operations/features/streaming-log.mdx",387643],"414ca014":[()=&gt;Promise.all([r.e("86212"),r.e("53700")]).then(r.bind(r,38817)),"@site/versioned_docs/version-1.9.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",38817],"4162a508":[()=&gt;Promise.all([r.e("86212"),r.e("35374")]).then(r.bind(r,124797)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/security.mdx",124797],"41693aae":[()=&gt;r.e("39406").then(r.t.bind(r,168956,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-fdb.json",168956],"417430c8":[()=&gt;r.e("10").then(r.bind(r,409444)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",409444],0x27d82cd:[()=&gt;r.e("16125").then(r.bind(r,40733)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/introduction.mdx",40733],"4179bce1":[()=&gt;r.e("90880").then(r.bind(r,128480)),"@site/versioned_docs/version-1.10.x/concepts/configuration-dataflow.mdx",128480],"41a71775":[()=&gt;r.e("40059").then(r.t.bind(r,193249,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-security-v-2-yaml-181.json",193249],"41aab94f":[()=&gt;r.e("32457").then(r.bind(r,835557)),"@site/versioned_docs/version-1.7.x/operations/users/user-synchronization.mdx",835557],"41ac0881":[()=&gt;r.e("31915").then(r.bind(r,461501)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/tctl.md",461501],"41b09d9c":[()=&gt;r.e("39433").then(r.bind(r,7648)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/experimental.md",7648],"41c14a98":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("94668")]).then(r.bind(r,871707)),"@site/versioned_docs/version-next/howto/gateway/multi-cluster-traffic-shifting.mdx",871707],"41d26cff":[()=&gt;r.e("92182").then(r.t.bind(r,579628,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-k-8-s-api-1c7.json",579628],"41da3fe2":[()=&gt;r.e("53033").then(r.bind(r,22485)),"@site/versioned_docs/version-1.6.x/refs/tsb/traffic/v2/traffic_setting.mdx",22485],"41e08b25":[()=&gt;r.e("68189").then(r.bind(r,207506)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration.mdx",207506],"41e66716":[()=&gt;r.e("1948").then(r.bind(r,14552)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",14552],"41e96dea":[()=&gt;r.e("14740").then(r.bind(r,625513)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/security_access_bindings.mdx",625513],"4200a709":[()=&gt;r.e("79179").then(r.bind(r,148169)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/egress_gateway.mdx",148169],"420dd5c2":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("60639")]).then(r.bind(r,62151)),"@site/versioned_docs/version-1.12.x/howto/traffic/load-balance.mdx",62151],"42116b28":[()=&gt;r.e("62439").then(r.t.bind(r,70711,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-k-8-s-api-tsb-crds-gen-199.json",70711],"422daaff":[()=&gt;r.e("68014").then(r.bind(r,576450)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/managing.mdx",576450],0x28763d6:[()=&gt;r.e("86009").then(r.bind(r,503668)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/gateways-management.mdx",503668],"4262443f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("69747")]).then(r.bind(r,767041)),"@site/versioned_docs/version-1.8.x/howto/traffic/canary-releases.mdx",767041],"4273c0f6":[()=&gt;r.e("34616").then(r.bind(r,666414)),"@site/versioned_docs/version-1.10.x/knowledge-base/faq.mdx",666414],"427ce144":[()=&gt;r.e("52063").then(r.bind(r,978897)),"@site/versioned_docs/version-1.9.x/refs/install/controlplane/v1alpha1/spec.mdx",978897],"42947c93":[()=&gt;r.e("47233").then(r.bind(r,960291)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/overview.mdx",960291],"42a189b1":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("93597")]).then(r.bind(r,10224)),"@site/versioned_docs/version-1.11.x/howto/authorization/sidecar.mdx",10224],"42af8a74":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("59029")]).then(r.bind(r,557332)),"@site/versioned_docs/version-1.8.x/design-guides/ha-dr-mp/index.mdx",557332],"42bc354b":[()=&gt;r.e("65918").then(r.bind(r,242688)),"@site/versioned_docs/version-1.10.x/setup/helm/uninstallation.mdx",242688],"42d74de6":[()=&gt;r.e("87600").then(r.t.bind(r,884094,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-release-notes-announcements-a06.json",884094],"42f10288":[()=&gt;r.e("37126").then(r.bind(r,149530)),"@site/versioned_docs/version-next/howto/traffic/configure-multi-port-service-route.mdx",149530],"42fb07b0":[()=&gt;r.e("31527").then(r.bind(r,313462)),"@site/versioned_docs/version-1.7.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",313462],"4302c4c2":[()=&gt;r.e("29712").then(r.bind(r,269868)),"@site/versioned_docs/version-1.12.x/reference/rest-api/guide.mdx",269868],"43156df3":[()=&gt;r.e("49180").then(r.bind(r,562180)),"@site/versioned_docs/version-1.6.x/operations/features/configure-gitops.mdx",562180],"431ea5d2":[()=&gt;r.e("16522").then(r.bind(r,197964)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/organization_service.mdx",197964],"432482e9":[()=&gt;r.e("26972").then(r.bind(r,489666)),"@site/versioned_docs/version-1.12.x/howto/promql-using-skywalking.mdx",489666],"4343cac6":[()=&gt;r.e("34468").then(r.bind(r,942249)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/audit.md",942249],"43491b67":[()=&gt;r.e("33317").then(r.bind(r,565478)),"@site/versioned_docs/version-1.6.x/setup/helm/managementplane.mdx",565478],"435c4f42":[()=&gt;r.e("57827").then(r.bind(r,598996)),"@site/versioned_docs/version-1.12.x/operations/users/admin-password.mdx",598996],"435dc9de":[()=&gt;r.e("8466").then(r.bind(r,581581)),"@site/versioned_docs/version-1.10.x/index.mdx",581581],"436037e1":[()=&gt;r.e("19842").then(r.bind(r,292108)),"@site/versioned_docs/version-next/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",292108],"437c743f":[()=&gt;r.e("54860").then(r.t.bind(r,335907,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-workload-onboarding-bef.json",335907],0x29d1c2c:[()=&gt;r.e("48462").then(r.t.bind(r,207978,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-certificate-548.json",207978],"4394a411":[()=&gt;r.e("3642").then(r.bind(r,178635)),"@site/versioned_docs/version-1.11.x/howto/gitops/argo-rollouts.mdx",178635],"43a98178":[()=&gt;r.e("14817").then(r.bind(r,70736)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tctl.mdx",70736],"43b1471b":[()=&gt;r.e("80979").then(r.bind(r,825700)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",825700],"43b2390f":[()=&gt;r.e("96448").then(r.bind(r,607730)),"@site/versioned_docs/version-next/howto/gateway/app-ingress.mdx",607730],"43d3582f":[()=&gt;r.e("50115").then(r.bind(r,152454)),"@site/versioned_docs/version-1.8.x/knowledge-base/faq.mdx",152454],"43f9dfc2":[()=&gt;r.e("36204").then(r.bind(r,516913)),"@site/versioned_docs/version-1.8.x/setup/resource-planning.mdx",516913],"4411e01d":[()=&gt;r.e("6843").then(r.bind(r,197826)),"@site/versioned_docs/version-1.12.x/operations/telemetry/new-relic.mdx",197826],"4418571f":[()=&gt;r.e("41513").then(r.t.bind(r,162530,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-certificate-6f5.json",162530],"4430390f":[()=&gt;Promise.all([r.e("86212"),r.e("16445")]).then(r.bind(r,174684)),"@site/versioned_docs/version-1.10.x/setup/firewall-information.mdx",174684],"44323ab7":[()=&gt;r.e("15307").then(r.bind(r,690043)),"@site/versioned_docs/version-1.6.x/reference/samples/httpbin.mdx",690043],"44466b80":[()=&gt;r.e("88633").then(r.bind(r,126481)),"@site/versioned_docs/version-next/operations/telemetry/distributed-tracing.md",126481],"445e5eda":[()=&gt;r.e("55148").then(r.bind(r,572813)),"@site/versioned_docs/version-1.12.x/operations/migrate-organization.mdx",572813],"446a9238":[()=&gt;r.e("88749").then(r.t.bind(r,669024,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-v-2-yaml-f8a.json",669024],"446d1c18":[()=&gt;r.e("6400").then(r.bind(r,356471)),"@site/versioned_docs/version-1.12.x/operations/features/tier1-in-app-cluster.mdx",356471],"446eabbd":[()=&gt;r.e("5595").then(r.bind(r,87721)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/plane/generator/v1alpha1/version.mdx",87721],"449d8fde":[()=&gt;r.e("36293").then(r.bind(r,919242)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/demo-2.mdx",919242],"44b98fce":[()=&gt;r.e("49792").then(r.bind(r,417320)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/internal-rate-limiting.mdx",417320],"44c9179f":[()=&gt;r.e("22052").then(r.bind(r,886107)),"@site/versioned_docs/version-1.7.x/howto/gateway/service-identity-propagation.mdx",886107],"44cab975":[()=&gt;r.e("60882").then(r.t.bind(r,352413,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-workload-onboarding-28e.json",352413],"44e7c0cb":[()=&gt;r.e("84339").then(r.bind(r,810844)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",810844],"44fbc43f":[()=&gt;Promise.all([r.e("86212"),r.e("84536")]).then(r.bind(r,718399)),"@site/versioned_docs/version-1.12.x/setup/requirements-and-download.mdx",718399],"44fe5a99":[()=&gt;r.e("89515").then(r.t.bind(r,315278,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-troubleshooting-d33.json",315278],"452fd953":[()=&gt;r.e("3465").then(r.t.bind(r,130944,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-extension-v-2-yaml-d8c.json",130944],"453067f0":[()=&gt;r.e("20143").then(r.t.bind(r,105083,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-327.json",105083],"4534c600":[()=&gt;r.e("73264").then(r.bind(r,648323)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service.mdx",648323],"4556949b":[()=&gt;r.e("48347").then(r.bind(r,360764)),"@site/versioned_docs/version-next/setup/aws/container-marketplace.mdx",360764],0x2bc8944:[()=&gt;r.e("15817").then(r.bind(r,355710)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/gateway_service.mdx",355710],"459a3b2c":[()=&gt;r.e("91864").then(r.bind(r,155249)),"@site/versioned_docs/version-1.10.x/concepts/operators/data-plane.mdx",155249],"45a946ba":[()=&gt;r.e("35377").then(r.bind(r,655082)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-concepts.mdx",655082],"45e0d3b3":[()=&gt;Promise.all([r.e("86212"),r.e("97496")]).then(r.bind(r,673494)),"@site/versioned_docs/version-1.12.x/setup/upgrades/revisioned-to-revisioned.mdx",673494],"45e8127f":[()=&gt;Promise.all([r.e("86212"),r.e("23300")]).then(r.bind(r,930664)),"@site/versioned_docs/version-1.12.x/setup/self-managed/toc.mdx",930664],"45facafd":[()=&gt;r.e("96374").then(r.bind(r,787272)),"@site/versioned_docs/version-next/setup/components.mdx",787272],"4649ea25":[()=&gt;r.e("86763").then(r.bind(r,481262)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/tenant_service.mdx",481262],"465adca1":[()=&gt;r.e("71842").then(r.bind(r,941694)),"@site/versioned_docs/version-1.7.x/operations/features/istio-cni.mdx",941694],"46608d67":[()=&gt;r.e("89859").then(r.bind(r,397487)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",397487],"4679083d":[()=&gt;r.e("22662").then(r.bind(r,300111)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",300111],"4679f4b8":[()=&gt;r.e("35672").then(r.bind(r,444579)),"@site/versioned_docs/version-1.12.x/operations/configure-log-levels.mdx",444579],"46996d88":[()=&gt;r.e("24348").then(r.t.bind(r,706069,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-category-working-with-tetrate-customer-support-e9b.json",706069],"46a540d5":[()=&gt;r.e("31976").then(r.bind(r,876269)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/status.mdx",876269],"46aad18b":[()=&gt;r.e("87909").then(r.bind(r,546156)),"@site/versioned_docs/version-1.11.x/operations/features/enable-config-protection.mdx",546156],"46c40383":[()=&gt;r.e("4766").then(r.bind(r,901444)),"@site/versioned_docs/version-1.10.x/setup/helm/upgrade.mdx",901444],"46cb5562":[()=&gt;r.e("89682").then(r.bind(r,590633)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user.md",590633],"46eef56e":[()=&gt;r.e("73590").then(r.t.bind(r,548350,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-types-v-2-yaml-18c.json",548350],"46f46045":[()=&gt;r.e("31839").then(r.t.bind(r,635893,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-observability-telemetry-v-2-yaml-fe0.json",635893],"470a45f1":[()=&gt;r.e("49992").then(r.bind(r,700852)),"@site/versioned_docs/version-next/setup/tctl-connect.mdx",700852],"472a7df8":[()=&gt;r.e("34474").then(r.bind(r,610811)),"@site/versioned_docs/version-1.8.x/operations/multiple-iam-keys.mdx",610811],"4740cd1f":[()=&gt;r.e("2903").then(r.bind(r,92051)),"@site/versioned_docs/version-next/refs/tsb/types/v2/types.mdx",92051],"474fe745":[()=&gt;r.e("91986").then(r.t.bind(r,355029,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_9_x/redocApiLayoutV1-1_9_x.json",355029],"47803c86":[()=&gt;r.e("66955").then(r.bind(r,409609)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/organization.mdx",409609],"478507bf":[()=&gt;Promise.all([r.e("86212"),r.e("52902")]).then(r.bind(r,730388)),"@site/versioned_docs/version-1.8.x/design-guides/ha-dr-mp/ha-managementplane.mdx",730388],"478fc62c":[()=&gt;r.e("11615").then(r.t.bind(r,162618,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-cli-8f8.json",162618],"47a8918b":[()=&gt;r.e("34053").then(r.bind(r,551171)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/internal-rate-limiting.mdx",551171],"47b1a6b7":[()=&gt;r.e("49452").then(r.bind(r,986459)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-terminology.mdx",986459],"47b40343":[()=&gt;r.e("68065").then(r.t.bind(r,121458,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-k-8-s-api-1c1.json",121458],"47fd25b2":[()=&gt;r.e("72425").then(r.bind(r,460499)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",460499],"481bf971":[()=&gt;r.e("31670").then(r.bind(r,989986)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",989986],"481f326f":[()=&gt;r.e("63121").then(r.t.bind(r,547014,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-application-v-2-grpc-1e8.json",547014],"482e9f02":[()=&gt;r.e("25047").then(r.bind(r,776726)),"@site/versioned_docs/version-1.9.x/cheatsheet/index.mdx",776726],"48329dd8":[()=&gt;r.e("58982").then(r.bind(r,619563)),"@site/versioned_docs/version-next/operations/lower-istio-resources.mdx",619563],"48529bdb":[()=&gt;r.e("24883").then(r.bind(r,48165)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",48165],"4859ecf5":[()=&gt;r.e("36048").then(r.bind(r,860004)),"@site/versioned_docs/version-1.9.x/setup/helm/controlplane.mdx",860004],"48638a0c":[()=&gt;r.e("34249").then(r.t.bind(r,842285,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-tags-featured-328.json",842285],"4877b4db":[()=&gt;r.e("13464").then(r.bind(r,586097)),"@site/versioned_docs/version-1.11.x/howto/authorization/tier1-gateway.mdx",586097],"48917fe9":[()=&gt;r.e("46125").then(r.bind(r,109774)),"@site/versioned_docs/version-1.11.x/refs/tsb/segmentation/v1/membership.mdx",109774],"48944ffd":[()=&gt;r.e("56385").then(r.bind(r,303509)),"@site/versioned_docs/version-1.11.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",303509],"48a0235c":[()=&gt;r.e("45497").then(r.t.bind(r,386292,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-knowledge-base-290.json",386292],"48a9d6b6":[()=&gt;r.e("72736").then(r.t.bind(r,969137,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-features-a7e.json",969137],"48aedf3c":[()=&gt;r.e("293").then(r.bind(r,348606)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/gateway_common.mdx",348606],"48c4a2dd":[()=&gt;r.e("20744").then(r.bind(r,571339)),"@site/versioned_docs/version-1.6.x/knowledge-base/faq.mdx",571339],"48d4fb1d":[()=&gt;r.e("2395").then(r.bind(r,267432)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",267432],"48e33614":[()=&gt;Promise.all([r.e("86212"),r.e("73267")]).then(r.bind(r,181581)),"@site/versioned_docs/version-1.6.x/setup/upgrades/cni-upgrade.mdx",181581],"49543ceb":[()=&gt;r.e("19997").then(r.bind(r,560842)),"@site/versioned_docs/version-1.11.x/workingwithsupport/workingWithTetrateSupport.mdx",560842],"496afda9":[()=&gt;Promise.all([r.e("86212"),r.e("52383")]).then(r.bind(r,868039)),"@site/versioned_docs/version-1.10.x/setup/upgrades/non-revisioned-to-revisioned.mdx",868039],0x2f711c3:[()=&gt;Promise.all([r.e("86212"),r.e("29957")]).then(r.bind(r,377812)),"@site/versioned_docs/version-1.6.x/setup/helm/toc.mdx",377812],"4977adce":[()=&gt;r.e("33472").then(r.bind(r,607698)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/tenant_setting.mdx",607698],"498318d6":[()=&gt;r.e("1882").then(r.bind(r,324328)),"@site/versioned_docs/version-1.8.x/release-notes.mdx",324328],"4992a5cb":[()=&gt;r.e("74164").then(r.bind(r,250249)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",250249],"49b8bd5a":[()=&gt;r.e("786").then(r.t.bind(r,219785,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-traffic-v-2-yaml-10e.json",219785],"49c50ce2":[()=&gt;r.e("62042").then(r.bind(r,730802)),"@site/versioned_docs/version-next/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",730802],"49d013d4":[()=&gt;r.e("44303").then(r.bind(r,816610)),"@site/versioned_docs/version-1.10.x/operations/features/streaming-log.mdx",816610],"49d2383f":[()=&gt;r.e("20752").then(r.bind(r,245821)),"@site/versioned_docs/version-next/troubleshooting/configuration-status.mdx",245821],"49dc1835":[()=&gt;r.e("32564").then(r.bind(r,218523)),"@site/versioned_docs/version-1.6.x/operations/users/admin-password.mdx",218523],"4a03c170":[()=&gt;r.e("9514").then(r.bind(r,799595)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/workload-entry-annotations.md",799595],"4a4f1ebd":[()=&gt;r.e("33071").then(r.bind(r,426785)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/gateways-management.mdx",426785],"4a572e8d":[()=&gt;r.e("69252").then(r.bind(r,441285)),"@site/versioned_docs/version-1.8.x/concepts/architecture.mdx",441285],"4a6ca390":[()=&gt;r.e("2041").then(r.bind(r,883488)),"@site/versioned_docs/version-1.7.x/setup/helm/helm.mdx",883488],"4a8825c4":[()=&gt;r.e("13162").then(r.bind(r,571456)),"@site/versioned_docs/version-1.7.x/concepts/operators/management-plane.mdx",571456],"4a8dac84":[()=&gt;Promise.all([r.e("86212"),r.e("37373")]).then(r.bind(r,330952)),"@site/versioned_docs/version-1.10.x/setup/self-managed/toc.mdx",330952],"4a9225a9":[()=&gt;r.e("67934").then(r.bind(r,438929)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/service_traffic_setting.mdx",438929],"4a92ae2a":[()=&gt;r.e("61392").then(r.bind(r,395434)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/team.mdx",395434],"4a9c4f13":[()=&gt;r.e("12316").then(r.bind(r,875008)),"@site/versioned_docs/version-1.6.x/operations/postgresql.mdx",875008],"4a9dc307":[()=&gt;r.e("68041").then(r.bind(r,196818)),"@site/versioned_docs/version-1.7.x/index.mdx",196818],"4aa82cac":[()=&gt;Promise.all([r.e("86212"),r.e("86341")]).then(r.bind(r,160140)),"@site/versioned_docs/version-1.12.x/release-notes-announcements/announcement.mdx",160140],"4aaa19ea":[()=&gt;r.e("18604").then(r.bind(r,17449)),"@site/versioned_docs/version-1.12.x/reference/samples/httpbin.mdx",17449],"4aac2e39":[()=&gt;r.e("71127").then(r.bind(r,866802)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",866802],"4ab6ba49":[()=&gt;r.e("25759").then(r.bind(r,126043)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/security_service.mdx",126043],"4abaf2ab":[()=&gt;r.e("36495").then(r.bind(r,129355)),"@site/versioned_docs/version-1.11.x/refs/tsb/registry/v2/service.mdx",129355],"4affa24a":[()=&gt;r.e("61737").then(r.t.bind(r,19443,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-category-working-with-tetrate-customer-support-e33.json",19443],"4b02454d":[()=&gt;r.e("84831").then(r.bind(r,706078)),"@site/versioned_docs/version-1.7.x/operations/telemetry/telemetry-architecture.mdx",706078],"4b07e177":[()=&gt;r.e("15749").then(r.bind(r,431092)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/service_route.mdx",431092],"4b12423d":[()=&gt;r.e("32861").then(r.bind(r,861540)),"@site/versioned_docs/version-1.12.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",861540],"4b16773f":[()=&gt;r.e("19855").then(r.bind(r,632727)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/tier1_gateway.mdx",632727],"4b175ff9":[()=&gt;r.e("77126").then(r.bind(r,601822)),"@site/versioned_docs/version-1.7.x/operations/telemetry/distributed-tracing.md",601822],"4b2de0d6":[()=&gt;r.e("71099").then(r.bind(r,262170)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",262170],"4b309bd5":[()=&gt;r.e("15229").then(r.bind(r,559750)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",559750],"4b4b8715":[()=&gt;r.e("27742").then(r.t.bind(r,243495,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-workload-onboarding-884.json",243495],"4b85da75":[()=&gt;r.e("96705").then(r.bind(r,475998)),"@site/versioned_docs/version-1.7.x/operations/vault/elasticsearch.mdx",475998],"4ba0c005":[()=&gt;r.e("61232").then(r.bind(r,720146)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/managing.mdx",720146],"4bb51381":[()=&gt;r.e("37626").then(r.bind(r,382287)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",382287],"4bc5aae3":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("98394")]).then(r.bind(r,213758)),"@site/versioned_docs/version-next/howto/traffic/canary-releases.mdx",213758],"4bca3d80":[()=&gt;r.e("46622").then(r.bind(r,780594)),"@site/versioned_docs/version-1.10.x/refs/tsb/extension/v2/wasm_extension.mdx",780594],"4bfb24ff":[()=&gt;r.e("12823").then(r.bind(r,153765)),"@site/versioned_docs/version-1.8.x/howto/wasm/wasm-overview.mdx",153765],"4bff8653":[()=&gt;r.e("45445").then(r.t.bind(r,58279,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-tags-tsb-concepts-fa4.json",58279],"4c0defcf":[()=&gt;r.e("49021").then(r.bind(r,891744)),"@site/versioned_docs/version-1.9.x/operations/lower-istio-resources.mdx",891744],"4c13a267":[()=&gt;r.e("67231").then(r.bind(r,897393)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/ecs-workloads.mdx",897393],"4c2c8e3a":[()=&gt;r.e("71982").then(r.t.bind(r,682203,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-3fc.json",682203],"4c3ad296":[()=&gt;r.e("21152").then(r.t.bind(r,38791,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-upgrades-600.json",38791],"4c460ab8":[()=&gt;r.e("64673").then(r.bind(r,536926)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",536926],"4c5a3e18":[()=&gt;r.e("73190").then(r.bind(r,762322)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/gateway_service.mdx",762322],"4c643375":[()=&gt;r.e("98984").then(r.bind(r,412616)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/overview.mdx",412616],"4c917532":[()=&gt;r.e("266").then(r.bind(r,871203)),"@site/versioned_docs/version-1.11.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",871203],"4c9eb094":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("32187")]).then(r.bind(r,441629)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/index.mdx",441629],"4caee71a":[()=&gt;r.e("74260").then(r.bind(r,208590)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/service-to-service.mdx",208590],"4caf7c18":[()=&gt;r.e("62811").then(r.bind(r,3569)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",3569],"4cb2cf3b":[()=&gt;Promise.all([r.e("86212"),r.e("22749")]).then(r.bind(r,102111)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/cross-cluster.mdx",102111],"4cb9c0da":[()=&gt;r.e("42901").then(r.bind(r,463410)),"@site/versioned_docs/version-1.6.x/refs/tsb/q/v2/permissions_service.mdx",463410],"4cddd0f4":[()=&gt;Promise.all([r.e("86212"),r.e("35231")]).then(r.bind(r,981405)),"@site/versioned_docs/version-next/quickstart/security.mdx",981405],"4ce687b9":[()=&gt;r.e("67535").then(r.bind(r,991396)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/ingress_gateway.mdx",991396],"4ce8e184":[()=&gt;r.e("83806").then(r.bind(r,823771)),"@site/versioned_docs/version-1.9.x/howto/authorization/ingress-gateway.mdx",823771],"4cf33db0":[()=&gt;r.e("28403").then(r.bind(r,270489)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/api_access_bindings.mdx",270489],"4cff0c3d":[()=&gt;r.e("51627").then(r.bind(r,448009)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/organization_access_bindings.mdx",448009],"4d118c33":[()=&gt;r.e("88102").then(r.t.bind(r,465339,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-cli-reference-080.json",465339],"4d19eeae":[()=&gt;Promise.all([r.e("86212"),r.e("29624")]).then(r.bind(r,768377)),"@site/versioned_docs/version-1.6.x/setup/upgrades/non-revisioned-to-revisioned.mdx",768377],"4d2458f6":[()=&gt;r.e("63252").then(r.bind(r,182222)),"@site/versioned_docs/version-1.11.x/refs/tsb/application/v2/application.mdx",182222],"4d30040a":[()=&gt;r.e("55673").then(r.bind(r,139195)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",139195],"4d6d1765":[()=&gt;r.e("39957").then(r.bind(r,367892)),"@site/versioned_docs/version-1.6.x/index.mdx",367892],"4d7a98ea":[()=&gt;r.e("87776").then(r.bind(r,732524)),"@site/versioned_docs/version-1.10.x/setup/isolation-boundaries-installation.mdx",732524],"4d80266e":[()=&gt;r.e("42571").then(r.bind(r,230793)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user.md",230793],"4d8c7740":[()=&gt;r.e("25853").then(r.bind(r,538294)),"@site/versioned_docs/version-1.11.x/setup/certificate/certificate-setup.mdx",538294],"4dd99cbf":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("4592")]).then(r.bind(r,687173)),"@site/versioned_docs/version-1.10.x/quickstart/permissions.mdx",687173],"4e433d6f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("53983")]).then(r.bind(r,94248)),"@site/versioned_docs/version-1.10.x/design-guides/index.mdx",94248],"4e435c1e":[()=&gt;r.e("95134").then(r.t.bind(r,30434,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-samples-2ba.json",30434],"4e6ff710":[()=&gt;r.e("38956").then(r.t.bind(r,288329,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-workload-onboarding-onboarding-agent-a5d.json",288329],"4e828270":[()=&gt;r.e("47243").then(r.bind(r,501391)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/access_bindings.mdx",501391],"4e947938":[()=&gt;r.e("55995").then(r.bind(r,212217)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user.md",212217],"4e961591":[()=&gt;r.e("90735").then(r.t.bind(r,17529,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-howto-wasm-725.json",17529],"4e9aa3e8":[()=&gt;r.e("96883").then(r.bind(r,359736)),"@site/versioned_docs/version-1.8.x/refs/tsb/auth/v2/auth.mdx",359736],"4eb69166":[()=&gt;r.e("61863").then(r.bind(r,523972)),"@site/versioned_docs/version-1.11.x/concepts/architecture.mdx",523972],"4ec0ec8b":[()=&gt;r.e("37432").then(r.bind(r,751411)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/overview.mdx",751411],"4edc2365":[()=&gt;r.e("2999").then(r.bind(r,936435)),"@site/versioned_docs/version-1.12.x/setup/aws/vpc.mdx",936435],"4ef42de6":[()=&gt;r.e("63368").then(r.bind(r,261408)),"@site/versioned_docs/version-next/reference/samples/httpbin.mdx",261408],"4f02b98e":[()=&gt;r.e("93490").then(r.bind(r,327944)),"@site/versioned_docs/version-1.10.x/howto/wasm/wasm-overview.mdx",327944],"4f174281":[()=&gt;r.e("45574").then(r.bind(r,702296)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",702296],"4f1b26a4":[()=&gt;r.e("48535").then(r.bind(r,446065)),"@site/versioned_docs/version-1.9.x/concepts/configuration-dataflow.mdx",446065],"4f20881c":[()=&gt;r.e("95255").then(r.t.bind(r,911378,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-howto-gateway-ad6.json",911378],"4f268e22":[()=&gt;r.e("10017").then(r.bind(r,825555)),"@site/versioned_docs/version-next/setup/remote-registry.mdx",825555],"4f28a6dd":[()=&gt;r.e("66489").then(r.bind(r,500618)),"@site/versioned_docs/version-next/refs/tsb/v2/info.mdx",500618],"4f462609":[()=&gt;Promise.all([r.e("86212"),r.e("3383")]).then(r.bind(r,653395)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/monitor.mdx",653395],"4f4e75d8":[()=&gt;r.e("35888").then(r.bind(r,245736)),"@site/versioned_docs/version-1.9.x/howto/wasm/wasm-proxy.mdx",245736],"4f5b165e":[()=&gt;r.e("17695").then(r.bind(r,860748)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/edge-failover.mdx",860748],"4f62dceb":[()=&gt;r.e("89382").then(r.bind(r,779934)),"@site/versioned_docs/version-1.10.x/howto/wasm/wasm-extension.mdx",779934],"4f78d3c2":[()=&gt;r.e("35246").then(r.bind(r,692528)),"@site/versioned_docs/version-1.12.x/knowledge-base/gitops.mdx",692528],"4f7b4c59":[()=&gt;r.e("17899").then(r.bind(r,449642)),"@site/versioned_docs/version-next/reference/cli/reference/experimental.md",449642],"4f99910f":[()=&gt;r.e("96554").then(r.bind(r,179306)),"@site/versioned_docs/version-1.8.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",179306],"4fa84d71":[()=&gt;r.e("12511").then(r.t.bind(r,900094,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-postgresql-ad3.json",900094],"4fb371e4":[()=&gt;r.e("29262").then(r.bind(r,195125)),"@site/versioned_docs/version-1.10.x/howto/gateway/configure-oidc.mdx",195125],"4fcaea58":[()=&gt;r.e("18318").then(r.bind(r,892253)),"@site/versioned_docs/version-1.12.x/operations/multiple-iam-keys.mdx",892253],"4fe1667b":[()=&gt;r.e("32895").then(r.t.bind(r,181887,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-vault-5ce.json",181887],"4fe8ca85":[()=&gt;r.e("65749").then(r.bind(r,763823)),"@site/versioned_docs/version-1.12.x/troubleshooting/identify-underperforming-services.mdx",763823],"4fef3dc6":[()=&gt;r.e("51848").then(r.bind(r,225049)),"@site/versioned_docs/version-1.8.x/operations/graceful-connection-drain.mdx",225049],"5011829b":[()=&gt;r.e("82157").then(r.bind(r,539432)),"@site/versioned_docs/version-next/operations/features/tier1-in-app-cluster.mdx",539432],"50398ce9":[()=&gt;r.e("79105").then(r.bind(r,569851)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/edge-failover.mdx",569851],0x3012ae4:[()=&gt;r.e("37506").then(r.bind(r,468476)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/istio_security_direct.mdx",468476],"50690ad4":[()=&gt;Promise.all([r.e("86212"),r.e("11385")]).then(r.bind(r,449835)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/toc.mdx",449835],"506cf6dc":[()=&gt;r.e("23478").then(r.bind(r,572709)),"@site/versioned_docs/version-1.6.x/troubleshooting/Maximum-header-size-exceed.mdx",572709],"50a00566":[()=&gt;r.e("21907").then(r.bind(r,314004)),"@site/versioned_docs/version-1.7.x/howto/gateway/app-ingress.mdx",314004],"50a6f15b":[()=&gt;Promise.all([r.e("86212"),r.e("92161")]).then(r.bind(r,78383)),"@site/versioned_docs/version-1.6.x/release-notes-announcements/toc.mdx",78383],"50c93133":[()=&gt;Promise.all([r.e("86212"),r.e("53475")]).then(r.bind(r,81566)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/manual/reinstall.mdx",81566],"50e0671a":[()=&gt;r.e("98836").then(r.bind(r,817998)),"@site/versioned_docs/version-1.6.x/setup/helm/helm.mdx",817998],"50ee9227":[()=&gt;r.e("59700").then(r.bind(r,467995)),"@site/versioned_docs/version-1.11.x/operations/features/deletion-protection.mdx",467995],"50fc1440":[()=&gt;Promise.all([r.e("86212"),r.e("84997")]).then(r.bind(r,500353)),"@site/versioned_docs/version-1.11.x/setup/requirements-and-download.mdx",500353],"5104265c":[()=&gt;r.e("44274").then(r.bind(r,696844)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",696844],"5107d2f6":[()=&gt;r.e("519").then(r.bind(r,482117)),"@site/versioned_docs/version-1.10.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",482117],"510ebeec":[()=&gt;r.e("79874").then(r.bind(r,110721)),"@site/versioned_docs/version-next/howto/traffic/migrating-VM-monoliths.mdx",110721],"5125f0bf":[()=&gt;r.e("40741").then(r.bind(r,258822)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/auth.mdx",258822],"512e5800":[()=&gt;r.e("14557").then(r.bind(r,918822)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/policy_service.mdx",918822],"512f638b":[()=&gt;r.e("97425").then(r.bind(r,448298)),"@site/versioned_docs/version-1.6.x/operations/multiple-iam-keys.mdx",448298],"51419fec":[()=&gt;Promise.all([r.e("86212"),r.e("13514")]).then(r.bind(r,295253)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/prepare.mdx",295253],"5150fc97":[()=&gt;r.e("95552").then(r.bind(r,203967)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/service_security_setting.mdx",203967],"51647a56":[()=&gt;r.e("29277").then(r.bind(r,317117)),"@site/versioned_docs/version-next/refs/tsb/security/v2/security_setting.mdx",317117],"5176829c":[()=&gt;r.e("46239").then(r.t.bind(r,643765,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-application-v-2-yaml-1b3.json",643765],"517ce797":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("50349")]).then(r.bind(r,717565)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/tls-validation.mdx",717565],"517d0707":[()=&gt;r.e("6518").then(r.bind(r,133039)),"@site/versioned_docs/version-1.8.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",133039],"519b15da":[()=&gt;r.e("81810").then(r.t.bind(r,738098,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-yaml-api-reference-9c0.json",738098],"51d367ac":[()=&gt;r.e("30662").then(r.bind(r,578596)),"@site/versioned_docs/version-1.12.x/operations/telemetry/alerting-guidelines.mdx",578596],"51eb4bb1":[()=&gt;Promise.all([r.e("86212"),r.e("31602")]).then(r.bind(r,592148)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/cluster-failover.mdx",592148],"51f0ccfe":[()=&gt;r.e("27494").then(r.bind(r,248921)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",248921],"51f7b697":[()=&gt;r.e("94778").then(r.bind(r,879541)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",879541],"522d27d4":[()=&gt;r.e("28669").then(r.t.bind(r,868251,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-workload-onboarding-quickstart-0d0.json",868251],"525e0f00":[()=&gt;r.e("38996").then(r.t.bind(r,680172,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-howto-traffic-e4a.json",680172],"526365f4":[()=&gt;r.e("30293").then(r.bind(r,585933)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/ui.md",585933],"526cab4c":[()=&gt;r.e("98620").then(r.bind(r,772370)),"@site/versioned_docs/version-1.12.x/howto/authorization/ingress-gateway.mdx",772370],"52854b71":[()=&gt;r.e("3443").then(r.bind(r,540626)),"@site/versioned_docs/version-1.7.x/reference/samples/opa.mdx",540626],"5286bd3f":[()=&gt;r.e("11339").then(r.t.bind(r,666272,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-features-3d7.json",666272],"529e837b":[()=&gt;r.e("55613").then(r.t.bind(r,965361,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-howto-gitops-75b.json",965361],"52a0ab15":[()=&gt;r.e("70119").then(r.t.bind(r,242461,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-install-37a.json",242461],"52b4cb21":[()=&gt;r.e("20431").then(r.bind(r,530197)),"@site/versioned_docs/version-1.7.x/howto/gateway/egress-gateways.mdx",530197],"52baab58":[()=&gt;r.e("11234").then(r.t.bind(r,463774,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-quickstart-fe9.json",463774],"52cac16b":[()=&gt;r.e("44730").then(r.bind(r,889105)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/permissions.mdx",889105],"52e819e2":[()=&gt;r.e("28455").then(r.bind(r,525900)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",525900],"52fb5c94":[()=&gt;r.e("17958").then(r.t.bind(r,407052,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-cli-0fd.json",407052],"530c60be":[()=&gt;r.e("54265").then(r.t.bind(r,374002,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-vault-69c.json",374002],"5326049a":[()=&gt;r.e("41233").then(r.bind(r,98400)),"@site/versioned_docs/version-next/refs/tsb/v2/team.mdx",98400],0x32fb55e:[()=&gt;r.e("8501").then(r.bind(r,583491)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/status.md",583491],"5354a14f":[()=&gt;r.e("91178").then(r.bind(r,482909)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",482909],"535d00af":[()=&gt;r.e("42092").then(r.bind(r,459029)),"@site/versioned_docs/version-1.10.x/troubleshooting/troubleshooting.mdx",459029],"536d87a2":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("9364")]).then(r.bind(r,587642)),"@site/versioned_docs/version-1.11.x/quickstart/ingress-gateway.mdx",587642],"537a299d":[()=&gt;r.e("65617").then(r.bind(r,336703)),"@site/versioned_docs/version-1.10.x/refs/private/iam/v1/iam.mdx",336703],0x3357624:[()=&gt;r.e("20300").then(r.bind(r,136277)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io.md",136277],"5383d13c":[()=&gt;r.e("60862").then(r.bind(r,24817)),"@site/versioned_docs/version-1.7.x/howto/wasm/wasm-extension.mdx",24817],"538626d8":[()=&gt;r.e("93577").then(r.bind(r,764007)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",764007],"5392d25a":[()=&gt;r.e("63597").then(r.bind(r,278893)),"@site/versioned_docs/version-1.8.x/setup/helm/controlplane.mdx",278893],"53babb18":[()=&gt;r.e("92336").then(r.bind(r,410109)),"@site/versioned_docs/version-1.12.x/operations/features/gateway-deletion-webhook.mdx",410109],"53e1c230":[()=&gt;r.e("80299").then(r.bind(r,639586)),"@site/versioned_docs/version-1.8.x/howto/gateway/egress-gateways.mdx",639586],"53f65bb7":[()=&gt;r.e("8088").then(r.bind(r,396553)),"@site/versioned_docs/version-next/reference/cli/reference/tctl.md",396553],"53f77020":[()=&gt;r.e("38349").then(r.bind(r,400152)),"@site/versioned_docs/version-1.9.x/operations/features/configure-cluster-external-addresses.mdx",400152],"540b034a":[()=&gt;r.e("69553").then(r.bind(r,563402)),"@site/versioned_docs/version-1.7.x/howto/waf.mdx",563402],"5415007f":[()=&gt;r.e("9403").then(r.bind(r,644507)),"@site/versioned_docs/version-1.10.x/setup/helm/managementplane.mdx",644507],"5418518e":[()=&gt;r.e("47385").then(r.bind(r,737501)),"@site/versioned_docs/version-1.10.x/operations/postgresql/auditlog-retention.mdx",737501],"5439758e":[()=&gt;r.e("78628").then(r.t.bind(r,951905,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-users-bab.json",951905],"543fbd32":[()=&gt;r.e("33762").then(r.bind(r,295361)),"@site/versioned_docs/version-1.11.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",295361],"5441ff74":[()=&gt;r.e("64446").then(r.bind(r,515445)),"@site/versioned_docs/version-1.8.x/operations/users/user-synchronization.mdx",515445],"545e1775":[()=&gt;r.e("55162").then(r.bind(r,13337)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/gateway.mdx",13337],0x3445acd:[()=&gt;Promise.all([r.e("86212"),r.e("6741")]).then(r.bind(r,184320)),"@site/versioned_docs/version-next/howto/rate-limiting/toc.mdx",184320],"54a4df95":[()=&gt;r.e("11591").then(r.bind(r,572359)),"@site/versioned_docs/version-1.6.x/operations/telemetry/key-metrics.md",572359],"54a4f344":[()=&gt;r.e("20014").then(r.t.bind(r,397544,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-traffic-v-2-grpc-672.json",397544],"54af0f26":[()=&gt;r.e("83985").then(r.bind(r,533867)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",533867],"54b0caff":[()=&gt;r.e("48037").then(r.bind(r,818341)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",818341],"54bb2d03":[()=&gt;r.e("48915").then(r.bind(r,49212)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",49212],"54c97ba8":[()=&gt;r.e("92528").then(r.bind(r,821738)),"@site/versioned_docs/version-1.9.x/howto/traffic/migrating-VM-monoliths.mdx",821738],"54f09d2c":[()=&gt;r.e("74943").then(r.bind(r,224553)),"@site/versioned_docs/version-1.9.x/refs/tsb/observability/telemetry/v2/metric.mdx",224553],"5549ff18":[()=&gt;r.e("67443").then(r.bind(r,477945)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/permissions.mdx",477945],"556b833d":[()=&gt;r.e("72705").then(r.bind(r,140193)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",140193],"5589bac2":[()=&gt;r.e("25736").then(r.t.bind(r,63627,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-cli-reference-7e2.json",63627],"559630f5":[()=&gt;r.e("67957").then(r.t.bind(r,342783,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-cli-4ea.json",342783],"55c2b368":[()=&gt;r.e("84821").then(r.bind(r,956638)),"@site/versioned_docs/version-1.10.x/howto/gitops/argo-rollouts.mdx",956638],"55cb7518":[()=&gt;r.e("51793").then(r.t.bind(r,716840,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-workload-onboarding-onboarding-authorization-5cc.json",716840],"55e246b6":[()=&gt;r.e("35800").then(r.bind(r,921749)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",921749],"55fa2362":[()=&gt;r.e("62671").then(r.bind(r,897219)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/get.md",897219],"5609b3ff":[()=&gt;r.e("18474").then(r.bind(r,239382)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",239382],"563af2c4":[()=&gt;r.e("77267").then(r.bind(r,190032)),"@site/versioned_docs/version-next/operations/features/configure-gitops.mdx",190032],"564312b4":[()=&gt;Promise.all([r.e("86212"),r.e("30056")]).then(r.bind(r,278887)),"@site/versioned_docs/version-1.7.x/setup/helm/toc.mdx",278887],"564c1ef9":[()=&gt;r.e("74041").then(r.bind(r,469602)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/egress_gateway.mdx",469602],"56573edf":[()=&gt;r.e("45633").then(r.bind(r,795369)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-terminology.mdx",795369],"5676cab4":[()=&gt;r.e("63510").then(r.bind(r,736925)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",736925],"56b2da53":[()=&gt;r.e("94979").then(r.bind(r,644683)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/edit.md",644683],"56c3f40d":[()=&gt;r.e("18724").then(r.bind(r,129850)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/setup.mdx",129850],"56c8061a":[()=&gt;r.e("66369").then(r.t.bind(r,268071,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-aws-69b.json",268071],"570db48a":[()=&gt;r.e("60222").then(r.bind(r,693927)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/gateway_common.mdx",693927],"5716d7f3":[()=&gt;r.e("75788").then(r.bind(r,299537)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service.mdx",299537],"572056a2":[()=&gt;r.e("23590").then(r.bind(r,524985)),"@site/versioned_docs/version-1.6.x/operations/kube-customization.mdx",524985],"5736683f":[()=&gt;r.e("34031").then(r.t.bind(r,284403,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-upgrades-528.json",284403],"573ca8c5":[()=&gt;r.e("72264").then(r.t.bind(r,424942,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-tags-tsb-concepts-765.json",424942],"574a8aa3":[()=&gt;r.e("98896").then(r.bind(r,591343)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/organization.mdx",591343],0x3729a36:[()=&gt;r.e("97265").then(r.t.bind(r,655275,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-upgrades-10e.json",655275],"57a39f82":[()=&gt;r.e("21002").then(r.bind(r,764355)),"@site/versioned_docs/version-next/refs/iam/v2/oauth_service.mdx",764355],"57af8f29":[()=&gt;r.e("83169").then(r.bind(r,330542)),"@site/versioned_docs/version-1.8.x/troubleshooting/Maximum-header-size-exceed.mdx",330542],"57b6b189":[()=&gt;r.e("32804").then(r.bind(r,544398)),"@site/versioned_docs/version-1.9.x/setup/isolation-boundaries-installation.mdx",544398],"57f73bfd":[()=&gt;r.e("51387").then(r.bind(r,294317)),"@site/versioned_docs/version-next/operations/postgresql/managing-kubegres.mdx",294317],"57f992f1":[()=&gt;r.e("63563").then(r.t.bind(r,408896,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-extension-v-2-grpc-dd4.json",408896],0x37624cb:[()=&gt;r.e("71289").then(r.t.bind(r,473697,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-gateway-v-2-grpc-cdb.json",473697],"580c7546":[()=&gt;Promise.all([r.e("86212"),r.e("97361")]).then(r.bind(r,737800)),"@site/versioned_docs/version-1.7.x/setup/upgrades/non-revisioned-to-revisioned.mdx",737800],"582089f1":[()=&gt;r.e("57277").then(r.bind(r,717752)),"@site/versioned_docs/version-next/howto/rate-limiting/ingress-gateway.mdx",717752],0x37b83fe:[()=&gt;r.e("63378").then(r.bind(r,367627)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/scenarios.mdx",367627],"584dac2a":[()=&gt;r.e("95303").then(r.bind(r,873382)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/security_group.mdx",873382],"586b1056":[()=&gt;r.e("61979").then(r.bind(r,689243)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",689243],"58713ebd":[()=&gt;r.e("93014").then(r.bind(r,668006)),"@site/versioned_docs/version-1.7.x/troubleshooting/identify-underperforming-services.mdx",668006],"588c3ad4":[()=&gt;r.e("99563").then(r.bind(r,250057)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",250057],"589ca6ac":[()=&gt;Promise.all([r.e("86212"),r.e("87018")]).then(r.bind(r,112704)),"@site/versioned_docs/version-1.11.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",112704],"58a132f7":[()=&gt;r.e("34145").then(r.bind(r,116918)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user.md",116918],"58a2cfaa":[()=&gt;r.e("65499").then(r.bind(r,809838)),"@site/versioned_docs/version-1.11.x/operations/lower-istio-resources.mdx",809838],"58b346b4":[()=&gt;Promise.all([r.e("86212"),r.e("46891")]).then(r.bind(r,755849)),"@site/versioned_docs/version-next/howto/gateway/oas-validation.mdx",755849],"58c47aa7":[()=&gt;r.e("71799").then(r.bind(r,280090)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",280090],"58ccbf71":[()=&gt;r.e("83013").then(r.t.bind(r,709023,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-tags-featured-9fe.json",709023],"58d169fd":[()=&gt;r.e("30754").then(r.bind(r,470318)),"@site/versioned_docs/version-next/refs/onboarding/private/protocol/session/v1alpha1/session_service.mdx",470318],"58e9fd8a":[()=&gt;r.e("97858").then(r.bind(r,630012)),"@site/versioned_docs/version-1.7.x/operations/vault/istiod-ca.mdx",630012],"58ed24c6":[()=&gt;Promise.all([r.e("86212"),r.e("67717")]).then(r.bind(r,658246)),"@site/versioned_docs/version-1.8.x/setup/firewall-information.mdx",658246],"58f0b1ae":[()=&gt;r.e("30773").then(r.t.bind(r,505208,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-auth-v-2-yaml-dcd.json",505208],"58f7fd92":[()=&gt;r.e("71305").then(r.bind(r,889478)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",889478],"5929f4c5":[()=&gt;r.e("30616").then(r.bind(r,944148)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/config/v1alpha1/transport_security.mdx",944148],"593c749e":[()=&gt;r.e("59222").then(r.t.bind(r,792485,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-86b.json",792485],"594c160d":[()=&gt;Promise.all([r.e("86212"),r.e("79137")]).then(r.bind(r,674108)),"@site/versioned_docs/version-1.11.x/design-guides/ha-dr-mp/ha-managementplane.mdx",674108],"5960ffb4":[()=&gt;r.e("10546").then(r.t.bind(r,388578,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-v-2-yaml-b96.json",388578],0x38e6c7b:[()=&gt;r.e("16847").then(r.bind(r,485160)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",485160],"59a83009":[()=&gt;r.e("25260").then(r.bind(r,261992)),"@site/versioned_docs/version-1.10.x/setup/self-managed/demo-installation.mdx",261992],"59be6805":[()=&gt;r.e("10678").then(r.bind(r,259306)),"@site/versioned_docs/version-1.8.x/cheatsheet/index.mdx",259306],"59c41352":[()=&gt;r.e("22372").then(r.bind(r,971586)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-quickstart.mdx",971586],"59cc2ce9":[()=&gt;r.e("21837").then(r.bind(r,651686)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/protocol/session/v1alpha1/session_service.mdx",651686],"59cc7bdf":[()=&gt;r.e("20457").then(r.bind(r,541666)),"@site/versioned_docs/version-next/concepts/terminology.mdx",541666],"59d1aa3b":[()=&gt;r.e("57669").then(r.bind(r,297549)),"@site/versioned_docs/version-1.8.x/setup/isolation-boundaries-installation.mdx",297549],"59e4f442":[()=&gt;r.e("66239").then(r.bind(r,296334)),"@site/versioned_docs/version-1.7.x/operations/features/gateway-deletion-webhook.mdx",296334],"59e4ff03":[()=&gt;r.e("24176").then(r.bind(r,464131)),"@site/versioned_docs/version-1.6.x/concepts/configuration-dataflow.mdx",464131],"59ec93af":[()=&gt;r.e("24535").then(r.bind(r,443814)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/binding.mdx",443814],"59f0b8b1":[()=&gt;r.e("86243").then(r.bind(r,818354)),"@site/versioned_docs/version-1.8.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",818354],"59f6972d":[()=&gt;r.e("49796").then(r.t.bind(r,465061,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-dashboard-v-1-grpc-09c.json",465061],"5a05b2f6":[()=&gt;r.e("47163").then(r.bind(r,660747)),"@site/versioned_docs/version-next/refs/tsb/security/v2/waf_settings.mdx",660747],"5a0642bd":[()=&gt;r.e("32091").then(r.bind(r,572364)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",572364],"5a1ba53c":[()=&gt;r.e("65157").then(r.bind(r,907703)),"@site/versioned_docs/version-1.7.x/setup/security-context.mdx",907703],"5a2d9df8":[()=&gt;r.e("34965").then(r.bind(r,129283)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/workspace_setting.mdx",129283],"5a36c0da":[()=&gt;r.e("50462").then(r.bind(r,48742)),"@site/versioned_docs/version-1.12.x/operations/telemetry/key-metrics.md",48742],"5a55a532":[()=&gt;r.e("7394").then(r.bind(r,854731)),"@site/versioned_docs/version-1.12.x/quickstart/config-groups.mdx",854731],"5a5c4720":[()=&gt;r.e("94007").then(r.bind(r,170615)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io.md",170615],"5a7bc876":[()=&gt;r.e("67469").then(r.bind(r,830537)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/access_bindings.mdx",830537],"5a9219e5":[()=&gt;r.e("359").then(r.bind(r,916008)),"@site/versioned_docs/version-next/troubleshooting/cluster-onboarding.mdx",916008],"5a9f0c64":[()=&gt;r.e("21930").then(r.bind(r,885272)),"@site/versioned_docs/version-1.8.x/howto/traffic/configure-multi-port-service-route.mdx",885272],"5aa75480":[()=&gt;r.e("72416").then(r.bind(r,230830)),"@site/versioned_docs/version-1.12.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",230830],"5ab783db":[()=&gt;r.e("663").then(r.bind(r,48148)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/internal-rate-limiting.mdx",48148],"5abf7f8d":[()=&gt;r.e("69450").then(r.bind(r,752205)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",752205],"5ac7214f":[()=&gt;r.e("90942").then(r.bind(r,103697)),"@site/versioned_docs/version-1.7.x/operations/telemetry/new-relic.mdx",103697],"5ad9d500":[()=&gt;r.e("89653").then(r.bind(r,414693)),"@site/versioned_docs/version-1.8.x/operations/users/admin-password.mdx",414693],"5ae3b384":[()=&gt;r.e("7988").then(r.bind(r,132671)),"@site/versioned_docs/version-next/operations/features/configure-cluster-external-addresses.mdx",132671],"5af84056":[()=&gt;r.e("3476").then(r.bind(r,916555)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/workspace.mdx",916555],"5b1d3641":[()=&gt;r.e("34514").then(r.bind(r,428920)),"@site/versioned_docs/version-next/release-notes-announcements/support-policy.mdx",428920],"5b23651f":[()=&gt;r.e("19859").then(r.bind(r,127287)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-terminology.mdx",127287],"5b4a6b9b":[()=&gt;r.e("55438").then(r.bind(r,260901)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",260901],"5b59040d":[()=&gt;r.e("95233").then(r.bind(r,208685)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/security_service.mdx",208685],"5b6fbc45":[()=&gt;r.e("88731").then(r.bind(r,931763)),"@site/versioned_docs/version-1.11.x/reference/samples/sleep-service.mdx",931763],"5b7e999d":[()=&gt;r.e("39901").then(r.bind(r,816534)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",816534],"5b88bf21":[()=&gt;r.e("16743").then(r.bind(r,991322)),"@site/versioned_docs/version-1.11.x/refs/tsb/segmentation/v1/rules.mdx",991322],"5b8a98e0":[()=&gt;r.e("6646").then(r.bind(r,226404)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/auth.mdx",226404],"5b9ec439":[()=&gt;r.e("32557").then(r.bind(r,107021)),"@site/versioned_docs/version-1.10.x/concepts/service-mesh.mdx",107021],"5ba90833":[()=&gt;r.e("87661").then(r.bind(r,642928)),"@site/versioned_docs/version-1.9.x/howto/gitops/gitops.mdx",642928],"5bcb6bf6":[()=&gt;r.e("76520").then(r.t.bind(r,243472,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-elasticsearch-d56.json",243472],"5bce3da2":[()=&gt;r.e("97643").then(r.bind(r,484770)),"@site/versioned_docs/version-1.6.x/operations/features/tier1-in-app-cluster.mdx",484770],"5be34523":[()=&gt;r.e("59095").then(r.bind(r,263295)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",263295],"5beac6a7":[()=&gt;r.e("696").then(r.t.bind(r,85487,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-application-v-2-grpc-871.json",85487],"5bf59600":[()=&gt;r.e("84530").then(r.bind(r,334622)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/internal-rate-limiting.mdx",334622],"5bf9dfc5":[()=&gt;r.e("14552").then(r.bind(r,553257)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-quickstart.mdx",553257],"5c0c577f":[()=&gt;r.e("51301").then(r.t.bind(r,107829,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-workload-onboarding-onboarding-authorization-088.json",107829],"5c14a969":[()=&gt;r.e("92798").then(r.bind(r,744475)),"@site/versioned_docs/version-next/howto/authorization/ingress-gateway.mdx",744475],"5c206b89":[()=&gt;r.e("35064").then(r.bind(r,828263)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/traffic_setting.mdx",828263],"5c32f673":[()=&gt;Promise.all([r.e("86212"),r.e("50479")]).then(r.bind(r,365130)),"@site/versioned_docs/version-1.7.x/design-guides/ha-dr-mp/dr-managementplane.mdx",365130],"5c4a9e14":[()=&gt;r.e("91948").then(r.bind(r,197507)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",197507],"5c571bd0":[()=&gt;r.e("2835").then(r.bind(r,645459)),"@site/versioned_docs/version-1.10.x/setup/resource-planning.mdx",645459],"5c594383":[()=&gt;r.e("21245").then(r.bind(r,437891)),"@site/versioned_docs/version-1.6.x/concepts/architecture.mdx",437891],"5c89b4e8":[()=&gt;Promise.all([r.e("86212"),r.e("58275")]).then(r.bind(r,175426)),"@site/versioned_docs/version-1.8.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",175426],"5c8d2717":[()=&gt;r.e("9721").then(r.bind(r,366049)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/status.mdx",366049],"5cb175e6":[()=&gt;r.e("12385").then(r.bind(r,876296)),"@site/versioned_docs/version-1.6.x/concepts/terminology.mdx",876296],"5cd3dc2c":[()=&gt;r.e("62628").then(r.bind(r,812885)),"@site/versioned_docs/version-1.6.x/reference/yaml-api/guide.mdx",812885],"5ce96005":[()=&gt;Promise.all([r.e("86212"),r.e("35481")]).then(r.bind(r,392701)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/cluster-failover.mdx",392701],"5ce99e8d":[()=&gt;r.e("71508").then(r.bind(r,284170)),"@site/versioned_docs/version-next/howto/gitops/flux.mdx",284170],"5d12f0ab":[()=&gt;Promise.all([r.e("86212"),r.e("96281")]).then(r.bind(r,183015)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/toc.mdx",183015],"5d1cdfc3":[()=&gt;r.e("56411").then(r.bind(r,846632)),"@site/versioned_docs/version-1.7.x/operations/telemetry/alerting-guidelines.mdx",846632],"5d1dc1e6":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("45267")]).then(r.bind(r,787860)),"@site/versioned_docs/version-1.7.x/quickstart/observability.mdx",787860],"5d2a58c9":[()=&gt;r.e("90005").then(r.bind(r,453703)),"@site/versioned_docs/version-1.8.x/operations/features/edge-dns-resolution.mdx",453703],"5d56b8b1":[()=&gt;r.e("6986").then(r.bind(r,714873)),"@site/versioned_docs/version-1.7.x/troubleshooting/configuration-status.mdx",714873],"5d710a71":[()=&gt;r.e("78257").then(r.bind(r,675058)),"@site/versioned_docs/version-1.10.x/quickstart/workspace.mdx",675058],"5d73f576":[()=&gt;r.e("93470").then(r.bind(r,7228)),"@site/versioned_docs/version-1.12.x/setup/migrate-tctl-to-helm.mdx",7228],"5d880e25":[()=&gt;r.e("87962").then(r.bind(r,570528)),"@site/versioned_docs/version-next/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",570528],"5d9e4268":[()=&gt;r.e("16845").then(r.bind(r,200070)),"@site/versioned_docs/version-1.12.x/howto/wasm/wasm-extension.mdx",200070],"5da45d9a":[()=&gt;Promise.all([r.e("86212"),r.e("92177")]).then(r.bind(r,645386)),"@site/versioned_docs/version-1.10.x/howto/gateway/shared-ingress.mdx",645386],"5dd7eb28":[()=&gt;r.e("83388").then(r.bind(r,467368)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/auth.mdx",467368],"5de423ae":[()=&gt;r.e("53513").then(r.bind(r,229760)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/security_access_bindings.mdx",229760],"5dedfc04":[()=&gt;r.e("5451").then(r.bind(r,868181)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",868181],"5dfd159c":[()=&gt;r.e("2373").then(r.t.bind(r,241524,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-q-v-2-grpc-5e6.json",241524],"5e1d0bdf":[()=&gt;r.e("95538").then(r.bind(r,989491)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",989491],"5e2ca7d6":[()=&gt;r.e("58549").then(r.bind(r,228471)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",228471],"5e3d57d7":[()=&gt;r.e("11811").then(r.t.bind(r,470927,19)),"@generated/docusaurus-plugin-redoc/1_12_x/__plugin.json",470927],"5e401086":[()=&gt;r.e("61276").then(r.bind(r,523162)),"@site/versioned_docs/version-1.10.x/howto/authorization/tier1-gateway.mdx",523162],"5e511d62":[()=&gt;r.e("52821").then(r.bind(r,261951)),"@site/versioned_docs/version-1.6.x/howto/gateway/service-identity-propagation.mdx",261951],"5e64c170":[()=&gt;r.e("73064").then(r.bind(r,38827)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/security-management.mdx",38827],"5e6fbbcd":[()=&gt;r.e("39485").then(r.bind(r,225925)),"@site/versioned_docs/version-1.10.x/setup/aws/container-marketplace.mdx",225925],"5e7749be":[()=&gt;Promise.all([r.e("86212"),r.e("69930")]).then(r.bind(r,788964)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",788964],"5e7a1fa7":[()=&gt;r.e("43035").then(r.bind(r,478739)),"@site/versioned_docs/version-1.11.x/operations/features/streaming-log.mdx",478739],"5e95c892":[()=&gt;r.e("63432").then(r.bind(r,479633)),"@theme/DocsRoot",479633],"5e9f5e1a":[()=&gt;Promise.resolve().then(r.bind(r,75150)),"@generated/docusaurus.config",75150],"5f03ce70":[()=&gt;r.e("96431").then(r.t.bind(r,557630,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-types-v-2-yaml-821.json",557630],"5f0be268":[()=&gt;r.e("98052").then(r.bind(r,146865)),"@site/versioned_docs/version-1.11.x/refs/tsb/registry/v2/registration_service.mdx",146865],"5f238620":[()=&gt;r.e("37602").then(r.bind(r,682449)),"@site/versioned_docs/version-1.10.x/howto/gitops/flagger.mdx",682449],"5f4fc3be":[()=&gt;r.e("37315").then(r.bind(r,738680)),"@site/versioned_docs/version-1.9.x/refs/install/dataplane/v1alpha1/spec.mdx",738680],"5f731dfc":[()=&gt;r.e("93216").then(r.bind(r,873904)),"@site/versioned_docs/version-next/concepts/architecture.mdx",873904],"5f75e25a":[()=&gt;r.e("83722").then(r.t.bind(r,733830,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-gateway-v-2-yaml-b6f.json",733830],"5f7a5c96":[()=&gt;r.e("73120").then(r.bind(r,360098)),"@site/versioned_docs/version-next/refs/tsb/application/v2/application_service.mdx",360098],"5f83095c":[()=&gt;r.e("40793").then(r.bind(r,161359)),"@site/versioned_docs/version-1.7.x/setup/certificate/certificate-requirements.mdx",161359],"5f9a5442":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("35508")]).then(r.bind(r,339075)),"@site/versioned_docs/version-next/quickstart/tenant.mdx",339075],"5fac77c4":[()=&gt;r.e("66336").then(r.bind(r,866496)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/workspace_setting.mdx",866496],"5fad523d":[()=&gt;r.e("24509").then(r.bind(r,835503)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",835503],"5fbada63":[()=&gt;Promise.all([r.e("86212"),r.e("88129")]).then(r.bind(r,75614)),"@site/versioned_docs/version-1.8.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",75614],"5fc97651":[()=&gt;r.e("68793").then(r.t.bind(r,741411,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-cli-reference-b26.json",741411],"5fe5cd67":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("36715")]).then(r.bind(r,718770)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/onboarding-vms.mdx",718770],"5ffcd631":[()=&gt;r.e("56354").then(r.bind(r,259634)),"@site/versioned_docs/version-1.9.x/operations/users/new-user-local-idp.mdx",259634],"6015c9b7":[()=&gt;r.e("59766").then(r.bind(r,532304)),"@site/versioned_docs/version-1.11.x/troubleshooting/Maximum-header-size-exceed.mdx",532304],"602b3835":[()=&gt;r.e("3207").then(r.bind(r,475068)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",475068],"603b27d9":[()=&gt;r.e("1010").then(r.bind(r,937452)),"@site/versioned_docs/version-next/reference/samples/sleep-service.mdx",937452],"607d8c96":[()=&gt;r.e("75951").then(r.bind(r,384834)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/config.md",384834],"608191ee":[()=&gt;Promise.all([r.e("86212"),r.e("90711")]).then(r.bind(r,926536)),"@site/versioned_docs/version-1.9.x/setup/upgrades/cni-upgrade.mdx",926536],"60843fd2":[()=&gt;r.e("12943").then(r.bind(r,838294)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",838294],0x3a24327:[()=&gt;Promise.all([r.e("86212"),r.e("68580")]).then(r.bind(r,785754)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",785754],"60999d6a":[()=&gt;Promise.all([r.e("86212"),r.e("13050")]).then(r.bind(r,152207)),"@site/versioned_docs/version-1.7.x/setup/upgrades/cni-upgrade.mdx",152207],"60a800ee":[()=&gt;r.e("2536").then(r.t.bind(r,309506,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-audit-v-1-grpc-28e.json",309506],"60abf080":[()=&gt;r.e("12891").then(r.bind(r,835170)),"@site/versioned_docs/version-1.10.x/reference/samples/httpbin.mdx",835170],"60aeb6b0":[()=&gt;r.e("87648").then(r.bind(r,444517)),"@site/versioned_docs/version-next/cheatsheet/sheets/tctl.mdx",444517],"60b9b63c":[()=&gt;r.e("32297").then(r.bind(r,698246)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/security_service.mdx",698246],"60d46017":[()=&gt;r.e("26035").then(r.bind(r,414420)),"@site/versioned_docs/version-1.6.x/refs/tsb/q/v2/approvals_service.mdx",414420],"60f76b1d":[()=&gt;r.e("42765").then(r.bind(r,105149)),"@site/versioned_docs/version-1.8.x/quickstart/config-groups.mdx",105149],"60ffe514":[()=&gt;r.e("25466").then(r.bind(r,671613)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/ecs-workloads.mdx",671613],"610b976b":[()=&gt;r.e("75844").then(r.t.bind(r,864842,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-traffic-v-2-yaml-4cd.json",864842],0x3a73174:[()=&gt;r.e("36481").then(r.t.bind(r,592600,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-cli-guide-toc-ca7.json",592600],"61747e9f":[()=&gt;r.e("53769").then(r.bind(r,69545)),"@site/versioned_docs/version-1.9.x/setup/aws/vpc.mdx",69545],"61817fbf":[()=&gt;r.e("14924").then(r.bind(r,949864)),"@site/versioned_docs/version-1.6.x/setup/self-managed/demo-installation.mdx",949864],"618f9b0a":[()=&gt;r.e("87581").then(r.t.bind(r,513713,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-workload-onboarding-onboarding-runtime-f2b.json",513713],"619b80d4":[()=&gt;r.e("43674").then(r.t.bind(r,124039,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_6_x/redocApiLayoutV1-1_6_x.json",124039],"61a559a2":[()=&gt;r.e("9437").then(r.bind(r,471315)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/discovery/v1alpha1/discovery.mdx",471315],"61b767c3":[()=&gt;Promise.all([r.e("86212"),r.e("34564")]).then(r.bind(r,90481)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",90481],"61bb8c46":[()=&gt;r.e("10372").then(r.bind(r,350132)),"@site/versioned_docs/version-1.12.x/howto/gateway/app-ingress.mdx",350132],"61c5cb33":[()=&gt;r.e("16592").then(r.bind(r,326339)),"@site/versioned_docs/version-1.12.x/concepts/operators/management-plane.mdx",326339],"622fe2c4":[()=&gt;r.e("53873").then(r.bind(r,315005)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/managing.mdx",315005],"6233352d":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("1307")]).then(r.bind(r,298209)),"@site/versioned_docs/version-next/setup/workload-onboarding/onboarding-vms.mdx",298209],"6234a040":[()=&gt;r.e("89102").then(r.bind(r,164024)),"@site/versioned_docs/version-1.12.x/reference/samples/opa.mdx",164024],"623aa1a2":[()=&gt;r.e("91").then(r.bind(r,339538)),"@site/versioned_docs/version-next/operations/telemetry/key-metrics.md",339538],"623d2b37":[()=&gt;r.e("69754").then(r.bind(r,754761)),"@site/versioned_docs/version-1.9.x/operations/configure-log-levels.mdx",754761],"62592e96":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("94376")]).then(r.bind(r,445575)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/tls-validation.mdx",445575],"6299153d":[()=&gt;r.e("27792").then(r.bind(r,638370)),"@site/versioned_docs/version-1.7.x/operations/features/streaming-log.mdx",638370],"62a5d799":[()=&gt;r.e("28245").then(r.bind(r,640900)),"@site/versioned_docs/version-next/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",640900],"62c88e9f":[()=&gt;r.e("16643").then(r.bind(r,89109)),"@site/versioned_docs/version-1.10.x/concepts/tsb-and-istio.mdx",89109],"62e01fc6":[()=&gt;r.e("96504").then(r.t.bind(r,286054,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-aws-ef6.json",286054],"62eabca5":[()=&gt;r.e("54814").then(r.t.bind(r,77483,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-howto-traffic-2a8.json",77483],"62eb6b3a":[()=&gt;r.e("46811").then(r.bind(r,345309)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/ui.md",345309],"62f7b563":[()=&gt;r.e("16687").then(r.bind(r,674160)),"@site/versioned_docs/version-next/howto/gateway/host-based-egress-access-control.mdx",674160],"6314f530":[()=&gt;r.e("38136").then(r.bind(r,898193)),"@site/versioned_docs/version-1.9.x/setup/helm/upgrade.mdx",898193],"632d8be6":[()=&gt;r.e("59094").then(r.t.bind(r,412494,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-upgrades-e07.json",412494],"6343a669":[()=&gt;r.e("95862").then(r.bind(r,293268)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/workspace_setting.mdx",293268],"635a5ae9":[()=&gt;r.e("91039").then(r.t.bind(r,656775,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-security-v-2-yaml-1b9.json",656775],"635bc93a":[()=&gt;r.e("51918").then(r.bind(r,179881)),"@site/versioned_docs/version-1.10.x/operations/users/new-user-local-idp.mdx",179881],"6363972e":[()=&gt;r.e("16808").then(r.bind(r,433123)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/cluster.mdx",433123],"636a5c8a":[()=&gt;Promise.all([r.e("86212"),r.e("24450")]).then(r.bind(r,844949)),"@site/versioned_docs/version-1.12.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",844949],"6371cfe3":[()=&gt;r.e("31543").then(r.bind(r,908401)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/workspace.mdx",908401],"6379d867":[()=&gt;r.e("76593").then(r.bind(r,463456)),"@site/versioned_docs/version-1.11.x/concepts/service-mesh.mdx",463456],"637eccb0":[()=&gt;r.e("69394").then(r.bind(r,776759)),"@site/versioned_docs/version-1.7.x/troubleshooting/Maximum-header-size-exceed.mdx",776759],"6384f04a":[()=&gt;r.e("82115").then(r.t.bind(r,617137,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-q-v-2-grpc-d78.json",617137],"638990fb":[()=&gt;r.e("98838").then(r.bind(r,56645)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/gateway_group.mdx",56645],"638b603b":[()=&gt;r.e("58197").then(r.bind(r,337272)),"@site/versioned_docs/version-1.8.x/concepts/operators/control-plane.mdx",337272],"63ac61e7":[()=&gt;r.e("34677").then(r.t.bind(r,732595,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-howto-wasm-4a2.json",732595],"63b9d101":[()=&gt;r.e("77866").then(r.bind(r,389214)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/ecs-workloads.mdx",389214],"63c04f74":[()=&gt;r.e("27059").then(r.bind(r,55337)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/workspace_service.mdx",55337],"63cc31cc":[()=&gt;Promise.all([r.e("86212"),r.e("1432")]).then(r.bind(r,99881)),"@site/versioned_docs/version-1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",99881],"63e330bc":[()=&gt;r.e("74597").then(r.t.bind(r,158954,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-grpc-api-7e9.json",158954],"63ed9dfd":[()=&gt;r.e("49544").then(r.bind(r,497983)),"@site/versioned_docs/version-next/refs/install/kubernetes/k8s.mdx",497983],"63f0633a":[()=&gt;r.e("70566").then(r.bind(r,825879)),"@site/versioned_docs/version-1.8.x/setup/aws/vpc.mdx",825879],"641250b5":[()=&gt;r.e("68188").then(r.bind(r,197549)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",197549],"6412f605":[()=&gt;Promise.all([r.e("86212"),r.e("11556")]).then(r.bind(r,706682)),"@site/versioned_docs/version-1.9.x/concepts/operators/toc.mdx",706682],"641a9279":[()=&gt;r.e("69781").then(r.t.bind(r,586234,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-certificate-7a6.json",586234],"6421a5e1":[()=&gt;r.e("96948").then(r.bind(r,120278)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/team.mdx",120278],"6442f98d":[()=&gt;r.e("28438").then(r.bind(r,285886)),"@site/versioned_docs/version-1.7.x/refs/tsb/extension/v2/wasm_service.mdx",285886],"645cd078":[()=&gt;r.e("8715").then(r.t.bind(r,134414,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-yaml-api-996.json",134414],"645d7973":[()=&gt;r.e("21261").then(r.bind(r,414676)),"@site/versioned_docs/version-1.9.x/operations/elasticsearch/wipe-elastic.mdx",414676],0x3db5467:[()=&gt;r.e("64536").then(r.bind(r,5463)),"@site/versioned_docs/version-1.6.x/release-notes-announcements/feature-status.mdx",5463],"647f198c":[()=&gt;r.e("57359").then(r.bind(r,329330)),"@site/versioned_docs/version-1.9.x/setup/upgrade-best-practices.md",329330],"649270d0":[()=&gt;r.e("84209").then(r.bind(r,589593)),"@site/versioned_docs/version-1.9.x/operations/configuration-promotion.mdx",589593],"64c0f79a":[()=&gt;r.e("7326").then(r.bind(r,321489)),"@site/versioned_docs/version-next/refs/onboarding/private/component/plane/generator/v1alpha1/version.mdx",321489],"64c3c660":[()=&gt;r.e("32991").then(r.t.bind(r,202633,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-types-v-2-yaml-95a.json",202633],"64e5a08e":[()=&gt;r.e("24566").then(r.bind(r,712139)),"@site/versioned_docs/version-1.11.x/reference/samples/opa.mdx",712139],"64e5e794":[()=&gt;r.e("91049").then(r.bind(r,916040)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",916040],"65043cac":[()=&gt;r.e("39815").then(r.bind(r,872775)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration.mdx",872775],"651fa6b2":[()=&gt;r.e("43401").then(r.bind(r,166123)),"@site/versioned_docs/version-1.11.x/operations/configure-log-levels.mdx",166123],"6531fedb":[()=&gt;r.e("75459").then(r.bind(r,124763)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",124763],"654093e1":[()=&gt;r.e("66131").then(r.bind(r,623122)),"@site/versioned_docs/version-next/troubleshooting/proxy-tools.mdx",623122],"654bded9":[()=&gt;r.e("42960").then(r.bind(r,928431)),"@site/versioned_docs/version-1.10.x/release-notes.mdx",928431],"654c0c07":[()=&gt;Promise.all([r.e("86212"),r.e("89491")]).then(r.bind(r,107668)),"@site/versioned_docs/version-next/design-guides/app-onboarding/monitor.mdx",107668],0x3e8d1ec:[()=&gt;r.e("61355").then(r.bind(r,760437)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",760437],0x3e9e76c:[()=&gt;r.e("39734").then(r.t.bind(r,423493,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-de8.json",423493],"65a6cd70":[()=&gt;r.e("52698").then(r.t.bind(r,621377,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-telemetry-683.json",621377],"65ac9930":[()=&gt;r.e("82442").then(r.bind(r,360866)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/auth.mdx",360866],"65b31a97":[()=&gt;r.e("48569").then(r.bind(r,75875)),"@site/versioned_docs/version-1.8.x/operations/telemetry/key-metrics.md",75875],"65bf9492":[()=&gt;r.e("70400").then(r.bind(r,877113)),"@site/versioned_docs/version-1.12.x/refs/tsb/application/v2/openapi_extensions.mdx",877113],"65e5eb3c":[()=&gt;r.e("63099").then(r.t.bind(r,45317,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-workload-onboarding-onboarding-authorization-764.json",45317],"65f2cdf8":[()=&gt;r.e("26601").then(r.bind(r,887118)),"@site/versioned_docs/version-1.12.x/refs/tsb/registry/v2/service.mdx",887118],"65f8d0d2":[()=&gt;r.e("50123").then(r.bind(r,18e3)),"@site/versioned_docs/version-1.7.x/setup/components.mdx",18e3],"6614ffc9":[()=&gt;r.e("8315").then(r.bind(r,317987)),"@site/versioned_docs/version-1.10.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",317987],"661924fb":[()=&gt;r.e("90519").then(r.t.bind(r,200548,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-workload-onboarding-ec8.json",200548],"6622b42f":[()=&gt;Promise.all([r.e("86212"),r.e("42566")]).then(r.bind(r,687749)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/best-practices.mdx",687749],"664951ee":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("19886")]).then(r.bind(r,113336)),"@site/versioned_docs/version-1.8.x/howto/authorization/sidecar.mdx",113336],"66505db3":[()=&gt;r.e("27858").then(r.bind(r,355458)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/gateways-management.mdx",355458],0x3f76715:[()=&gt;r.e("25593").then(r.bind(r,764570)),"@site/versioned_docs/version-1.11.x/operations/users/oidc-azure.mdx",764570],"6669959b":[()=&gt;r.e("94162").then(r.bind(r,548)),"@site/versioned_docs/version-1.11.x/operations/postgresql/managing-kubegres.mdx",548],0x3facd9a:[()=&gt;r.e("67830").then(r.bind(r,706141)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",706141],"668b8184":[()=&gt;r.e("39647").then(r.bind(r,787194)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",787194],"6691e766":[()=&gt;r.e("33877").then(r.bind(r,803543)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/organization_service.mdx",803543],"66ae44a2":[()=&gt;r.e("40562").then(r.bind(r,866775)),"@site/versioned_docs/version-next/concepts/security.mdx",866775],"66af4876":[()=&gt;r.e("16322").then(r.bind(r,963024)),"@site/versioned_docs/version-1.10.x/operations/features/enable-config-protection.mdx",963024],"66b26396":[()=&gt;r.e("44568").then(r.bind(r,463700)),"@site/versioned_docs/version-next/setup/aws/vpc.mdx",463700],"66b53843":[()=&gt;r.e("14233").then(r.bind(r,368507)),"@site/versioned_docs/version-1.8.x/refs/audit/v1/audit.mdx",368507],"66b66e24":[()=&gt;r.e("24978").then(r.bind(r,7210)),"@site/versioned_docs/version-1.11.x/operations/users/tsb-fqns.mdx",7210],"66d00fb2":[()=&gt;r.e("61251").then(r.bind(r,982298)),"@site/versioned_docs/version-1.6.x/setup/tctl-connect.mdx",982298],"66dd420e":[()=&gt;r.e("3701").then(r.bind(r,665919)),"@site/versioned_docs/version-1.11.x/concepts/glossary.md",665919],"66e09422":[()=&gt;r.e("37424").then(r.t.bind(r,294789,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-traffic-v-2-grpc-366.json",294789],"66fdf57b":[()=&gt;r.e("52989").then(r.t.bind(r,865412,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-dashboard-v-1-grpc-f66.json",865412],0x3ff24e3:[()=&gt;r.e("78375").then(r.bind(r,603255)),"@site/versioned_docs/version-1.6.x/setup/helm/uninstallation.mdx",603255],"672a7e5b":[()=&gt;r.e("12998").then(r.bind(r,445034)),"@site/versioned_docs/version-1.10.x/cheatsheet/index.mdx",445034],"673dacb6":[()=&gt;r.e("99593").then(r.bind(r,288275)),"@site/versioned_docs/version-1.8.x/troubleshooting/cluster-onboarding.mdx",288275],"674a83dc":[()=&gt;r.e("44185").then(r.bind(r,964575)),"@site/versioned_docs/version-1.11.x/refs/test/v1/echo.mdx",964575],"675b1f19":[()=&gt;r.e("62701").then(r.bind(r,524017)),"@site/versioned_docs/version-1.11.x/operations/features/tls-origin-multi-cluster.mdx",524017],"6761038d":[()=&gt;r.e("57402").then(r.bind(r,992310)),"@site/versioned_docs/version-next/concepts/glossary.md",992310],"6765e701":[()=&gt;Promise.all([r.e("86212"),r.e("4368")]).then(r.bind(r,101627)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/introduction.mdx",101627],"676c3fce":[()=&gt;r.e("27249").then(r.bind(r,810478)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",810478],"676e2ecd":[()=&gt;r.e("59956").then(r.t.bind(r,561106,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-observability-telemetry-v-2-yaml-e5e.json",561106],"677989d8":[()=&gt;Promise.all([r.e("86212"),r.e("53334")]).then(r.bind(r,864316)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/cluster-failover.mdx",864316],0x40c634d:[()=&gt;r.e("77681").then(r.bind(r,543412)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",543412],"67b07f5d":[()=&gt;r.e("53516").then(r.bind(r,895813)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/collect.md",895813],"67db141a":[()=&gt;r.e("15119").then(r.bind(r,495573)),"@site/versioned_docs/version-1.10.x/refs/install/controlplane/v1alpha1/spec.mdx",495573],"67e60501":[()=&gt;r.e("78325").then(r.bind(r,257975)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/security_service.mdx",257975],"680c3197":[()=&gt;r.e("51287").then(r.bind(r,544403)),"@site/versioned_docs/version-1.7.x/operations/features/label-annotation.mdx",544403],"680f00e2":[()=&gt;r.e("9746").then(r.bind(r,369549)),"@site/versioned_docs/version-1.9.x/setup/certificate/certificate-setup.mdx",369549],"681092c0":[()=&gt;r.e("40115").then(r.bind(r,897)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/waf_settings.mdx",897],"6826edbf":[()=&gt;r.e("35608").then(r.bind(r,597758)),"@site/versioned_docs/version-1.12.x/operations/features/tls-origin-multi-cluster.mdx",597758],"68290f8f":[()=&gt;r.e("60600").then(r.bind(r,512464)),"@site/versioned_docs/version-1.12.x/setup/self-managed/uninstallation.mdx",512464],"684794e0":[()=&gt;r.e("82915").then(r.bind(r,947400)),"@site/versioned_docs/version-1.12.x/knowledge-base/faq.mdx",947400],"684d1e0c":[()=&gt;r.e("58055").then(r.bind(r,228914)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",228914],"6855733e":[()=&gt;r.e("34465").then(r.bind(r,90297)),"@site/versioned_docs/version-1.8.x/operations/users/configuring-ldap.mdx",90297],"685b1163":[()=&gt;r.e("39598").then(r.bind(r,811374)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",811374],"685f5db1":[()=&gt;r.e("57931").then(r.bind(r,577824)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",577824],0x419062f:[()=&gt;r.e("13618").then(r.bind(r,954696)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",954696],"689fc6b7":[()=&gt;r.e("32285").then(r.bind(r,162950)),"@site/versioned_docs/version-1.12.x/operations/features/internal-wasm-extensions.mdx",162950],"68a46446":[()=&gt;r.e("37890").then(r.bind(r,173851)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/traffic-management.mdx",173851],"68a4940c":[()=&gt;r.e("38385").then(r.bind(r,496140)),"@site/versioned_docs/version-next/refs/tsb/extension/v2/wasm_extension.mdx",496140],"68c5cbf2":[()=&gt;r.e("6578").then(r.bind(r,140421)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/operations.mdx",140421],"68d523a5":[()=&gt;Promise.all([r.e("86212"),r.e("41949")]).then(r.bind(r,705677)),"@site/versioned_docs/version-1.8.x/howto/gateway/shared-ingress.mdx",705677],"68d6b3a0":[()=&gt;r.e("24241").then(r.bind(r,754389)),"@site/versioned_docs/version-1.10.x/operations/migrate-organization.mdx",754389],"68df2929":[()=&gt;r.e("44379").then(r.bind(r,368893)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",368893],"68e15208":[()=&gt;r.e("12129").then(r.t.bind(r,867927,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-knowledge-base-b10.json",867927],"68ea3bd8":[()=&gt;r.e("58580").then(r.t.bind(r,14073,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-yaml-api-8be.json",14073],"68f5c4c0":[()=&gt;r.e("5248").then(r.bind(r,614633)),"@site/versioned_docs/version-next/operations/features/istio-cni.mdx",614633],"68f94299":[()=&gt;r.e("1177").then(r.t.bind(r,578522,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-workload-onboarding-onboarding-runtime-351.json",578522],"691626e7":[()=&gt;r.e("55771").then(r.bind(r,682112)),"@site/versioned_docs/version-1.10.x/refs/tsb/auth/v2/auth.mdx",682112],"69364bd0":[()=&gt;r.e("76296").then(r.bind(r,821818)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",821818],"6951a79e":[()=&gt;r.e("68004").then(r.bind(r,126780)),"@site/versioned_docs/version-1.11.x/knowledge-base/faq.mdx",126780],"69601da2":[()=&gt;r.e("58613").then(r.t.bind(r,789575,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-e9d.json",789575],"69652c79":[()=&gt;r.e("55734").then(r.bind(r,312144)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/config.md",312144],"698e6a8e":[()=&gt;r.e("82618").then(r.bind(r,662549)),"@site/versioned_docs/version-1.9.x/refs/tsb/application/v2/openapi_extensions.mdx",662549],"69b33028":[()=&gt;r.e("61995").then(r.bind(r,757382)),"@site/versioned_docs/version-1.7.x/operations/graceful-connection-drain.mdx",757382],"69ec189e":[()=&gt;r.e("44415").then(r.bind(r,263603)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",263603],"69ffc1e8":[()=&gt;Promise.all([r.e("86212"),r.e("78781")]).then(r.bind(r,302221)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/deploy-service.mdx",302221],"6a1e622e":[()=&gt;r.e("32980").then(r.bind(r,517251)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",517251],"6a3c4e00":[()=&gt;r.e("84714").then(r.bind(r,143676)),"@site/versioned_docs/version-1.7.x/operations/users/configuring-ldap.mdx",143676],"6a44e320":[()=&gt;r.e("75764").then(r.bind(r,13586)),"@site/versioned_docs/version-1.9.x/operations/users/roles-and-permissions.mdx",13586],"6a47cc66":[()=&gt;r.e("33943").then(r.t.bind(r,232639,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-registry-v-2-grpc-db7.json",232639],"6a6af04d":[()=&gt;r.e("26287").then(r.bind(r,764916)),"@site/versioned_docs/version-1.10.x/refs/tsb/application/v2/application.mdx",764916],"6a748c3f":[()=&gt;r.e("79086").then(r.t.bind(r,262534,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-gateway-v-2-grpc-f90.json",262534],"6a9938dc":[()=&gt;r.e("40995").then(r.bind(r,589432)),"@site/versioned_docs/version-1.8.x/howto/authorization/tls-verification.mdx",589432],"6a9dee43":[()=&gt;r.e("20758").then(r.t.bind(r,123119,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-registry-v-2-grpc-eb8.json",123119],"6ab251bd":[()=&gt;r.e("4153").then(r.bind(r,217063)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/guide.mdx",217063],"6ab32c44":[()=&gt;Promise.all([r.e("86212"),r.e("81122")]).then(r.bind(r,159773)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/high-availability.mdx",159773],"6ab8cb09":[()=&gt;r.e("19036").then(r.bind(r,271986)),"@site/versioned_docs/version-1.6.x/refs/tsb/observability/telemetry/v2/metric.mdx",271986],"6aca1c16":[()=&gt;r.e("58277").then(r.bind(r,966301)),"@site/versioned_docs/version-1.9.x/reference/samples/httpbin.mdx",966301],"6ad1a68b":[()=&gt;r.e("96211").then(r.bind(r,351371)),"@site/versioned_docs/version-1.8.x/setup/remote-registry.mdx",351371],"6ad82cd7":[()=&gt;r.e("23673").then(r.bind(r,277211)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/promote-service.mdx",277211],"6ad92c1d":[()=&gt;r.e("25787").then(r.bind(r,855507)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",855507],"6add5267":[()=&gt;r.e("22255").then(r.bind(r,203829)),"@site/versioned_docs/version-1.9.x/concepts/traffic-management.mdx",203829],"6aefdf1c":[()=&gt;r.e("99960").then(r.bind(r,442865)),"@site/versioned_docs/version-1.9.x/setup/helm/managementplane.mdx",442865],"6b2049bf":[()=&gt;r.e("52849").then(r.bind(r,95535)),"@site/versioned_docs/version-next/operations/postgresql/auditlog-retention.mdx",95535],"6b22ef8c":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("41457")]).then(r.bind(r,296078)),"@site/versioned_docs/version-1.10.x/quickstart/observability.mdx",296078],"6b35d569":[()=&gt;r.e("95974").then(r.bind(r,346782)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",346782],"6b654ad8":[()=&gt;r.e("99767").then(r.bind(r,2053)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",2053],"6b73fa19":[()=&gt;r.e("7262").then(r.bind(r,620974)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/role_service.mdx",620974],"6b7a4444":[()=&gt;r.e("86843").then(r.bind(r,584789)),"@site/versioned_docs/version-1.7.x/troubleshooting/cluster-onboarding.mdx",584789],"6b97dc00":[()=&gt;r.e("82122").then(r.bind(r,891387)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",891387],"6baf3922":[()=&gt;r.e("29967").then(r.bind(r,727756)),"@site/versioned_docs/version-1.11.x/knowledge-base/gitops.mdx",727756],"6bb28324":[()=&gt;Promise.all([r.e("86212"),r.e("99983")]).then(r.bind(r,920388)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/demo-1.mdx",920388],"6bc4cb6c":[()=&gt;r.e("23163").then(r.bind(r,596678)),"@site/versioned_docs/version-1.8.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",596678],"6bc91366":[()=&gt;r.e("79297").then(r.bind(r,144983)),"@site/versioned_docs/version-1.8.x/operations/telemetry/red-metrics.mdx",144983],"6bcfe992":[()=&gt;r.e("84739").then(r.t.bind(r,937034,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-quickstart-bfe.json",937034],"6bd7df86":[()=&gt;r.e("91502").then(r.bind(r,665175)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/ingress_gateway.mdx",665175],"6c068937":[()=&gt;Promise.all([r.e("86212"),r.e("98091")]).then(r.bind(r,361309)),"@site/versioned_docs/version-1.8.x/setup/upgrades/non-revisioned-to-revisioned.mdx",361309],"6c0b8ddb":[()=&gt;r.e("47013").then(r.bind(r,661683)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/api_access_bindings.mdx",661683],"6c122d5c":[()=&gt;Promise.all([r.e("86212"),r.e("9960")]).then(r.bind(r,953515)),"@site/versioned_docs/version-1.12.x/howto/gateway/oas-validation.mdx",953515],"6c185d8b":[()=&gt;r.e("21091").then(r.t.bind(r,100987,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-workload-onboarding-8dc.json",100987],"6c1c6a1e":[()=&gt;r.e("54259").then(r.t.bind(r,14772,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-workload-onboarding-cf3.json",14772],"6c44a734":[()=&gt;r.e("24049").then(r.t.bind(r,372281,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-workload-onboarding-quickstart-640.json",372281],"6c46fd54":[()=&gt;r.e("21482").then(r.bind(r,604304)),"@site/versioned_docs/version-next/howto/network-policies.mdx",604304],"6c4af4be":[()=&gt;r.e("1851").then(r.bind(r,414402)),"@site/versioned_docs/version-1.9.x/concepts/glossary.md",414402],"6c4d7825":[()=&gt;r.e("40981").then(r.bind(r,995537)),"@site/versioned_docs/version-1.6.x/refs/tsb/application/v2/application.mdx",995537],"6c4eb511":[()=&gt;r.e("31556").then(r.bind(r,586903)),"@site/versioned_docs/version-1.12.x/howto/gateway/host-based-egress-access-control.mdx",586903],"6c5ef75f":[()=&gt;r.e("81478").then(r.bind(r,961920)),"@site/versioned_docs/version-1.6.x/quickstart/workspace.mdx",961920],"6c6b773d":[()=&gt;r.e("61735").then(r.bind(r,374180)),"@site/versioned_docs/version-1.12.x/refs/tsb/profile/v2/profile_service.mdx",374180],"6c7380ed":[()=&gt;r.e("64026").then(r.t.bind(r,701870,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-f24.json",701870],"6cb22e65":[()=&gt;r.e("69494").then(r.bind(r,88539)),"@site/versioned_docs/version-1.6.x/setup/helm/controlplane.mdx",88539],"6cb40ca5":[()=&gt;r.e("74403").then(r.bind(r,356327)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/status_service.mdx",356327],"6cb45aaa":[()=&gt;r.e("44394").then(r.t.bind(r,725782,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-auth-v-2-yaml-640.json",725782],"6cb5fc5a":[()=&gt;r.e("66640").then(r.bind(r,609522)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/ingress-gateway.mdx",609522],"6cbd2614":[()=&gt;r.e("70791").then(r.bind(r,206554)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/team_service.mdx",206554],"6cbfe36e":[()=&gt;r.e("48001").then(r.bind(r,761167)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/policy_service.mdx",761167],"6cc5c6a8":[()=&gt;r.e("68058").then(r.bind(r,443613)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/workspace.mdx",443613],"6ce142c9":[()=&gt;Promise.all([r.e("86212"),r.e("55647")]).then(r.bind(r,207016)),"@site/versioned_docs/version-1.6.x/howto/authorization/toc.mdx",207016],"6cf6cabc":[()=&gt;r.e("56080").then(r.bind(r,579086)),"@site/versioned_docs/version-1.10.x/operations/telemetry/new-relic.mdx",579086],"6cf7e1f8":[()=&gt;r.e("63482").then(r.bind(r,932664)),"@site/versioned_docs/version-1.7.x/concepts/service-mesh.mdx",932664],"6d030ea8":[()=&gt;r.e("66493").then(r.t.bind(r,863094,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-upgrades-123.json",863094],"6d0b7751":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("10159")]).then(r.bind(r,655845)),"@site/versioned_docs/version-1.7.x/design-guides/index.mdx",655845],"6d19d0cb":[()=&gt;r.e("25540").then(r.bind(r,275221)),"@site/versioned_docs/version-1.7.x/troubleshooting/gateway-troubleshooting.mdx",275221],"6d1eead7":[()=&gt;r.e("35650").then(r.bind(r,386756)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/role.mdx",386756],"6d39837a":[()=&gt;r.e("44632").then(r.bind(r,937717)),"@site/versioned_docs/version-1.12.x/refs/tsb/application/v2/application_service.mdx",937717],"6d4a87e6":[()=&gt;r.e("17632").then(r.bind(r,761045)),"@site/versioned_docs/version-1.10.x/setup/certificate/certificate-requirements.mdx",761045],"6d6a2146":[()=&gt;r.e("72470").then(r.bind(r,787965)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/completion.md",787965],"6d8e3db4":[()=&gt;r.e("40920").then(r.t.bind(r,543517,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-howto-gitops-a93.json",543517],"6d91c7ae":[()=&gt;r.e("97820").then(r.bind(r,191022)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",191022],"6d992181":[()=&gt;r.e("3307").then(r.bind(r,185923)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/cluster.mdx",185923],"6db45325":[()=&gt;Promise.all([r.e("86212"),r.e("29762")]).then(r.bind(r,524251)),"@site/versioned_docs/version-next/design-guides/app-onboarding/security.mdx",524251],"6dba4673":[()=&gt;r.e("36734").then(r.bind(r,720523)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/role_service.mdx",720523],"6dbacd90":[()=&gt;Promise.all([r.e("86212"),r.e("91250")]).then(r.bind(r,256948)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",256948],"6dc0fe29":[()=&gt;r.e("75445").then(r.bind(r,160133)),"@site/versioned_docs/version-1.9.x/setup/helm/helm.mdx",160133],"6de62742":[()=&gt;r.e("25795").then(r.bind(r,488121)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api.md",488121],"6df1dc8e":[()=&gt;r.e("1").then(r.bind(r,384424)),"@site/versioned_docs/version-1.9.x/troubleshooting/cluster-onboarding.mdx",384424],"6e207a93":[()=&gt;r.e("50735").then(r.t.bind(r,53995,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-k-8-s-api-3ef.json",53995],"6e268d65":[()=&gt;r.e("46073").then(r.t.bind(r,227896,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-traffic-v-2-grpc-bd5.json",227896],"6e28b389":[()=&gt;r.e("58188").then(r.t.bind(r,366050,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-a1b.json",366050],"6e741e54":[()=&gt;r.e("44109").then(r.bind(r,650916)),"@site/versioned_docs/version-1.12.x/quickstart/workspace.mdx",650916],"6e75d441":[()=&gt;r.e("30088").then(r.bind(r,1111)),"@site/versioned_docs/version-next/reference/cli/reference/login.md",1111],"6e7bf777":[()=&gt;Promise.all([r.e("86212"),r.e("37297")]).then(r.bind(r,33708)),"@site/versioned_docs/version-1.9.x/setup/upgrades/non-revisioned-to-revisioned.mdx",33708],"6e89addd":[()=&gt;r.e("98191").then(r.bind(r,599928)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/organization.mdx",599928],"6e8de50a":[()=&gt;r.e("21008").then(r.bind(r,706967)),"@site/versioned_docs/version-1.9.x/operations/features/enable-config-protection.mdx",706967],"6ebb9423":[()=&gt;r.e("77865").then(r.bind(r,955129)),"@site/versioned_docs/version-1.6.x/setup/isolation-boundaries.mdx",955129],"6ece32c3":[()=&gt;r.e("9912").then(r.bind(r,862432)),"@site/versioned_docs/version-1.6.x/setup/certificate/certificate-setup.mdx",862432],"6ed7c04a":[()=&gt;r.e("83463").then(r.bind(r,296066)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/apply.md",296066],"6ed8dcbe":[()=&gt;r.e("1994").then(r.bind(r,316335)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io.md",316335],"6ee73fa2":[()=&gt;r.e("83609").then(r.bind(r,803954)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/organization_service.mdx",803954],"6ef8343a":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("40389")]).then(r.bind(r,558196)),"@site/versioned_docs/version-next/howto/gateway/end-user-auth-keycloak.mdx",558196],"6f014316":[()=&gt;Promise.all([r.e("86212"),r.e("23039")]).then(r.bind(r,186821)),"@site/versioned_docs/version-1.11.x/reference/cli/guide/index.mdx",186821],"6f033c91":[()=&gt;r.e("62985").then(r.t.bind(r,973412,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-troubleshooting-00f.json",973412],"6f0fce1a":[()=&gt;r.e("57202").then(r.bind(r,930386)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",930386],"6f1e6f27":[()=&gt;Promise.all([r.e("86212"),r.e("20600")]).then(r.bind(r,392957)),"@site/versioned_docs/version-1.8.x/concepts/operators/toc.mdx",392957],"6f39c603":[()=&gt;r.e("64811").then(r.bind(r,345781)),"@site/versioned_docs/version-1.6.x/howto/gitops/flux.mdx",345781],"6f4f4d8c":[()=&gt;r.e("45367").then(r.bind(r,762119)),"@site/versioned_docs/version-1.7.x/reference/samples/httpbin.mdx",762119],"6f4f82fe":[()=&gt;r.e("81833").then(r.t.bind(r,981283,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-traffic-v-2-grpc-381.json",981283],"6fa3c1ae":[()=&gt;Promise.all([r.e("86212"),r.e("82500")]).then(r.bind(r,931607)),"@site/versioned_docs/version-1.10.x/design-guides/ha-dr-mp/dr-managementplane.mdx",931607],"6fa89d65":[()=&gt;r.e("35689").then(r.bind(r,585348)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",585348],"6fb6b9c3":[()=&gt;r.e("93652").then(r.bind(r,760677)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",760677],"6fb7b5f0":[()=&gt;r.e("19573").then(r.bind(r,605257)),"@site/versioned_docs/version-next/quickstart/introduction.mdx",605257],"6fc5aa31":[()=&gt;r.e("72171").then(r.bind(r,440449)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",440449],"6fc9a668":[()=&gt;r.e("44083").then(r.bind(r,810687)),"@site/versioned_docs/version-next/refs/install/common/common_config.mdx",810687],"6fd439dd":[()=&gt;r.e("20523").then(r.bind(r,80041)),"@site/versioned_docs/version-1.12.x/refs/tsb/q/v2/approvals_service.mdx",80041],"6fd48284":[()=&gt;r.e("85169").then(r.bind(r,545716)),"@site/versioned_docs/version-1.7.x/concepts/glossary.md",545716],"6fd7f91f":[()=&gt;r.e("90807").then(r.bind(r,738381)),"@site/versioned_docs/version-1.12.x/refs/tsb/extension/v2/wasm_extension.mdx",738381],"700afb95":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("93173")]).then(r.bind(r,411504)),"@site/versioned_docs/version-1.6.x/howto/traffic/canary-releases.mdx",411504],"7030b983":[()=&gt;r.e("6622").then(r.bind(r,510363)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/api_access_bindings.mdx",510363],"704cccd5":[()=&gt;r.e("11739").then(r.bind(r,606786)),"@site/versioned_docs/version-1.6.x/operations/telemetry/telemetry-architecture.mdx",606786],"704ebc70":[()=&gt;Promise.all([r.e("86212"),r.e("77928")]).then(r.bind(r,684902)),"@site/versioned_docs/version-1.11.x/concepts/operators/toc.mdx",684902],"705b68d1":[()=&gt;r.e("38999").then(r.bind(r,285620)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",285620],"705fb5fe":[()=&gt;r.e("88023").then(r.bind(r,379154)),"@site/versioned_docs/version-1.12.x/concepts/terminology.mdx",379154],"706efd88":[()=&gt;r.e("97433").then(r.bind(r,610121)),"@site/versioned_docs/version-1.12.x/operations/graceful-connection-drain.mdx",610121],0x438c5d4:[()=&gt;r.e("44221").then(r.bind(r,278377)),"@site/versioned_docs/version-1.6.x/operations/xcp-to-edge-jwt-authentication.mdx",278377],"70ab2675":[()=&gt;Promise.all([r.e("86212"),r.e("44497")]).then(r.bind(r,15135)),"@site/versioned_docs/version-1.10.x/setup/self-managed/management-plane-installation.mdx",15135],"70f35080":[()=&gt;r.e("86510").then(r.t.bind(r,802577,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-security-v-2-grpc-e69.json",802577],"7111ec88":[()=&gt;r.e("82752").then(r.bind(r,276823)),"@site/versioned_docs/version-next/operations/features/internal-wasm-extensions.mdx",276823],"71166a01":[()=&gt;r.e("91566").then(r.bind(r,947674)),"@site/versioned_docs/version-1.6.x/howto/gateway/egress-gateways.mdx",947674],"713912e5":[()=&gt;r.e("53277").then(r.bind(r,982168)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",982168],"7150b41b":[()=&gt;r.e("83285").then(r.bind(r,43971)),"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-terminology.mdx",43971],"7154a2f9":[()=&gt;r.e("62509").then(r.bind(r,666869)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",666869],"7193dae0":[()=&gt;r.e("42711").then(r.bind(r,34847)),"@site/versioned_docs/version-1.10.x/knowledge-base/gitops.mdx",34847],"71957f9f":[()=&gt;Promise.all([r.e("86212"),r.e("85643")]).then(r.bind(r,118803)),"@site/versioned_docs/version-1.7.x/howto/authorization/toc.mdx",118803],"71a3798f":[()=&gt;r.e("46398").then(r.bind(r,403716)),"@site/versioned_docs/version-1.6.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",403716],"71b0e09a":[()=&gt;r.e("37666").then(r.bind(r,367626)),"@site/versioned_docs/version-1.12.x/troubleshooting/gateway-troubleshooting.mdx",367626],"71ccef3e":[()=&gt;r.e("85996").then(r.bind(r,486972)),"@site/versioned_docs/version-1.8.x/howto/gitops/gitops.mdx",486972],"71e266b2":[()=&gt;r.e("19523").then(r.bind(r,479724)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/validate.md",479724],"71f0b7a9":[()=&gt;r.e("36133").then(r.bind(r,964183)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/tctl.md",964183],"7214ffd6":[()=&gt;r.e("63014").then(r.bind(r,697507)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",697507],0x44e493a:[()=&gt;r.e("16388").then(r.bind(r,631757)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/apply.md",631757],"7233abc0":[()=&gt;Promise.all([r.e("86212"),r.e("95720")]).then(r.bind(r,170149)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/prepare.mdx",170149],"723f39f8":[()=&gt;r.e("99994").then(r.bind(r,696849)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",696849],"72428bc7":[()=&gt;r.e("62519").then(r.bind(r,207771)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/workspace_service.mdx",207771],"724a718e":[()=&gt;r.e("49465").then(r.bind(r,50521)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",50521],"725bbb6f":[()=&gt;Promise.all([r.e("86212"),r.e("55622")]).then(r.bind(r,218115)),"@site/versioned_docs/version-1.12.x/setup/upgrades/non-revisioned-to-revisioned.mdx",218115],"7267096e":[()=&gt;r.e("56877").then(r.t.bind(r,972345,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-install-84f.json",972345],"726e0733":[()=&gt;r.e("2301").then(r.bind(r,696358)),"@site/versioned_docs/version-1.6.x/operations/vault/postgresql.mdx",696358],"7285017a":[()=&gt;r.e("3865").then(r.bind(r,58402)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/version.md",58402],"7287d091":[()=&gt;r.e("57507").then(r.bind(r,398394)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/security_service.mdx",398394],"7296dd28":[()=&gt;r.e("89520").then(r.bind(r,265796)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/discovery/v1alpha1/discovery.mdx",265796],"72b4c531":[()=&gt;r.e("45521").then(r.bind(r,741938)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/organization.mdx",741938],"72c1cc06":[()=&gt;r.e("13113").then(r.bind(r,704393)),"@site/versioned_docs/version-1.11.x/howto/wasm/wasm-extension.mdx",704393],"72dfa945":[()=&gt;r.e("74700").then(r.bind(r,720701)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/organization_setting.mdx",720701],"72e9b833":[()=&gt;r.e("68969").then(r.t.bind(r,533282,19)),"@generated/docusaurus-plugin-redoc/1_8_x/__plugin.json",533282],"72ec5644":[()=&gt;r.e("32368").then(r.bind(r,552351)),"@site/versioned_docs/version-1.6.x/refs/tsb/application/v2/application_service.mdx",552351],"72f08838":[()=&gt;r.e("88677").then(r.t.bind(r,347489,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-users-0cd.json",347489],"7321957a":[()=&gt;r.e("25931").then(r.bind(r,929509)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/discovery/v1alpha1/discovery.mdx",929509],"732e1c15":[()=&gt;r.e("65609").then(r.bind(r,730846)),"@site/versioned_docs/version-1.10.x/operations/users/user-synchronization.mdx",730846],0x4606d58:[()=&gt;r.e("55091").then(r.bind(r,633546)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",633546],"73479fd2":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("6125")]).then(r.bind(r,674752)),"@site/versioned_docs/version-1.6.x/howto/gateway/multi-cluster-traffic-shifting.mdx",674752],"734fcc29":[()=&gt;r.e("63154").then(r.bind(r,149577)),"@site/versioned_docs/version-next/reference/cli/reference/install.md",149577],"735e4dce":[()=&gt;Promise.all([r.e("86212"),r.e("72352")]).then(r.bind(r,947330)),"@site/versioned_docs/version-1.11.x/setup/upgrades/non-revisioned-to-revisioned.mdx",947330],"736d63c6":[()=&gt;r.e("91860").then(r.bind(r,528006)),"@site/versioned_docs/version-1.8.x/concepts/operators/data-plane.mdx",528006],"737005c1":[()=&gt;r.e("30489").then(r.bind(r,75194)),"@site/versioned_docs/version-1.6.x/concepts/operators/data-plane.mdx",75194],"7389b9b3":[()=&gt;r.e("32166").then(r.t.bind(r,791661,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-061.json",791661],"738d813c":[()=&gt;r.e("52672").then(r.bind(r,885277)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",885277],"738d99ca":[()=&gt;r.e("85108").then(r.bind(r,787879)),"@site/versioned_docs/version-next/refs/onboarding/private/protocol/registration/v1alpha1/registration_service.mdx",787879],"73a5aedd":[()=&gt;r.e("93893").then(r.bind(r,921146)),"@site/versioned_docs/version-1.7.x/operations/features/configure-gitops.mdx",921146],"73c47d84":[()=&gt;r.e("71180").then(r.t.bind(r,942441,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-v-2-yaml-84a.json",942441],"73da206b":[()=&gt;r.e("95572").then(r.bind(r,422139)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/organization.mdx",422139],"73e15154":[()=&gt;r.e("98658").then(r.bind(r,824462)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/setup.mdx",824462],"74001dc0":[()=&gt;r.e("14978").then(r.bind(r,676259)),"@site/versioned_docs/version-1.8.x/setup/aws/container-marketplace.mdx",676259],"741034d8":[()=&gt;Promise.all([r.e("86212"),r.e("38133")]).then(r.bind(r,755647)),"@site/versioned_docs/version-1.9.x/setup/upgrades/revisioned-to-revisioned.mdx",755647],0x46cdce1:[()=&gt;r.e("53296").then(r.bind(r,264706)),"@site/versioned_docs/version-1.9.x/refs/tsb/registry/v2/lookup_service.mdx",264706],0x46d1be7:[()=&gt;Promise.all([r.e("86212"),r.e("9694")]).then(r.bind(r,886800)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/monitor.mdx",886800],"743b18bf":[()=&gt;r.e("38350").then(r.bind(r,972419)),"@site/versioned_docs/version-1.12.x/refs/tsb/auth/v2/auth.mdx",972419],"7464fb30":[()=&gt;r.e("78731").then(r.bind(r,759746)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",759746],"747adb62":[()=&gt;r.e("74975").then(r.t.bind(r,754765,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-cli-19d.json",754765],"748e33f5":[()=&gt;r.e("70639").then(r.t.bind(r,935047,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-grpc-api-reference-c55.json",935047],0x4778bec:[()=&gt;r.e("62746").then(r.t.bind(r,711955,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-auth-v-2-yaml-c92.json",711955],"74b397b3":[()=&gt;r.e("84988").then(r.bind(r,349980)),"@site/versioned_docs/version-next/refs/tsb/segmentation/v1/service.mdx",349980],"74bba799":[()=&gt;Promise.all([r.e("86212"),r.e("26208")]).then(r.bind(r,947737)),"@site/versioned_docs/version-1.8.x/setup/upgrades/gateway-upgrade.mdx",947737],"74c1d0e9":[()=&gt;r.e("35977").then(r.bind(r,9744)),"@site/versioned_docs/version-1.8.x/setup/certificate/certificate-requirements.mdx",9744],"74c8ede2":[()=&gt;r.e("45145").then(r.bind(r,603529)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/gateway_common.mdx",603529],"74de2939":[()=&gt;r.e("61567").then(r.bind(r,839946)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/version.md",839946],"74e68507":[()=&gt;r.e("85567").then(r.bind(r,685389)),"@site/versioned_docs/version-1.9.x/refs/install/common/common_config.mdx",685389],"74f6f670":[()=&gt;r.e("21775").then(r.bind(r,405496)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/gateway_service.mdx",405496],"75103ddb":[()=&gt;r.e("87958").then(r.bind(r,412755)),"@site/versioned_docs/version-1.10.x/setup/helm/helm.mdx",412755],"7513d241":[()=&gt;r.e("15496").then(r.bind(r,972973)),"@site/versioned_docs/version-1.7.x/operations/configure-log-levels.mdx",972973],"7517ae78":[()=&gt;r.e("99787").then(r.bind(r,509443)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/tenant_service.mdx",509443],"752a22a6":[()=&gt;r.e("8931").then(r.bind(r,408706)),"@site/versioned_docs/version-next/reference/cli/reference/version.md",408706],"7544b9db":[()=&gt;r.e("87495").then(r.t.bind(r,579784,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-features-453.json",579784],"755f8d91":[()=&gt;r.e("34301").then(r.t.bind(r,638782,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-operators-513.json",638782],"757dd5fc":[()=&gt;r.e("79386").then(r.bind(r,868426)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/introduction.mdx",868426],"7582dd15":[()=&gt;r.e("24041").then(r.t.bind(r,456745,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-tags-tsb-quickstart-c45.json",456745],"75893e91":[()=&gt;r.e("10234").then(r.bind(r,915011)),"@site/versioned_docs/version-1.8.x/concepts/terminology.mdx",915011],"75910eb0":[()=&gt;r.e("20151").then(r.bind(r,900999)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",900999],"759bd4dd":[()=&gt;r.e("35476").then(r.t.bind(r,324767,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-howto-traffic-5c1.json",324767],"75b10b50":[()=&gt;r.e("14507").then(r.bind(r,246178)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",246178],"75d73136":[()=&gt;r.e("69291").then(r.bind(r,572082)),"@site/versioned_docs/version-1.6.x/troubleshooting/gateway-troubleshooting.mdx",572082],"763edf01":[()=&gt;r.e("49502").then(r.bind(r,326359)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",326359],"7645b66f":[()=&gt;Promise.all([r.e("86212"),r.e("8804")]).then(r.bind(r,182136)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/toc.mdx",182136],"768864d3":[()=&gt;Promise.all([r.e("86212"),r.e("76106")]).then(r.bind(r,731199)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/monitor.mdx",731199],"76982a88":[()=&gt;r.e("79876").then(r.t.bind(r,890366,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-registry-v-2-grpc-1d3.json",890366],"76b42655":[()=&gt;r.e("88494").then(r.bind(r,856816)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/edge-failover.mdx",856816],"76cd3d8b":[()=&gt;r.e("145").then(r.bind(r,420865)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/tenant_access_bindings.mdx",420865],"76cf3f3c":[()=&gt;r.e("83365").then(r.bind(r,379299)),"@site/versioned_docs/version-1.12.x/refs/tsb/types/v2/types.mdx",379299],"76d545b9":[()=&gt;r.e("4345").then(r.bind(r,410045)),"@site/versioned_docs/version-1.10.x/design-guides/ha-dr-mp/introduction.mdx",410045],"76d9508c":[()=&gt;r.e("86648").then(r.bind(r,306882)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/service-to-service.mdx",306882],"76ebe9f6":[()=&gt;r.e("94705").then(r.bind(r,996387)),"@site/versioned_docs/version-1.9.x/refs/install/managementplane/v1alpha1/spec.mdx",996387],"76edd589":[()=&gt;r.e("12483").then(r.bind(r,985927)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",985927],"7716e76e":[()=&gt;r.e("656").then(r.bind(r,456429)),"@site/versioned_docs/version-1.10.x/operations/users/tsb-fqns.mdx",456429],"77186d5a":[()=&gt;Promise.all([r.e("86212"),r.e("97924")]).then(r.bind(r,614173)),"@site/versioned_docs/version-1.11.x/setup/upgrades/gateway-upgrade.mdx",614173],"773a5575":[()=&gt;r.e("62506").then(r.bind(r,538524)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",538524],"773aceef":[()=&gt;r.e("87936").then(r.bind(r,574717)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/tier1-gateway.mdx",574717],"7752c5bd":[()=&gt;r.e("89708").then(r.bind(r,915258)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",915258],"77cc394b":[()=&gt;r.e("2431").then(r.bind(r,775899)),"@site/versioned_docs/version-next/refs/test/v1/echo.mdx",775899],"77e3177f":[()=&gt;r.e("84630").then(r.t.bind(r,477418,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-install-85d.json",477418],"77e7de39":[()=&gt;r.e("81105").then(r.bind(r,341804)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",341804],"77e93e6f":[()=&gt;r.e("11365").then(r.bind(r,920832)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/status.md",920832],"77eb6ff4":[()=&gt;r.e("53478").then(r.t.bind(r,328189,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-grpc-api-reference-6ff.json",328189],"77f1bd98":[()=&gt;r.e("95803").then(r.bind(r,47944)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",47944],"7811bba1":[()=&gt;Promise.all([r.e("86212"),r.e("80674")]).then(r.bind(r,765105)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/introduction.mdx",765105],"7829d449":[()=&gt;r.e("97951").then(r.bind(r,430261)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt.mdx",430261],"7839b154":[()=&gt;r.e("57836").then(r.bind(r,665457)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",665457],"783e66d2":[()=&gt;r.e("95167").then(r.bind(r,724798)),"@site/versioned_docs/version-1.10.x/howto/gateway/multi-cluster-traffic-failover-priority.mdx",724798],"78479a19":[()=&gt;r.e("52427").then(r.bind(r,126467)),"@site/versioned_docs/version-next/knowledge-base/gitops.mdx",126467],"78643eb7":[()=&gt;r.e("12414").then(r.bind(r,723985)),"@site/versioned_docs/version-next/refs/onboarding/private/types/credential/aws/v1alpha1/ec2.mdx",723985],"787989a8":[()=&gt;r.e("42579").then(r.bind(r,977310)),"@site/versioned_docs/version-1.12.x/operations/telemetry/red-metrics.mdx",977310],"787ae5c4":[()=&gt;r.e("2950").then(r.bind(r,15683)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/workspace.mdx",15683],"788791c6":[()=&gt;r.e("43365").then(r.bind(r,318464)),"@site/versioned_docs/version-1.9.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",318464],"78a5fbe1":[()=&gt;r.e("20056").then(r.bind(r,479595)),"@site/versioned_docs/version-1.10.x/troubleshooting/identify-underperforming-services.mdx",479595],"78e350ef":[()=&gt;r.e("56387").then(r.bind(r,581191)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",581191],0x4b64a27:[()=&gt;r.e("94474").then(r.t.bind(r,947596,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-tags-featured-47f.json",947596],"7923927b":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("87842")]).then(r.bind(r,861999)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/onboarding-vms.mdx",861999],"7926905b":[()=&gt;r.e("5547").then(r.bind(r,82056)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",82056],"79302f39":[()=&gt;r.e("34441").then(r.bind(r,155295)),"@site/versioned_docs/version-1.11.x/setup/resource-planning.mdx",155295],"793483b5":[()=&gt;r.e("38102").then(r.bind(r,484991)),"@site/versioned_docs/version-1.11.x/howto/gateway/host-based-egress-access-control.mdx",484991],"7936c341":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("64102")]).then(r.bind(r,115452)),"@site/versioned_docs/version-1.11.x/quickstart/tenant.mdx",115452],"794cc8fb":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("85680")]).then(r.bind(r,864848)),"@site/versioned_docs/version-1.9.x/howto/gateway/multi-cluster-traffic-shifting.mdx",864848],"794da806":[()=&gt;r.e("45887").then(r.bind(r,829950)),"@site/versioned_docs/version-1.6.x/howto/gateway/app-ingress.mdx",829950],"796d75c8":[()=&gt;r.e("72658").then(r.t.bind(r,391994,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-0c1.json",391994],"796deb30":[()=&gt;r.e("7879").then(r.bind(r,458703)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/traffic_group.mdx",458703],"79796ad8":[()=&gt;r.e("51130").then(r.bind(r,283156)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",283156],"7981d308":[()=&gt;r.e("20813").then(r.t.bind(r,941955,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-tags-220.json",941955],"798b4c93":[()=&gt;r.e("48065").then(r.bind(r,219992)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/auth.mdx",219992],"7990b5df":[()=&gt;r.e("86165").then(r.bind(r,824471)),"@site/versioned_docs/version-1.10.x/operations/kube-customization.mdx",824471],"799390e9":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("54155")]).then(r.bind(r,73890)),"@site/versioned_docs/version-1.10.x/quickstart/ingress-gateway.mdx",73890],"79a4b6ad":[()=&gt;r.e("23383").then(r.bind(r,104043)),"@site/versioned_docs/version-1.11.x/howto/gateway/unified-gateway.mdx",104043],"79c37854":[()=&gt;Promise.all([r.e("86212"),r.e("42802")]).then(r.bind(r,735017)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",735017],"79c5c720":[()=&gt;r.e("41472").then(r.bind(r,919193)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",919193],"79ef96ec":[()=&gt;r.e("68474").then(r.bind(r,520946)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/onboarding.mdx",520946],"7a0a7eb5":[()=&gt;r.e("97286").then(r.t.bind(r,631611,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-howto-3b3.json",631611],"7a0c3e22":[()=&gt;r.e("69332").then(r.bind(r,668910)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",668910],"7a148ecf":[()=&gt;r.e("21290").then(r.bind(r,957637)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/status.mdx",957637],"7a2fed51":[()=&gt;r.e("96152").then(r.bind(r,513107)),"@site/versioned_docs/version-next/refs/tsb/v2/tenant_service.mdx",513107],"7a448d0c":[()=&gt;r.e("67259").then(r.bind(r,26845)),"@site/versioned_docs/version-1.12.x/operations/elasticsearch/wipe-elastic.mdx",26845],"7a6c7754":[()=&gt;r.e("78877").then(r.t.bind(r,908061,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-howto-gitops-f2d.json",908061],"7ae9d665":[()=&gt;r.e("89197").then(r.bind(r,930427)),"@site/versioned_docs/version-1.10.x/setup/isolation-boundaries.mdx",930427],"7aef01f9":[()=&gt;r.e("17522").then(r.t.bind(r,450685,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-318.json",450685],"7afd2700":[()=&gt;r.e("64323").then(r.bind(r,92792)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/delete.md",92792],"7b0aeab2":[()=&gt;Promise.all([r.e("86212"),r.e("23")]).then(r.bind(r,376280)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/toc.mdx",376280],"7b0dd22a":[()=&gt;r.e("65649").then(r.bind(r,392497)),"@site/versioned_docs/version-next/refs/tsb/diagnostic/v2/diagnostic_service.mdx",392497],"7b199bb3":[()=&gt;r.e("83797").then(r.t.bind(r,841230,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-b1f.json",841230],"7b1eed8c":[()=&gt;r.e("30832").then(r.t.bind(r,6540,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-registry-v-2-grpc-778.json",6540],"7b37e76a":[()=&gt;r.e("6720").then(r.t.bind(r,381956,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-workload-onboarding-ddc.json",381956],"7b3f3123":[()=&gt;r.e("94458").then(r.bind(r,543313)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",543313],"7b5225fc":[()=&gt;r.e("60979").then(r.bind(r,224010)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/gateway_common.mdx",224010],"7b7ae4b2":[()=&gt;r.e("37801").then(r.bind(r,516217)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/role.mdx",516217],"7b8391fd":[()=&gt;r.e("19596").then(r.bind(r,993903)),"@site/versioned_docs/version-1.8.x/howto/service-accounts.mdx",993903],"7bb58427":[()=&gt;r.e("88577").then(r.bind(r,8897)),"@site/versioned_docs/version-1.8.x/refs/tsb/traffic/v2/traffic_group.mdx",8897],"7bc075eb":[()=&gt;r.e("63454").then(r.t.bind(r,745123,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-cli-guide-toc-8a3.json",745123],"7bc7dead":[()=&gt;r.e("4490").then(r.bind(r,634211)),"@site/versioned_docs/version-next/reference/cli/reference/ui.md",634211],"7bde2f9d":[()=&gt;r.e("86043").then(r.bind(r,762937)),"@site/versioned_docs/version-next/reference/cli/reference/config.md",762937],"7be94b30":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("54915")]).then(r.bind(r,968194)),"@site/versioned_docs/version-1.6.x/quickstart/tenant.mdx",968194],"7bef8834":[()=&gt;r.e("37427").then(r.bind(r,846576)),"@site/versioned_docs/version-1.12.x/setup/tctl-connect.mdx",846576],"7bf3db19":[()=&gt;r.e("24855").then(r.bind(r,293614)),"@site/versioned_docs/version-next/howto/gateway/configure-oidc.mdx",293614],"7bfb7dba":[()=&gt;r.e("41387").then(r.bind(r,930587)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",930587],"7c1c8a8c":[()=&gt;r.e("36610").then(r.t.bind(r,608544,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-yaml-api-reference-3c8.json",608544],"7c255b57":[()=&gt;r.e("44003").then(r.t.bind(r,173502,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-release-notes-announcements-2a5.json",173502],"7c51ecc2":[()=&gt;r.e("31319").then(r.bind(r,357803)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/onboarding.mdx",357803],"7c662ff8":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("63852")]).then(r.bind(r,546331)),"@site/versioned_docs/version-next/quickstart/ingress-gateway.mdx",546331],"7c69b123":[()=&gt;r.e("95442").then(r.t.bind(r,469637,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-cli-guide-toc-d1c.json",469637],"7c90557e":[()=&gt;r.e("51030").then(r.bind(r,273556)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io.md",273556],"7c9e4826":[()=&gt;r.e("51811").then(r.bind(r,368938)),"@site/versioned_docs/version-1.9.x/reference/samples/opa.mdx",368938],"7cad2863":[()=&gt;r.e("31163").then(r.bind(r,707895)),"@site/versioned_docs/version-1.11.x/howto/service-accounts.mdx",707895],"7cccc313":[()=&gt;r.e("84626").then(r.bind(r,942169)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/status.mdx",942169],"7cd666d4":[()=&gt;r.e("90952").then(r.bind(r,191801)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/service-to-service.mdx",191801],"7ce0b23c":[()=&gt;r.e("24844").then(r.bind(r,835425)),"@site/versioned_docs/version-1.6.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",835425],"7cf72c0d":[()=&gt;r.e("64775").then(r.bind(r,288058)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",288058],"7cf8e7a5":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("59347")]).then(r.bind(r,2262)),"@site/versioned_docs/version-1.7.x/howto/gateway/multi-cluster-traffic-shifting.mdx",2262],"7cface22":[()=&gt;r.e("43900").then(r.bind(r,748070)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",748070],"7cfbe8f0":[()=&gt;r.e("68759").then(r.t.bind(r,54241,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-rbac-v-2-grpc-bdd.json",54241],"7d0e7f1c":[()=&gt;r.e("45435").then(r.bind(r,70383)),"@site/versioned_docs/version-1.7.x/cheatsheet/index.mdx",70383],"7d2835d1":[()=&gt;r.e("68634").then(r.t.bind(r,622528,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-troubleshooting-5f1.json",622528],"7d36be90":[()=&gt;Promise.all([r.e("86212"),r.e("10484")]).then(r.bind(r,402102)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/security.mdx",402102],"7d5e2c43":[()=&gt;r.e("92032").then(r.bind(r,872137)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/tier1_gateway.mdx",872137],"7d66849f":[()=&gt;r.e("49797").then(r.t.bind(r,563536,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-grpc-api-reference-9c0.json",563536],"7d91250a":[()=&gt;r.e("69965").then(r.t.bind(r,109276,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-diagnostic-v-2-grpc-400.json",109276],"7d921e40":[()=&gt;r.e("34446").then(r.bind(r,655874)),"@site/versioned_docs/version-1.12.x/concepts/glossary.md",655874],"7daa3d2a":[()=&gt;Promise.all([r.e("86212"),r.e("31199")]).then(r.bind(r,427113)),"@site/versioned_docs/version-1.10.x/concepts/operators/toc.mdx",427113],"7dc99d33":[()=&gt;r.e("74131").then(r.bind(r,478899)),"@site/versioned_docs/version-1.9.x/setup/helm/uninstallation.mdx",478899],"7de21296":[()=&gt;r.e("16455").then(r.bind(r,417324)),"@site/versioned_docs/version-1.6.x/setup/self-managed/upgrade.mdx",417324],"7e101620":[()=&gt;Promise.all([r.e("86212"),r.e("70496")]).then(r.bind(r,198340)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/deploy-service.mdx",198340],"7e243c5c":[()=&gt;r.e("25018").then(r.bind(r,785417)),"@site/versioned_docs/version-1.6.x/operations/users/user-synchronization.mdx",785417],"7e2b09d3":[()=&gt;r.e("62971").then(r.bind(r,84590)),"@site/versioned_docs/version-1.11.x/howto/gateway/app-ingress.mdx",84590],"7e35f5e0":[()=&gt;Promise.all([r.e("86212"),r.e("43936")]).then(r.bind(r,773068)),"@site/versioned_docs/version-1.6.x/setup/upgrades/gateway-upgrade.mdx",773068],"7e5832c7":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("98155")]).then(r.bind(r,419643)),"@site/versioned_docs/version-1.10.x/howto/gateway/end-user-auth-keycloak.mdx",419643],"7ea6cd4d":[()=&gt;r.e("20986").then(r.t.bind(r,491260,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-observability-telemetry-v-2-yaml-62f.json",491260],"7ea91119":[()=&gt;r.e("35140").then(r.bind(r,613103)),"@site/versioned_docs/version-1.6.x/setup/aws/container-marketplace.mdx",613103],"7eb8f6bb":[()=&gt;Promise.all([r.e("86212"),r.e("71691")]).then(r.bind(r,102517)),"@site/versioned_docs/version-1.7.x/setup/upgrades/gateway-upgrade.mdx",102517],"7ebbfd9f":[()=&gt;r.e("60853").then(r.t.bind(r,156307,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-extension-v-2-yaml-279.json",156307],"7f170e3a":[()=&gt;r.e("974").then(r.bind(r,975004)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/policy_service.mdx",975004],"7f19498b":[()=&gt;r.e("1702").then(r.bind(r,588713)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",588713],"7f50a08b":[()=&gt;r.e("62049").then(r.t.bind(r,877703,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-workload-onboarding-quickstart-811.json",877703],"7f665294":[()=&gt;r.e("97454").then(r.bind(r,680714)),"@site/versioned_docs/version-1.8.x/wokingwithsupport/workingWithTetrateSupport.mdx",680714],"7f6a03df":[()=&gt;r.e("36145").then(r.t.bind(r,615002,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-904.json",615002],"7f6feb45":[()=&gt;r.e("11629").then(r.bind(r,962475)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-quickstart.mdx",962475],"7fa9f196":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("26352")]).then(r.bind(r,204233)),"@site/versioned_docs/version-1.7.x/howto/traffic/canary-releases.mdx",204233],"7fac1838":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("83184")]).then(r.bind(r,200061)),"@site/versioned_docs/version-1.10.x/howto/traffic/canary-releases.mdx",200061],"7fb8d2e8":[()=&gt;r.e("91873").then(r.bind(r,892063)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/demo-2.mdx",892063],"7fc3953e":[()=&gt;r.e("61579").then(r.bind(r,88663)),"@site/versioned_docs/version-1.11.x/howto/promql-using-skywalking.mdx",88663],"7fd0a627":[()=&gt;Promise.all([r.e("86212"),r.e("26301")]).then(r.bind(r,210031)),"@site/versioned_docs/version-1.10.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",210031],"7fd39f82":[()=&gt;r.e("9899").then(r.bind(r,146357)),"@site/versioned_docs/version-1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",146357],"7ff5004f":[()=&gt;r.e("69094").then(r.bind(r,97209)),"@site/versioned_docs/version-1.11.x/refs/install/managementplane/v1alpha1/spec.mdx",97209],"8003f8a0":[()=&gt;r.e("15523").then(r.bind(r,958741)),"@site/versioned_docs/version-1.7.x/setup/migrate-tctl-to-helm.mdx",958741],"8012df74":[()=&gt;r.e("39101").then(r.bind(r,489533)),"@site/versioned_docs/version-next/refs/tsb/observability/telemetry/v2/source.mdx",489533],"80157e20":[()=&gt;r.e("36339").then(r.t.bind(r,702967,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-telemetry-a40.json",702967],"801658ae":[()=&gt;r.e("43767").then(r.bind(r,923324)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",923324],"8032e594":[()=&gt;r.e("54987").then(r.bind(r,476213)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",476213],"803a55b6":[()=&gt;r.e("76749").then(r.bind(r,540506)),"@site/versioned_docs/version-1.6.x/troubleshooting/debug-container.mdx",540506],"80833eab":[()=&gt;r.e("14436").then(r.bind(r,235293)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token.mdx",235293],"808d2d6a":[()=&gt;Promise.all([r.e("86212"),r.e("44066")]).then(r.bind(r,607731)),"@site/versioned_docs/version-1.6.x/setup/requirements-and-download.mdx",607731],"80b635eb":[()=&gt;r.e("37030").then(r.bind(r,988421)),"@site/versioned_docs/version-1.11.x/operations/vault/istiod-ca.mdx",988421],"80bfbbb3":[()=&gt;r.e("29560").then(r.bind(r,266162)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/workload-entry-annotations.md",266162],"80f32ba4":[()=&gt;r.e("68067").then(r.bind(r,568318)),"@site/versioned_docs/version-1.6.x/concepts/traffic-management.mdx",568318],"80fc2de5":[()=&gt;r.e("78878").then(r.bind(r,995760)),"@site/versioned_docs/version-1.8.x/knowledge-base/gitops.mdx",995760],"80fd7407":[()=&gt;r.e("18390").then(r.bind(r,41310)),"@site/versioned_docs/version-1.11.x/troubleshooting/cluster-onboarding.mdx",41310],"811260b0":[()=&gt;Promise.all([r.e("86212"),r.e("58099")]).then(r.bind(r,172631)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/monitor.mdx",172631],"8137f0e8":[()=&gt;r.e("89621").then(r.bind(r,619416)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",619416],"8152e75f":[()=&gt;r.e("36575").then(r.bind(r,899610)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",899610],"8154a681":[()=&gt;r.e("99558").then(r.bind(r,263882)),"@site/versioned_docs/version-1.8.x/concepts/traffic-management.mdx",263882],"8163c09b":[()=&gt;r.e("29174").then(r.bind(r,138504)),"@site/versioned_docs/version-1.7.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",138504],0x4df9f92:[()=&gt;Promise.all([r.e("86212"),r.e("88460")]).then(r.bind(r,17579)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/deploy-service.mdx",17579],"8178bfee":[()=&gt;r.e("37923").then(r.bind(r,114041)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",114041],"81838bb1":[()=&gt;r.e("58839").then(r.bind(r,573658)),"@site/versioned_docs/version-1.9.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",573658],"81af2a4e":[()=&gt;r.e("99853").then(r.bind(r,264350)),"@site/versioned_docs/version-1.7.x/setup/aws/container-marketplace.mdx",264350],"81e322d3":[()=&gt;r.e("31982").then(r.bind(r,427428)),"@site/versioned_docs/version-1.8.x/setup/self-managed/demo-installation.mdx",427428],"81e5b11b":[()=&gt;Promise.all([r.e("86212"),r.e("28486")]).then(r.bind(r,98900)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/gateway-security.mdx",98900],"81eaa9b5":[()=&gt;r.e("53317").then(r.bind(r,104206)),"@site/versioned_docs/version-1.11.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",104206],"81eff616":[()=&gt;r.e("17793").then(r.bind(r,685133)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/tenant.mdx",685133],"81f693dd":[()=&gt;r.e("92414").then(r.t.bind(r,841693,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-upgrades-4d9.json",841693],"820c7081":[()=&gt;r.e("90904").then(r.bind(r,705335)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",705335],"8257f5d1":[()=&gt;r.e("96349").then(r.bind(r,363601)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/service_traffic_setting.mdx",363601],"8264db48":[()=&gt;r.e("13163").then(r.bind(r,420417)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",420417],"829ef224":[()=&gt;r.e("36003").then(r.bind(r,424683)),"@site/versioned_docs/version-1.12.x/refs/install/controlplane/v1alpha1/status.mdx",424683],"82ae10e1":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("23172")]).then(r.bind(r,592306)),"@site/versioned_docs/version-1.9.x/howto/gateway/distributed-ingress.mdx",592306],"82b1ac79":[()=&gt;r.e("67220").then(r.bind(r,941687)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/delete.md",941687],"82c1773f":[()=&gt;r.e("47175").then(r.bind(r,362666)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",362666],"82f59a74":[()=&gt;r.e("44807").then(r.bind(r,534002)),"@site/versioned_docs/version-1.6.x/setup/certificate/certificate-requirements.mdx",534002],"82f8d9d1":[()=&gt;r.e("60808").then(r.bind(r,799346)),"@site/versioned_docs/version-1.10.x/refs/test/v1/echo.mdx",799346],"8300ef31":[()=&gt;r.e("62842").then(r.bind(r,835328)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/completion.md",835328],"831291a7":[()=&gt;r.e("56111").then(r.bind(r,905393)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/traffic_setting.mdx",905393],"8342661e":[()=&gt;r.e("59001").then(r.bind(r,698919)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/ui.md",698919],"836722d7":[()=&gt;r.e("78952").then(r.t.bind(r,333190,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-grpc-api-5ed.json",333190],0x4ff0d34:[()=&gt;r.e("65859").then(r.t.bind(r,43268,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-grpc-api-reference-d17.json",43268],"83d78b47":[()=&gt;r.e("1698").then(r.bind(r,823481)),"@site/versioned_docs/version-next/refs/onboarding/config/authorization/v1alpha1/policy.mdx",823481],"83ec7da6":[()=&gt;r.e("84793").then(r.bind(r,119521)),"@site/versioned_docs/version-1.9.x/reference/grpc-api/guide.mdx",119521],"83ee9b28":[()=&gt;r.e("26966").then(r.bind(r,683166)),"@site/versioned_docs/version-1.12.x/howto/gitops/clusterrole.mdx",683166],"840eb666":[()=&gt;r.e("29329").then(r.bind(r,653701)),"@site/versioned_docs/version-1.8.x/setup/self-managed/upgrade.mdx",653701],"840ec2f4":[()=&gt;r.e("57923").then(r.bind(r,298052)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",298052],0x50456f3:[()=&gt;r.e("71558").then(r.bind(r,314482)),"@site/versioned_docs/version-1.11.x/troubleshooting/proxy-tools.mdx",314482],"8442432d":[()=&gt;r.e("63813").then(r.bind(r,35270)),"@site/versioned_docs/version-1.8.x/refs/install/dataplane/v1alpha1/spec.mdx",35270],"84465a3c":[()=&gt;r.e("80107").then(r.bind(r,87900)),"@site/versioned_docs/version-1.11.x/refs/tsb/registry/v2/lookup_service.mdx",87900],"8453be38":[()=&gt;r.e("11132").then(r.bind(r,412031)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/tier1-gateway.mdx",412031],"8471990a":[()=&gt;Promise.all([r.e("86212"),r.e("29852")]).then(r.bind(r,589515)),"@site/versioned_docs/version-next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",589515],"847cab89":[()=&gt;r.e("20842").then(r.bind(r,703450)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/cluster_service.mdx",703450],"84b3adee":[()=&gt;r.e("41162").then(r.bind(r,447526)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/collect.md",447526],"84b53af0":[()=&gt;r.e("60980").then(r.t.bind(r,764834,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-samples-f81.json",764834],"84c91caf":[()=&gt;r.e("33370").then(r.bind(r,691883)),"@site/versioned_docs/version-1.10.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",691883],"84e31a8e":[()=&gt;r.e("10292").then(r.bind(r,528590)),"@site/versioned_docs/version-1.7.x/concepts/observability.mdx",528590],"85021cc1":[()=&gt;r.e("14459").then(r.bind(r,736677)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",736677],"852c8487":[()=&gt;r.e("23602").then(r.t.bind(r,602551,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-security-v-2-yaml-440.json",602551],"852f8c85":[()=&gt;r.e("55527").then(r.bind(r,225490)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/ingress-gateway.mdx",225490],0x515d40d:[()=&gt;r.e("34752").then(r.bind(r,815194)),"@site/versioned_docs/version-next/refs/tsb/registry/v2/registration_service.mdx",815194],"85357b73":[()=&gt;r.e("60373").then(r.t.bind(r,713133,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-profile-v-2-yaml-762.json",713133],"858aa3d6":[()=&gt;r.e("99337").then(r.bind(r,804526)),"@site/versioned_docs/version-next/operations/users/oidc-azure.mdx",804526],"85ac021f":[()=&gt;Promise.all([r.e("86212"),r.e("76189")]).then(r.bind(r,328167)),"@site/versioned_docs/version-1.7.x/reference/cli/guide/index.mdx",328167],"85be3a74":[()=&gt;r.e("98517").then(r.bind(r,683579)),"@site/versioned_docs/version-1.12.x/setup/aws/container-marketplace.mdx",683579],"85e0d835":[()=&gt;r.e("56496").then(r.t.bind(r,937390,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-security-v-2-grpc-7ab.json",937390],"85e9cc3c":[()=&gt;Promise.all([r.e("86212"),r.e("80796")]).then(r.bind(r,460955)),"@site/versioned_docs/version-1.6.x/quickstart/security.mdx",460955],"85ea0e97":[()=&gt;r.e("31044").then(r.t.bind(r,535610,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-q-v-2-grpc-d7d.json",535610],"86175ec6":[()=&gt;r.e("84765").then(r.t.bind(r,284430,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-workload-onboarding-onboarding-authorization-ca3.json",284430],"861ab2bd":[()=&gt;r.e("95953").then(r.bind(r,209923)),"@site/versioned_docs/version-1.11.x/concepts/operators/data-plane.mdx",209923],"861c76a8":[()=&gt;r.e("46817").then(r.t.bind(r,898405,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-traffic-v-2-yaml-8a0.json",898405],0x52a1c23:[()=&gt;r.e("60621").then(r.t.bind(r,53213,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-a18.json",53213],"867fdbae":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("94999")]).then(r.bind(r,174473)),"@site/versioned_docs/version-1.12.x/quickstart/traffic-shifting.mdx",174473],"86e3bb58":[()=&gt;r.e("88482").then(r.bind(r,139525)),"@site/versioned_docs/version-1.12.x/refs/install/controlplane/v1alpha1/spec.mdx",139525],"86efa9af":[()=&gt;r.e("30813").then(r.bind(r,728480)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",728480],"86f23685":[()=&gt;r.e("76540").then(r.bind(r,269043)),"@site/versioned_docs/version-1.12.x/operations/features/configure-gitops.mdx",269043],"8706fc86":[()=&gt;r.e("59537").then(r.bind(r,952021)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/tenant_setting.mdx",952021],"870a6555":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("60910")]).then(r.bind(r,28731)),"@site/versioned_docs/version-1.6.x/howto/authorization/sidecar.mdx",28731],"870d6ff8":[()=&gt;r.e("79041").then(r.bind(r,879261)),"@site/versioned_docs/version-next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",879261],"8723b8d7":[()=&gt;Promise.all([r.e("86212"),r.e("98913")]).then(r.bind(r,767784)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/high-availability.mdx",767784],"873e8716":[()=&gt;r.e("87086").then(r.bind(r,869589)),"@site/versioned_docs/version-1.9.x/operations/features/tier1-in-app-cluster.mdx",869589],"8778eab2":[()=&gt;r.e("85930").then(r.t.bind(r,391182,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-q-v-2-grpc-fa8.json",391182],"879e44bb":[()=&gt;r.e("89785").then(r.bind(r,695819)),"@site/versioned_docs/version-next/setup/helm/uninstallation.mdx",695819],"87a0b23c":[()=&gt;Promise.all([r.e("86212"),r.e("85821")]).then(r.bind(r,134030)),"@site/versioned_docs/version-1.7.x/quickstart/security.mdx",134030],"87a0e8f6":[()=&gt;r.e("57530").then(r.bind(r,234225)),"@site/versioned_docs/version-next/refs/tsb/q/v2/permissions_service.mdx",234225],"87af1f66":[()=&gt;r.e("83779").then(r.bind(r,514954)),"@site/versioned_docs/version-1.8.x/troubleshooting/troubleshooting.mdx",514954],"87c824f1":[()=&gt;r.e("29358").then(r.bind(r,975619)),"@site/versioned_docs/version-1.6.x/concepts/operators/control-plane.mdx",975619],"87e8b6f6":[()=&gt;r.e("44650").then(r.bind(r,719359)),"@site/versioned_docs/version-1.8.x/concepts/glossary.md",719359],"87f48726":[()=&gt;r.e("36285").then(r.bind(r,252421)),"@site/versioned_docs/version-1.9.x/concepts/observability.mdx",252421],"87fb2b5c":[()=&gt;r.e("70754").then(r.bind(r,750413)),"@site/versioned_docs/version-next/refs/tsb/istiointernal/v2/istio_internal_group.mdx",750413],0x54518e3:[()=&gt;r.e("97387").then(r.bind(r,934945)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",934945],"88470cce":[()=&gt;r.e("94676").then(r.bind(r,596714)),"@site/versioned_docs/version-1.8.x/reference/samples/sleep-service.mdx",596714],"884e93b9":[()=&gt;r.e("87766").then(r.bind(r,320258)),"@site/versioned_docs/version-1.12.x/refs/tsb/registry/v2/registration_service.mdx",320258],"88543f57":[()=&gt;Promise.all([r.e("86212"),r.e("36757")]).then(r.bind(r,360332)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/gateway-security.mdx",360332],0x547e4e9:[()=&gt;r.e("98439").then(r.bind(r,408226)),"@site/versioned_docs/version-next/refs/onboarding/config/runtime/v1alpha1/registration.mdx",408226],"887c8d6b":[()=&gt;Promise.all([r.e("86212"),r.e("97756")]).then(r.bind(r,670109)),"@site/versioned_docs/version-next/quickstart/apps.mdx",670109],"88857bf4":[()=&gt;r.e("12093").then(r.bind(r,118263)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/get.md",118263],"8896a900":[()=&gt;r.e("45045").then(r.bind(r,684992)),"@site/versioned_docs/version-1.6.x/operations/vault/elasticsearch.mdx",684992],"88ae9827":[()=&gt;r.e("80099").then(r.t.bind(r,83618,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-install-0ac.json",83618],"88d5f459":[()=&gt;r.e("53693").then(r.bind(r,336299)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration.mdx",336299],"88d70657":[()=&gt;r.e("33278").then(r.bind(r,667988)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/troubleshooting.mdx",667988],"88e052c6":[()=&gt;r.e("89943").then(r.bind(r,520317)),"@site/versioned_docs/version-1.8.x/setup/helm/dataplane.mdx",520317],"88e62106":[()=&gt;r.e("99392").then(r.bind(r,406605)),"@site/versioned_docs/version-1.10.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",406605],"88ecd9b0":[()=&gt;r.e("15485").then(r.bind(r,900492)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",900492],"88f9fd9f":[()=&gt;r.e("25248").then(r.bind(r,466936)),"@site/versioned_docs/version-next/refs/tsb/application/v2/api.mdx",466936],"892b995e":[()=&gt;r.e("56501").then(r.bind(r,436838)),"@site/versioned_docs/version-1.6.x/refs/install/kubernetes/k8s.mdx",436838],"892f1497":[()=&gt;r.e("71864").then(r.bind(r,707181)),"@site/versioned_docs/version-1.8.x/howto/wasm/wasm-proxy.mdx",707181],"8930937c":[()=&gt;r.e("60283").then(r.bind(r,392795)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/egress_gateway.mdx",392795],"8931169c":[()=&gt;r.e("44762").then(r.t.bind(r,289855,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-rbac-v-2-grpc-524.json",289855],"893a3cd0":[()=&gt;r.e("99391").then(r.bind(r,955718)),"@site/versioned_docs/version-1.9.x/index.mdx",955718],"8952d233":[()=&gt;Promise.all([r.e("86212"),r.e("55451")]).then(r.bind(r,341870)),"@site/versioned_docs/version-1.11.x/howto/gateway/shared-ingress.mdx",341870],"895329c6":[()=&gt;r.e("84444").then(r.t.bind(r,852658,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-observability-telemetry-v-2-grpc-c00.json",852658],"8959d10c":[()=&gt;r.e("44810").then(r.t.bind(r,551344,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-troubleshooting-1a4.json",551344],"895af063":[()=&gt;r.e("92767").then(r.t.bind(r,451867,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-observability-telemetry-v-2-yaml-fe1.json",451867],"896bbddf":[()=&gt;r.e("64973").then(r.bind(r,223106)),"@site/versioned_docs/version-1.6.x/howto/authorization/ingress-gateway.mdx",223106],"896f2405":[()=&gt;r.e("84453").then(r.bind(r,608807)),"@site/versioned_docs/version-1.12.x/operations/features/configure-cluster-external-addresses.mdx",608807],"898970fe":[()=&gt;Promise.all([r.e("86212"),r.e("82689")]).then(r.bind(r,179780)),"@site/versioned_docs/version-next/setup/helm/toc.mdx",179780],"89be8aca":[()=&gt;r.e("9822").then(r.t.bind(r,16679,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-rbac-v-2-yaml-7ec.json",16679],"89c33007":[()=&gt;r.e("49976").then(r.t.bind(r,29064,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-27d.json",29064],"89c607c5":[()=&gt;r.e("83477").then(r.bind(r,490039)),"@site/versioned_docs/version-1.11.x/refs/tsb/application/v2/api.mdx",490039],"89d4846c":[()=&gt;r.e("89063").then(r.bind(r,152477)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",152477],"89d6c94d":[()=&gt;r.e("63663").then(r.bind(r,445932)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",445932],"89dcf66c":[()=&gt;Promise.all([r.e("86212"),r.e("19043")]).then(r.bind(r,898969)),"@site/versioned_docs/version-next/design-guides/app-onboarding/deploy-service.mdx",898969],"8a070c40":[()=&gt;r.e("40211").then(r.bind(r,819773)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/workload-entry-annotations.md",819773],"8a104b8e":[()=&gt;Promise.all([r.e("86212"),r.e("17132")]).then(r.bind(r,566622)),"@site/versioned_docs/version-next/operations/postgresql/azure-credentials.mdx",566622],"8a428c4e":[()=&gt;r.e("55166").then(r.t.bind(r,615254,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-istiointernal-v-2-grpc-d27.json",615254],"8a5d8d57":[()=&gt;r.e("82683").then(r.bind(r,822197)),"@site/versioned_docs/version-1.11.x/refs/install/kubernetes/k8s.mdx",822197],"8a647e1e":[()=&gt;r.e("78109").then(r.bind(r,937639)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",937639],"8a8511b9":[()=&gt;r.e("41259").then(r.bind(r,371539)),"@site/versioned_docs/version-next/howto/wasm/wasm-extension.mdx",371539],"8a9c239f":[()=&gt;r.e("20890").then(r.bind(r,905584)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/config.md",905584],"8aaeb992":[()=&gt;r.e("16646").then(r.bind(r,372389)),"@site/versioned_docs/version-1.10.x/release-notes-announcements/support-policy.mdx",372389],"8adf3fde":[()=&gt;r.e("10457").then(r.bind(r,426790)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/validate.md",426790],"8ae729ed":[()=&gt;Promise.all([r.e("86212"),r.e("38229")]).then(r.bind(r,590442)),"@site/versioned_docs/version-1.10.x/setup/requirements-and-download.mdx",590442],"8af9b0bd":[()=&gt;r.e("7040").then(r.bind(r,347338)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",347338],"8b03ff9a":[()=&gt;r.e("95583").then(r.bind(r,917999)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/promote-service.mdx",917999],"8b093ccf":[()=&gt;r.e("12086").then(r.bind(r,14761)),"@site/versioned_docs/version-1.9.x/setup/migrate-tctl-to-helm.mdx",14761],"8b17df5d":[()=&gt;r.e("83885").then(r.t.bind(r,41878,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-howto-eed.json",41878],"8b2f9043":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("37163")]).then(r.bind(r,62341)),"@site/versioned_docs/version-1.9.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",62341],"8b2fb0bf":[()=&gt;r.e("47040").then(r.bind(r,670209)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tctl.mdx",670209],"8b3efbc9":[()=&gt;r.e("22028").then(r.bind(r,299278)),"@site/versioned_docs/version-1.10.x/operations/features/tier1-in-app-cluster.mdx",299278],"8b4532ed":[()=&gt;r.e("6055").then(r.bind(r,365197)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/version.md",365197],"8b5f7dff":[()=&gt;r.e("35691").then(r.t.bind(r,41992,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-workload-onboarding-onboarding-agent-6d8.json",41992],"8b69bf3c":[()=&gt;r.e("5416").then(r.bind(r,681724)),"@site/versioned_docs/version-next/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",681724],"8b877453":[()=&gt;r.e("14641").then(r.bind(r,531011)),"@site/versioned_docs/version-1.9.x/operations/elasticsearch/elasticsearch-role.mdx",531011],"8b8877c6":[()=&gt;r.e("98516").then(r.bind(r,591604)),"@site/versioned_docs/version-1.10.x/setup/upgrade-best-practices.md",591604],"8b891a51":[()=&gt;r.e("29016").then(r.t.bind(r,344483,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-knowledge-base-31e.json",344483],"8ba5f89e":[()=&gt;r.e("30762").then(r.bind(r,632696)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",632696],"8ba977e3":[()=&gt;r.e("19134").then(r.t.bind(r,703855,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-audit-v-1-grpc-381.json",703855],"8baba255":[()=&gt;r.e("70818").then(r.bind(r,860968)),"@site/versioned_docs/version-1.10.x/refs/tsb/application/v2/api.mdx",860968],"8bc203b7":[()=&gt;r.e("77485").then(r.t.bind(r,705830,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-extension-v-2-grpc-9d6.json",705830],"8bdd5826":[()=&gt;Promise.all([r.e("86212"),r.e("6464")]).then(r.bind(r,462373)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",462373],"8be1a864":[()=&gt;r.e("72617").then(r.bind(r,14180)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tsb-quickstart.mdx",14180],"8bff8d0a":[()=&gt;r.e("85471").then(r.t.bind(r,423659,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-extension-v-2-grpc-ed6.json",423659],"8c12b391":[()=&gt;r.e("40131").then(r.bind(r,358626)),"@site/versioned_docs/version-1.11.x/refs/install/dataplane/v1alpha1/spec.mdx",358626],"8c20dcb7":[()=&gt;r.e("11558").then(r.t.bind(r,38267,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-types-v-2-yaml-49c.json",38267],"8c3efb3a":[()=&gt;r.e("71020").then(r.t.bind(r,730591,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-samples-dab.json",730591],"8c59df1c":[()=&gt;r.e("64906").then(r.bind(r,20500)),"@site/versioned_docs/version-next/refs/install/controlplane/v1alpha1/status.mdx",20500],"8c5b791c":[()=&gt;r.e("40179").then(r.bind(r,145637)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",145637],"8c70af23":[()=&gt;r.e("9856").then(r.bind(r,625712)),"@site/versioned_docs/version-1.11.x/operations/features/internal-wasm-extensions.mdx",625712],"8c758a45":[()=&gt;r.e("5434").then(r.t.bind(r,256682,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-yaml-api-reference-016.json",256682],"8c78cf64":[()=&gt;r.e("20436").then(r.bind(r,620345)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/operations.mdx",620345],"8c980a28":[()=&gt;r.e("18726").then(r.bind(r,123515)),"@site/versioned_docs/version-1.7.x/design-guides/ha-dr-mp/introduction.mdx",123515],"8c9f7e0f":[()=&gt;r.e("26316").then(r.bind(r,338879)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/role_service.mdx",338879],"8cad4096":[()=&gt;r.e("19443").then(r.bind(r,133796)),"@site/versioned_docs/version-1.9.x/troubleshooting/configuration-status.mdx",133796],"8cb59263":[()=&gt;r.e("98734").then(r.t.bind(r,545577,19)),"@generated/docusaurus-plugin-redoc/1_9_x/__plugin.json",545577],"8cb8b685":[()=&gt;r.e("6947").then(r.bind(r,325639)),"@site/versioned_docs/version-1.6.x/reference/samples/opa.mdx",325639],"8cc17dbe":[()=&gt;r.e("53030").then(r.bind(r,181941)),"@site/versioned_docs/version-next/howto/service-accounts.mdx",181941],"8cccc3d2":[()=&gt;r.e("40293").then(r.bind(r,973603)),"@site/versioned_docs/version-next/refs/onboarding/private/types/config/v1alpha1/transport_security.mdx",973603],"8ce0ba4b":[()=&gt;Promise.all([r.e("86212"),r.e("16912")]).then(r.bind(r,243947)),"@site/versioned_docs/version-1.10.x/howto/gateway/unified-gateway-upgrade.mdx",243947],"8d16a7fc":[()=&gt;r.e("89120").then(r.bind(r,503194)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",503194],"8d19ef8f":[()=&gt;r.e("24694").then(r.bind(r,873275)),"@site/versioned_docs/version-1.6.x/refs/tsb/observability/telemetry/v2/source_service.mdx",873275],"8d22ba06":[()=&gt;r.e("4586").then(r.bind(r,570811)),"@site/versioned_docs/version-1.10.x/reference/samples/opa.mdx",570811],"8d506751":[()=&gt;r.e("5972").then(r.bind(r,229275)),"@site/versioned_docs/version-1.9.x/howto/gateway/configure-oidc.mdx",229275],"8d5682c9":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("97938")]).then(r.bind(r,367290)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/index.mdx",367290],"8d569b74":[()=&gt;r.e("28747").then(r.t.bind(r,363216,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-howto-gateway-60d.json",363216],"8d58259d":[()=&gt;r.e("92918").then(r.bind(r,352729)),"@site/versioned_docs/version-1.9.x/troubleshooting/troubleshooting.mdx",352729],"8d6cf3a2":[()=&gt;r.e("8031").then(r.bind(r,796449)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/whoami.md",796449],"8d865caf":[()=&gt;r.e("11757").then(r.bind(r,32024)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/config/v1alpha1/transport_security.mdx",32024],"8d8868a1":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("56264")]).then(r.bind(r,695974)),"@site/versioned_docs/version-1.10.x/howto/rate-limiting/external-rate-limiting.mdx",695974],"8da51292":[()=&gt;Promise.all([r.e("86212"),r.e("39698")]).then(r.bind(r,833694)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/demo-1.mdx",833694],"8daf5281":[()=&gt;r.e("8969").then(r.bind(r,541663)),"@site/versioned_docs/version-1.6.x/troubleshooting/troubleshooting.mdx",541663],"8dc1f89e":[()=&gt;r.e("14197").then(r.bind(r,510973)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",510973],"8dd78dd0":[()=&gt;r.e("25686").then(r.bind(r,386411)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/gateways-management.mdx",386411],"8de6a326":[()=&gt;r.e("28094").then(r.bind(r,549508)),"@site/versioned_docs/version-1.7.x/howto/gitops/gitops.mdx",549508],"8de70308":[()=&gt;r.e("2508").then(r.bind(r,179027)),"@site/versioned_docs/version-1.7.x/refs/tsb/registry/v2/service.mdx",179027],"8de7822e":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("51753")]).then(r.bind(r,279670)),"@site/versioned_docs/version-1.8.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",279670],"8dec60f1":[()=&gt;Promise.all([r.e("86212"),r.e("29982")]).then(r.bind(r,281384)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/security.mdx",281384],"8e07aac6":[()=&gt;r.e("28635").then(r.bind(r,628748)),"@site/versioned_docs/version-1.10.x/operations/postgresql/backup-and-restore.mdx",628748],"8e16e168":[()=&gt;r.e("24875").then(r.bind(r,784819)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service.mdx",784819],"8e27053d":[()=&gt;Promise.all([r.e("86212"),r.e("62117")]).then(r.bind(r,810265)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/introduction.mdx",810265],"8e2c1457":[()=&gt;r.e("63093").then(r.bind(r,980323)),"@site/versioned_docs/version-1.11.x/refs/install/controlplane/v1alpha1/spec.mdx",980323],"8e308cbf":[()=&gt;r.e("40538").then(r.bind(r,40997)),"@site/versioned_docs/version-1.9.x/refs/iam/v2/oauth_service.mdx",40997],"8e4918d9":[()=&gt;r.e("8243").then(r.bind(r,473274)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/whoami.md",473274],"8e5ae86c":[()=&gt;Promise.all([r.e("86212"),r.e("90532")]).then(r.bind(r,923254)),"@site/versioned_docs/version-next/design-guides/app-onboarding/high-availability.mdx",923254],"8e5b5b5e":[()=&gt;r.e("84889").then(r.t.bind(r,985167,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-howto-gitops-8fb.json",985167],"8e61d782":[()=&gt;r.e("72946").then(r.bind(r,36188)),"@site/versioned_docs/version-1.8.x/operations/vault/istiod-ca.mdx",36188],"8e96eae8":[()=&gt;Promise.all([r.e("86212"),r.e("22112")]).then(r.bind(r,712738)),"@site/versioned_docs/version-1.9.x/setup/self-managed/onboarding-clusters.mdx",712738],"8ea138ff":[()=&gt;r.e("9020").then(r.t.bind(r,993919,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-a8d.json",993919],"8ea49374":[()=&gt;r.e("98591").then(r.t.bind(r,196928,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-gateway-v-2-grpc-530.json",196928],"8eaaefac":[()=&gt;r.e("1180").then(r.bind(r,951318)),"@site/versioned_docs/version-1.12.x/howto/gateway/unfied-gateway-management-via-mp.mdx",951318],"8ed5241e":[()=&gt;r.e("23066").then(r.bind(r,837696)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",837696],"8edc521c":[()=&gt;r.e("78064").then(r.bind(r,174089)),"@site/versioned_docs/version-1.11.x/release-notes-announcements/support-policy.mdx",174089],"8edd4817":[()=&gt;r.e("43535").then(r.bind(r,470649)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/security_access_bindings.mdx",470649],"8eed107e":[()=&gt;r.e("52465").then(r.bind(r,427538)),"@site/versioned_docs/version-1.9.x/design-guides/ha-dr-mp/introduction.mdx",427538],"8f295651":[()=&gt;Promise.all([r.e("86212"),r.e("41819")]).then(r.bind(r,500747)),"@site/versioned_docs/version-1.6.x/setup/self-managed/onboarding-clusters.mdx",500747],"8f2c9374":[()=&gt;r.e("79943").then(r.bind(r,905039)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",905039],"8f4aa84e":[()=&gt;r.e("68324").then(r.bind(r,900611)),"@site/versioned_docs/version-1.11.x/concepts/traffic-management.mdx",900611],"8f6c159b":[()=&gt;r.e("30909").then(r.bind(r,101521)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/setup.mdx",101521],"8f7aca99":[()=&gt;r.e("56403").then(r.bind(r,605196)),"@site/versioned_docs/version-1.10.x/operations/features/gateway-deletion-webhook.mdx",605196],"8f8ca8a8":[()=&gt;r.e("80465").then(r.bind(r,845573)),"@site/versioned_docs/version-1.8.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",845573],"8fa90406":[()=&gt;r.e("97116").then(r.bind(r,234298)),"@site/versioned_docs/version-1.7.x/refs/install/common/common_config.mdx",234298],"8fc9e17e":[()=&gt;Promise.all([r.e("86212"),r.e("29892")]).then(r.bind(r,627275)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/monitor.mdx",627275],"8fcf3ad2":[()=&gt;r.e("83382").then(r.t.bind(r,863270,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-auth-v-2-yaml-246.json",863270],"8fd89e93":[()=&gt;r.e("73188").then(r.bind(r,24030)),"@site/versioned_docs/version-1.9.x/concepts/service-mesh.mdx",24030],"8ff0f8f6":[()=&gt;r.e("93803").then(r.bind(r,859903)),"@site/versioned_docs/version-1.7.x/refs/tsb/extension/v2/wasm_extension.mdx",859903],"9001d5c0":[()=&gt;r.e("50996").then(r.bind(r,378850)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/traffic_setting.mdx",378850],"9034d358":[()=&gt;r.e("8832").then(r.bind(r,146651)),"@site/versioned_docs/version-1.6.x/operations/migrate-organization.mdx",146651],0x563fdfb:[()=&gt;r.e("73221").then(r.bind(r,389476)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/api_access_bindings.mdx",389476],"9048c047":[()=&gt;r.e("56668").then(r.bind(r,99194)),"@site/versioned_docs/version-1.11.x/operations/features/gateway-deletion-webhook.mdx",99194],"90617cc4":[()=&gt;r.e("93170").then(r.bind(r,588440)),"@site/versioned_docs/version-1.9.x/refs/tsb/application/v2/application.mdx",588440],"907e894b":[()=&gt;r.e("9152").then(r.bind(r,561199)),"@site/versioned_docs/version-1.10.x/operations/vault/elasticsearch.mdx",561199],"9083911b":[()=&gt;r.e("87650").then(r.bind(r,763563)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",763563],"908465f4":[()=&gt;r.e("6588").then(r.bind(r,719002)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/traffic_service.mdx",719002],"90a8f22f":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("10377")]).then(r.bind(r,914515)),"@site/versioned_docs/version-1.8.x/howto/gateway/distributed-ingress.mdx",914515],"90aba2e7":[()=&gt;r.e("82421").then(r.bind(r,568762)),"@site/versioned_docs/version-1.10.x/refs/install/kubernetes/k8s.mdx",568762],"90dd3792":[()=&gt;r.e("18217").then(r.bind(r,568792)),"@site/versioned_docs/version-1.9.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",568792],"90e1e50e":[()=&gt;r.e("72111").then(r.bind(r,180232)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/traffic-management.mdx",180232],"90e47deb":[()=&gt;r.e("71866").then(r.t.bind(r,615086,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-iam-v-2-grpc-ec2.json",615086],"90e5a3c1":[()=&gt;r.e("79338").then(r.bind(r,624014)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/workspace_service.mdx",624014],"90ea6eab":[()=&gt;r.e("23704").then(r.t.bind(r,890760,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-traffic-v-2-yaml-017.json",890760],"90fe5893":[()=&gt;r.e("78361").then(r.bind(r,613429)),"@site/versioned_docs/version-1.7.x/setup/isolation-boundaries.mdx",613429],"9101b799":[()=&gt;r.e("37710").then(r.t.bind(r,978421,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-gateway-v-2-yaml-b2d.json",978421],"91106efb":[()=&gt;r.e("69627").then(r.bind(r,128902)),"@site/versioned_docs/version-1.6.x/quickstart/introduction.mdx",128902],"91188c53":[()=&gt;r.e("40717").then(r.bind(r,206797)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/waf_settings.mdx",206797],"9134ac37":[()=&gt;r.e("35059").then(r.bind(r,612910)),"@site/versioned_docs/version-next/refs/tsb/v2/status_service.mdx",612910],"91453ec9":[()=&gt;r.e("32636").then(r.bind(r,644345)),"@site/versioned_docs/version-next/howto/gateway/multi-cluster-traffic-failover-priority.mdx",644345],"9150e705":[()=&gt;r.e("26104").then(r.bind(r,155328)),"@site/versioned_docs/version-1.9.x/design-guides/ha-dr-mp/scenarios.mdx",155328],"9154144b":[()=&gt;r.e("69762").then(r.bind(r,490138)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",490138],"9155d962":[()=&gt;Promise.all([r.e("86212"),r.e("92348")]).then(r.bind(r,900993)),"@site/versioned_docs/version-1.12.x/howto/gateway/shared-ingress.mdx",900993],"91791fee":[()=&gt;r.e("43491").then(r.bind(r,311404)),"@site/versioned_docs/version-1.7.x/setup/helm/uninstallation.mdx",311404],"918c1f2c":[()=&gt;r.e("82332").then(r.bind(r,815823)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/get.md",815823],"918da351":[()=&gt;r.e("61608").then(r.bind(r,351583)),"@site/versioned_docs/version-1.12.x/refs/iam/v2/oidc_service.mdx",351583],"918ebc53":[()=&gt;r.e("28242").then(r.t.bind(r,912620,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-security-v-2-grpc-b2a.json",912620],"91908c7d":[()=&gt;r.e("6307").then(r.bind(r,275598)),"@site/versioned_docs/version-1.11.x/setup/certificate/automated-certificate-management.mdx",275598],"91a65a23":[()=&gt;r.e("40493").then(r.bind(r,740531)),"@site/versioned_docs/version-1.8.x/refs/install/managementplane/v1alpha1/spec.mdx",740531],"91aa9743":[()=&gt;r.e("84914").then(r.t.bind(r,452737,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-cli-guide-toc-f4e.json",452737],"91ba37a6":[()=&gt;r.e("72494").then(r.bind(r,586455)),"@site/versioned_docs/version-1.11.x/concepts/terminology.mdx",586455],"91bf4bd9":[()=&gt;r.e("39560").then(r.t.bind(r,109429,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_11_x/redocApiSpecV1.2-1_11_x.json",109429],"91d1b09e":[()=&gt;r.e("54677").then(r.bind(r,474170)),"@site/versioned_docs/version-next/troubleshooting/tsb-ui-metrics.mdx",474170],"91d64a36":[()=&gt;r.e("61173").then(r.bind(r,859356)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/overview.mdx",859356],"91d979ee":[()=&gt;Promise.all([r.e("86212"),r.e("5467")]).then(r.bind(r,644793)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/cross-cluster.mdx",644793],"91f642e9":[()=&gt;Promise.all([r.e("86212"),r.e("72531")]).then(r.bind(r,991947)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/toc.mdx",991947],"91fc39d0":[()=&gt;r.e("64156").then(r.bind(r,779565)),"@site/versioned_docs/version-1.6.x/operations/features/enable-config-protection.mdx",779565],"921ceaae":[()=&gt;r.e("11734").then(r.bind(r,247024)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",247024],"9255a9dd":[()=&gt;Promise.all([r.e("86212"),r.e("90036")]).then(r.bind(r,963011)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/demo-1.mdx",963011],0x58565d7:[()=&gt;r.e("4831").then(r.bind(r,614055)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/overview.mdx",614055],"9272f0ab":[()=&gt;r.e("51769").then(r.bind(r,609913)),"@site/versioned_docs/version-next/refs/tsb/v2/workspace.mdx",609913],"927ab661":[()=&gt;Promise.all([r.e("86212"),r.e("25870")]).then(r.bind(r,347247)),"@site/versioned_docs/version-next/setup/upgrades/cni-upgrade.mdx",347247],"928811dc":[()=&gt;r.e("17972").then(r.bind(r,942239)),"@site/versioned_docs/version-next/setup/helm/helm.mdx",942239],"92a8c238":[()=&gt;r.e("20630").then(r.bind(r,349734)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service.mdx",349734],"92d5f5da":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("89270")]).then(r.bind(r,284454)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/index.mdx",284454],"92da5931":[()=&gt;Promise.all([r.e("86212"),r.e("67939")]).then(r.bind(r,69231)),"@site/versioned_docs/version-1.9.x/quickstart/apps.mdx",69231],"92fac20d":[()=&gt;r.e("52558").then(r.bind(r,441228)),"@site/versioned_docs/version-1.10.x/operations/features/deletion-protection.mdx",441228],"930037db":[()=&gt;r.e("36781").then(r.t.bind(r,87132,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-iam-v-2-grpc-be7.json",87132],"9307436d":[()=&gt;r.e("97511").then(r.bind(r,842131)),"@site/versioned_docs/version-1.10.x/release-notes-announcements/feature-status.mdx",842131],"935668a0":[()=&gt;r.e("2668").then(r.bind(r,405929)),"@site/versioned_docs/version-next/troubleshooting/identify-underperforming-services.mdx",405929],0x5946d27:[()=&gt;r.e("86494").then(r.bind(r,567552)),"@site/versioned_docs/version-1.12.x/operations/vault/istiod-ca.mdx",567552],"93647dfe":[()=&gt;Promise.all([r.e("86212"),r.e("95498")]).then(r.bind(r,745638)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/best-practices.mdx",745638],"93719a11":[()=&gt;r.e("8771").then(r.bind(r,509241)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",509241],"93b0e0bb":[()=&gt;r.e("84610").then(r.bind(r,311054)),"@site/versioned_docs/version-1.6.x/refs/install/controlplane/v1alpha1/spec.mdx",311054],"93ce154e":[()=&gt;r.e("53582").then(r.bind(r,404075)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",404075],"93e39fde":[()=&gt;r.e("22154").then(r.bind(r,407918)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/edit.md",407918],"9401881e":[()=&gt;r.e("61625").then(r.t.bind(r,367026,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-howto-gateway-31c.json",367026],"941a05c5":[()=&gt;r.e("2643").then(r.t.bind(r,200898,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-grpc-api-479.json",200898],"941bfad6":[()=&gt;r.e("41175").then(r.bind(r,264043)),"@site/versioned_docs/version-next/refs/tsb/security/v2/service_security_setting.mdx",264043],"94277ecc":[()=&gt;r.e("99176").then(r.bind(r,740807)),"@site/versioned_docs/version-1.6.x/howto/hpa-using-skywalking.mdx",740807],"942da6e9":[()=&gt;r.e("99170").then(r.bind(r,366412)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",366412],"9438263f":[()=&gt;r.e("76859").then(r.bind(r,94280)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/experimental.md",94280],"9446af52":[()=&gt;r.e("46231").then(r.bind(r,333222)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/team_service.mdx",333222],"944ecc83":[()=&gt;r.e("83678").then(r.bind(r,13572)),"@site/versioned_docs/version-1.8.x/operations/users/roles-and-permissions.mdx",13572],"944f7a68":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("48222")]).then(r.bind(r,226896)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/index.mdx",226896],"9478a588":[()=&gt;r.e("32286").then(r.bind(r,386507)),"@site/versioned_docs/version-1.10.x/concepts/operators/management-plane.mdx",386507],"9484a8a0":[()=&gt;r.e("829").then(r.bind(r,229124)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",229124],"9494ac40":[()=&gt;r.e("18889").then(r.bind(r,163930)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",163930],"9497b40c":[()=&gt;Promise.all([r.e("86212"),r.e("91465")]).then(r.bind(r,417670)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/cluster-failover.mdx",417670],"9498321c":[()=&gt;r.e("96826").then(r.bind(r,421646)),"@site/versioned_docs/version-1.11.x/operations/postgresql/auditlog-retention.mdx",421646],"949d2c95":[()=&gt;r.e("68823").then(r.bind(r,714027)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",714027],"94a78a65":[()=&gt;r.e("52075").then(r.bind(r,242602)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/service-to-service.mdx",242602],"94d0edeb":[()=&gt;r.e("50193").then(r.bind(r,65799)),"@site/versioned_docs/version-1.12.x/setup/remote-registry.mdx",65799],"94dabc52":[()=&gt;r.e("34633").then(r.bind(r,231665)),"@site/versioned_docs/version-1.8.x/howto/gitops/flux.mdx",231665],"94dba2b5":[()=&gt;r.e("89390").then(r.bind(r,58938)),"@site/versioned_docs/version-1.11.x/howto/wasm/wasm-overview.mdx",58938],"94e9a1bd":[()=&gt;r.e("23381").then(r.bind(r,156246)),"@site/versioned_docs/version-next/refs/onboarding/private/install/v1alpha1/spec.mdx",156246],"94fa9a66":[()=&gt;r.e("29399").then(r.t.bind(r,539442,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-workload-onboarding-onboarding-agent-fdc.json",539442],"94fef7a3":[()=&gt;r.e("82616").then(r.t.bind(r,166461,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-tags-dd1.json",166461],"9523f7b4":[()=&gt;r.e("74925").then(r.t.bind(r,114011,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-workload-onboarding-de0.json",114011],"9525a659":[()=&gt;r.e("92786").then(r.bind(r,575381)),"@site/versioned_docs/version-1.11.x/refs/tsb/q/v2/permissions_service.mdx",575381],"9529c683":[()=&gt;r.e("53744").then(r.bind(r,925639)),"@site/versioned_docs/version-1.6.x/howto/security-domains.mdx",925639],"955132eb":[()=&gt;r.e("64960").then(r.bind(r,437701)),"@site/versioned_docs/version-1.10.x/refs/install/common/common_config.mdx",437701],"955b81f0":[()=&gt;r.e("27077").then(r.bind(r,736272)),"@site/versioned_docs/version-next/cheatsheet/sheets/security-management.mdx",736272],"957a6949":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("86313")]).then(r.bind(r,44463)),"@site/versioned_docs/version-1.9.x/quickstart/observability.mdx",44463],"957bec69":[()=&gt;r.e("36538").then(r.bind(r,973903)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service.mdx",973903],"95817dde":[()=&gt;r.e("10375").then(r.bind(r,923741)),"@site/versioned_docs/version-next/howto/wasm/wasm-overview.mdx",923741],"9587a7a2":[()=&gt;r.e("47289").then(r.t.bind(r,677097,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-394.json",677097],"959f5681":[()=&gt;r.e("50613").then(r.bind(r,900387)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/security_group.mdx",900387],"95b5f825":[()=&gt;r.e("5290").then(r.bind(r,115362)),"@site/versioned_docs/version-next/reference/cli/reference/status.md",115362],"95bf625d":[()=&gt;r.e("94360").then(r.bind(r,698111)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",698111],"95d80486":[()=&gt;r.e("53069").then(r.bind(r,989908)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/delete.md",989908],"95db3f99":[()=&gt;r.e("62087").then(r.bind(r,73999)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/gateway.mdx",73999],"95e3916d":[()=&gt;r.e("48746").then(r.bind(r,933277)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/traffic-management.mdx",933277],"95e4e40c":[()=&gt;r.e("38352").then(r.bind(r,692479)),"@site/versioned_docs/version-1.10.x/howto/hpa-using-skywalking.mdx",692479],"96019d3c":[()=&gt;r.e("36186").then(r.bind(r,39682)),"@site/versioned_docs/version-1.9.x/operations/telemetry/red-metrics.mdx",39682],"960e1afb":[()=&gt;r.e("85490").then(r.bind(r,118452)),"@site/versioned_docs/version-1.9.x/troubleshooting/identify-underperforming-services.mdx",118452],"961635bc":[()=&gt;r.e("87257").then(r.bind(r,876344)),"@site/versioned_docs/version-next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service.mdx",876344],"9628fa5a":[()=&gt;r.e("30311").then(r.bind(r,862371)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io.md",862371],"9632beef":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("21700")]).then(r.bind(r,929191)),"@site/versioned_docs/version-1.8.x/design-guides/index.mdx",929191],"96375a98":[()=&gt;r.e("30926").then(r.bind(r,597709)),"@site/versioned_docs/version-1.10.x/operations/postgresql/managing-kubegres.mdx",597709],"963e25e6":[()=&gt;r.e("75285").then(r.bind(r,21231)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/edge-failover.mdx",21231],"965ed39d":[()=&gt;r.e("51432").then(r.bind(r,840451)),"@site/versioned_docs/version-1.8.x/refs/tsb/observability/telemetry/v2/metric.mdx",840451],"965faaf9":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("87929")]).then(r.bind(r,525945)),"@site/versioned_docs/version-1.12.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",525945],0x5c30740:[()=&gt;r.e("9411").then(r.bind(r,388246)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",388246],"9685b065":[()=&gt;r.e("51022").then(r.bind(r,741018)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/introduction.mdx",741018],"9698b57a":[()=&gt;r.e("27737").then(r.bind(r,127853)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",127853],"96b80b82":[()=&gt;r.e("52043").then(r.bind(r,354401)),"@site/versioned_docs/version-1.9.x/quickstart/config-groups.mdx",354401],"96c87261":[()=&gt;r.e("14247").then(r.bind(r,72059)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",72059],"96d9a1e1":[()=&gt;r.e("27728").then(r.bind(r,375473)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/traffic_group.mdx",375473],"96dbbf1b":[()=&gt;Promise.all([r.e("86212"),r.e("60825")]).then(r.bind(r,543027)),"@site/versioned_docs/version-1.12.x/setup/helm/toc.mdx",543027],"96dc2cb1":[()=&gt;r.e("23311").then(r.t.bind(r,90786,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-howto-gateway-203.json",90786],"96e24b23":[()=&gt;r.e("8068").then(r.t.bind(r,952472,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-howto-gitops-f97.json",952472],"96fc625a":[()=&gt;r.e("57988").then(r.bind(r,657573)),"@site/versioned_docs/version-1.11.x/refs/tsb/extension/v2/wasm_service.mdx",657573],"96ffa52e":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("36986")]).then(r.bind(r,105356)),"@site/versioned_docs/version-1.8.x/quickstart/tenant.mdx",105356],0x5ca7a5e:[()=&gt;r.e("65422").then(r.bind(r,416926)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/setup.mdx",416926],"975d9e08":[()=&gt;r.e("29977").then(r.t.bind(r,496308,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-workload-onboarding-onboarding-runtime-670.json",496308],"9793a51c":[()=&gt;r.e("42449").then(r.t.bind(r,229462,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-quickstart-f57.json",229462],"97a7fba6":[()=&gt;r.e("2024").then(r.bind(r,851141)),"@site/versioned_docs/version-next/cheatsheet/sheets/gateways-management.mdx",851141],"97aff1a9":[()=&gt;Promise.all([r.e("86212"),r.e("46020")]).then(r.bind(r,149406)),"@site/versioned_docs/version-1.9.x/setup/self-managed/management-plane-installation.mdx",149406],"97c84944":[()=&gt;r.e("29439").then(r.t.bind(r,904055,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_12_x/redocApiSpecV1.2-1_12_x.json",904055],"97cf425e":[()=&gt;r.e("22469").then(r.bind(r,933563)),"@site/versioned_docs/version-1.12.x/refs/tsb/profile/v2/profile.mdx",933563],"97e61c08":[()=&gt;r.e("30828").then(r.t.bind(r,283246,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-9c2.json",283246],"97f10926":[()=&gt;r.e("29757").then(r.bind(r,650557)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin.mdx",650557],"9810bf6b":[()=&gt;r.e("44079").then(r.bind(r,536068)),"@site/versioned_docs/version-next/howto/gitops/flagger.mdx",536068],"9815d44f":[()=&gt;r.e("30716").then(r.bind(r,774023)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/onboarding.mdx",774023],"983b47ee":[()=&gt;r.e("24020").then(r.bind(r,831531)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/ecs-workloads.mdx",831531],"9843d5dc":[()=&gt;r.e("70995").then(r.bind(r,391818)),"@site/versioned_docs/version-1.6.x/howto/gitops/argo-rollouts.mdx",391818],"98691e50":[()=&gt;r.e("11433").then(r.bind(r,497389)),"@site/versioned_docs/version-next/howto/gateway/service-identity-propagation.mdx",497389],"989bb27a":[()=&gt;r.e("1767").then(r.t.bind(r,546170,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-istiointernal-v-2-yaml-8b1.json",546170],"98c46a62":[()=&gt;r.e("73065").then(r.bind(r,948179)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/waf_settings.mdx",948179],"98e0f090":[()=&gt;r.e("64871").then(r.bind(r,617437)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",617437],"98f872b5":[()=&gt;r.e("40880").then(r.bind(r,488487)),"@site/versioned_docs/version-next/setup/security-context.mdx",488487],"9907f236":[()=&gt;r.e("24372").then(r.bind(r,782059)),"@site/versioned_docs/version-1.7.x/design-guides/ha-dr-mp/scenarios.mdx",782059],"993e59bd":[()=&gt;r.e("9570").then(r.bind(r,17248)),"@site/versioned_docs/version-1.11.x/operations/kube-customization.mdx",17248],"994100f1":[()=&gt;r.e("63420").then(r.bind(r,88613)),"@site/versioned_docs/version-1.8.x/operations/kube-customization.mdx",88613],"99514d17":[()=&gt;r.e("68548").then(r.bind(r,141938)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/tenant.mdx",141938],"997b29e6":[()=&gt;r.e("25193").then(r.bind(r,315774)),"@site/versioned_docs/version-1.12.x/cheatsheet/index.mdx",315774],"9980e398":[()=&gt;r.e("77210").then(r.bind(r,876508)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt.mdx",876508],"9981da25":[()=&gt;r.e("17144").then(r.bind(r,224731)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/delete.md",224731],"99de9992":[()=&gt;r.e("47224").then(r.bind(r,603453)),"@site/versioned_docs/version-1.7.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",603453],"99f14015":[()=&gt;r.e("34666").then(r.t.bind(r,222431,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-howto-wasm-db0.json",222431],"99fc156c":[()=&gt;r.e("49527").then(r.bind(r,314504)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/tsb-terminology.mdx",314504],"9a1be958":[()=&gt;r.e("55518").then(r.bind(r,394722)),"@site/versioned_docs/version-1.11.x/design-guides/ha-dr-mp/introduction.mdx",394722],"9a301ea1":[()=&gt;r.e("97592").then(r.bind(r,608222)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/organization_service.mdx",608222],"9a59015f":[()=&gt;r.e("12004").then(r.t.bind(r,483301,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-cli-reference-7f1.json",483301],"9a5e11ad":[()=&gt;r.e("9174").then(r.bind(r,485515)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2.mdx",485515],"9a663767":[()=&gt;r.e("79499").then(r.bind(r,276946)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",276946],"9a68a6d1":[()=&gt;r.e("37844").then(r.bind(r,132691)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",132691],"9a7c1471":[()=&gt;r.e("31581").then(r.bind(r,36823)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",36823],"9a9cd9fa":[()=&gt;r.e("60309").then(r.bind(r,32997)),"@site/versioned_docs/version-1.11.x/release-notes.mdx",32997],"9ab3907d":[()=&gt;Promise.all([r.e("86212"),r.e("91077")]).then(r.bind(r,735205)),"@site/versioned_docs/version-1.6.x/quickstart/deploy-sample-app.mdx",735205],"9aba021b":[()=&gt;r.e("39868").then(r.bind(r,445749)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io.md",445749],"9ac5d56f":[()=&gt;r.e("85825").then(r.bind(r,121015)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",121015],"9aed56d0":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("58604")]).then(r.bind(r,725604)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/external-rate-limiting.mdx",725604],"9af1eddb":[()=&gt;r.e("52921").then(r.bind(r,918817)),"@site/versioned_docs/version-next/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",918817],"9af915d4":[()=&gt;r.e("40947").then(r.t.bind(r,154617,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-v-2-yaml-18c.json",154617],"9b006afc":[()=&gt;r.e("61308").then(r.bind(r,157570)),"@site/versioned_docs/version-1.12.x/index.mdx",157570],"9b1471df":[()=&gt;r.e("4974").then(r.t.bind(r,689246,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-howto-gateway-c55.json",689246],"9b31e299":[()=&gt;r.e("49836").then(r.bind(r,828966)),"@site/versioned_docs/version-next/refs/tsb/extension/v2/wasm_service.mdx",828966],"9b330820":[()=&gt;Promise.all([r.e("86212"),r.e("14908")]).then(r.bind(r,754222)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/cross-cluster.mdx",754222],"9b384b39":[()=&gt;r.e("15483").then(r.t.bind(r,745986,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-quickstart-0ea.json",745986],"9b3b7340":[()=&gt;r.e("85174").then(r.bind(r,456522)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/get.md",456522],"9b3dca46":[()=&gt;r.e("56425").then(r.bind(r,570402)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/team_service.mdx",570402],"9b585fa8":[()=&gt;r.e("60705").then(r.bind(r,339219)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/team.mdx",339219],"9b58f7bc":[()=&gt;r.e("56871").then(r.t.bind(r,514682,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-audit-v-1-grpc-a40.json",514682],"9b69830b":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("75253")]).then(r.bind(r,788327)),"@site/versioned_docs/version-1.11.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",788327],"9b6ed7ab":[()=&gt;r.e("72642").then(r.bind(r,997949)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/introduction.mdx",997949],"9b89e6b0":[()=&gt;r.e("72851").then(r.t.bind(r,537117,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-cli-reference-ca9.json",537117],"9b9dae45":[()=&gt;r.e("13521").then(r.t.bind(r,576250,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-troubleshooting-683.json",576250],"9bad085b":[()=&gt;r.e("13755").then(r.t.bind(r,815138,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-operators-ba9.json",815138],"9badbe83":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("86230")]).then(r.bind(r,149392)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/index.mdx",149392],"9bbf8641":[()=&gt;r.e("3862").then(r.bind(r,602214)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/status.md",602214],"9bc0bb41":[()=&gt;Promise.all([r.e("86212"),r.e("28070")]).then(r.bind(r,811766)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/operating/troubleshoot.mdx",811766],"9bc14ce8":[()=&gt;r.e("5234").then(r.bind(r,864390)),"@site/versioned_docs/version-next/refs/tsb/v2/cluster.mdx",864390],"9beebdd9":[()=&gt;r.e("22075").then(r.bind(r,772777)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/tier1-gateway.mdx",772777],"9befd231":[()=&gt;r.e("31767").then(r.t.bind(r,895400,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-segmentation-v-1-yaml-ba9.json",895400],"9bf8de7a":[()=&gt;r.e("85164").then(r.t.bind(r,616587,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-v-2-grpc-9f8.json",616587],"9bfb2702":[()=&gt;r.e("7876").then(r.bind(r,350502)),"@site/versioned_docs/version-next/refs/tsb/observability/telemetry/v2/source_service.mdx",350502],"9c0570cf":[()=&gt;r.e("82687").then(r.bind(r,432697)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/info.mdx",432697],"9c200a6d":[()=&gt;r.e("76713").then(r.bind(r,496676)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/api_access_bindings.mdx",496676],"9c28cc23":[()=&gt;r.e("73269").then(r.t.bind(r,429526,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-traffic-v-2-yaml-fc1.json",429526],"9c581b1d":[()=&gt;r.e("96359").then(r.bind(r,292425)),"@site/versioned_docs/version-1.7.x/refs/tsb/types/v2/types.mdx",292425],"9c840afa":[()=&gt;r.e("92740").then(r.bind(r,644214)),"@site/versioned_docs/version-1.6.x/operations/features/configure-cluster-external-addresses.mdx",644214],"9c981aa0":[()=&gt;Promise.all([r.e("86212"),r.e("81266")]).then(r.bind(r,522183)),"@site/versioned_docs/version-1.6.x/setup/self-managed/toc.mdx",522183],"9ca817d5":[()=&gt;r.e("98140").then(r.bind(r,57866)),"@site/versioned_docs/version-1.12.x/howto/waf.mdx",57866],"9caf7dc9":[()=&gt;r.e("4028").then(r.bind(r,890626)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",890626],"9cf147eb":[()=&gt;Promise.all([r.e("86212"),r.e("4113")]).then(r.bind(r,229202)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/gateway-security.mdx",229202],"9d0408d7":[()=&gt;r.e("2489").then(r.bind(r,245489)),"@site/versioned_docs/version-1.9.x/troubleshooting/debug-container.mdx",245489],"9d22647b":[()=&gt;r.e("64678").then(r.bind(r,39109)),"@site/versioned_docs/version-1.12.x/operations/kube-customization.mdx",39109],"9d2e7c5c":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("68384")]).then(r.bind(r,580238)),"@site/versioned_docs/version-1.7.x/design-guides/ha-dr-mp/index.mdx",580238],"9d2ed416":[()=&gt;r.e("50695").then(r.bind(r,655752)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/tenant_service.mdx",655752],"9d7e4822":[()=&gt;Promise.all([r.e("86212"),r.e("60795")]).then(r.bind(r,199360)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/toc.mdx",199360],"9d9cf21b":[()=&gt;r.e("13798").then(r.bind(r,91269)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",91269],"9da1deb8":[()=&gt;r.e("11695").then(r.bind(r,305613)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin.mdx",305613],"9da47bcf":[()=&gt;r.e("89945").then(r.bind(r,221049)),"@site/versioned_docs/version-1.12.x/operations/users/new-user-local-idp.mdx",221049],"9daecf10":[()=&gt;r.e("22454").then(r.bind(r,142377)),"@site/versioned_docs/version-1.11.x/concepts/configuration-dataflow.mdx",142377],"9db81f19":[()=&gt;r.e("12813").then(r.bind(r,896666)),"@site/versioned_docs/version-1.7.x/troubleshooting/troubleshooting.mdx",896666],"9dc7422a":[()=&gt;r.e("61513").then(r.t.bind(r,108115,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-quickstart-9c8.json",108115],"9de5ffbe":[()=&gt;r.e("50827").then(r.bind(r,284314)),"@site/versioned_docs/version-1.10.x/howto/promql-using-skywalking.mdx",284314],"9e07d621":[()=&gt;r.e("27496").then(r.bind(r,272146)),"@site/versioned_docs/version-1.11.x/operations/users/user-synchronization.mdx",272146],"9e0d9dc1":[()=&gt;r.e("32012").then(r.bind(r,815932)),"@site/versioned_docs/version-1.11.x/howto/hpa-using-skywalking.mdx",815932],"9e24b183":[()=&gt;r.e("56530").then(r.bind(r,387421)),"@site/versioned_docs/version-1.12.x/howto/traffic/migrating-VM-monoliths.mdx",387421],"9e262c49":[()=&gt;r.e("81826").then(r.bind(r,993044)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/install.md",993044],"9e3051f7":[()=&gt;Promise.all([r.e("86212"),r.e("93659")]).then(r.bind(r,457855)),"@site/versioned_docs/version-1.8.x/setup/self-managed/onboarding-clusters.mdx",457855],"9e536da4":[()=&gt;r.e("41220").then(r.bind(r,963216)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/role_service.mdx",963216],"9e5ad600":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("21656")]).then(r.bind(r,138169)),"@site/versioned_docs/version-1.9.x/design-guides/index.mdx",138169],"9e774a70":[()=&gt;r.e("91241").then(r.bind(r,516876)),"@site/versioned_docs/version-1.9.x/operations/features/gateway-deletion-webhook.mdx",516876],"9e78723e":[()=&gt;r.e("3338").then(r.bind(r,183548)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/application_access_bindings.mdx",183548],"9e7fe9f6":[()=&gt;r.e("2252").then(r.bind(r,158406)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",158406],"9e9d333c":[()=&gt;r.e("97608").then(r.bind(r,705590)),"@site/versioned_docs/version-1.12.x/setup/helm/managementplane.mdx",705590],"9ecb8f0c":[()=&gt;r.e("45254").then(r.bind(r,298570)),"@site/versioned_docs/version-next/operations/features/gateway-deletion-webhook.mdx",298570],"9ed664b7":[()=&gt;Promise.all([r.e("86212"),r.e("48988")]).then(r.bind(r,348152)),"@site/versioned_docs/version-1.9.x/howto/gateway/https-with-proxy-protocol.mdx",348152],"9ef73ae3":[()=&gt;r.e("24000").then(r.bind(r,597514)),"@site/versioned_docs/version-1.11.x/setup/aws/container-marketplace.mdx",597514],"9f103cbd":[()=&gt;r.e("3632").then(r.t.bind(r,458628,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-tags-featured-853.json",458628],"9f2c12d9":[()=&gt;r.e("64651").then(r.bind(r,322237)),"@site/versioned_docs/version-1.11.x/refs/tsb/types/v2/types.mdx",322237],"9f30bbbc":[()=&gt;r.e("63687").then(r.bind(r,821421)),"@site/versioned_docs/version-1.6.x/release-notes.mdx",821421],"9f58c96a":[()=&gt;r.e("2988").then(r.bind(r,180954)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",180954],"9f6b31c1":[()=&gt;r.e("96226").then(r.bind(r,373167)),"@site/versioned_docs/version-1.12.x/operations/postgresql/backup-and-restore.mdx",373167],"9f746e0a":[()=&gt;r.e("69416").then(r.bind(r,329483)),"@site/versioned_docs/version-1.11.x/quickstart/workspace.mdx",329483],"9f7ce2d9":[()=&gt;r.e("26961").then(r.bind(r,538596)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",538596],"9f997cb6":[()=&gt;r.e("26563").then(r.bind(r,392459)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",392459],"9fa2f6ff":[()=&gt;r.e("13945").then(r.t.bind(r,204105,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-workload-onboarding-onboarding-runtime-d33.json",204105],"9fd4cd86":[()=&gt;r.e("56145").then(r.bind(r,363647)),"@site/versioned_docs/version-1.12.x/workingwithsupport/workingWithTetrateSupport.mdx",363647],"9fe782d3":[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("72842")]).then(r.bind(r,912319)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/tls-validation.mdx",912319],a00c7798:[()=&gt;r.e("85918").then(r.bind(r,276375)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/config.md",276375],a0130d83:[()=&gt;r.e("12583").then(r.bind(r,464006)),"@site/versioned_docs/version-1.9.x/operations/vault/elasticsearch.mdx",464006],a03d08fe:[()=&gt;r.e("70297").then(r.t.bind(r,224182,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-security-v-2-grpc-f30.json",224182],a03d45f5:[()=&gt;r.e("9703").then(r.bind(r,632246)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",632246],a048178c:[()=&gt;r.e("29222").then(r.bind(r,23115)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",23115],a04dabd0:[()=&gt;Promise.all([r.e("86212"),r.e("72801")]).then(r.bind(r,120709)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",120709],a078d7b8:[()=&gt;r.e("4756").then(r.bind(r,913074)),"@site/versioned_docs/version-1.8.x/concepts/observability.mdx",913074],a082c253:[()=&gt;Promise.all([r.e("86212"),r.e("45327")]).then(r.bind(r,791230)),"@site/versioned_docs/version-1.11.x/setup/upgrades/revisioned-to-revisioned.mdx",791230],a08fc039:[()=&gt;r.e("56520").then(r.t.bind(r,607465,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-rbac-v-2-yaml-592.json",607465],a0b4edd1:[()=&gt;r.e("70722").then(r.bind(r,827413)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/troubleshooting.mdx",827413],a0c04e9e:[()=&gt;r.e("30805").then(r.bind(r,533549)),"@site/versioned_docs/version-1.11.x/concepts/configuration-inheritance.mdx",533549],a1067f70:[()=&gt;r.e("50127").then(r.bind(r,767808)),"@site/versioned_docs/version-1.7.x/reference/samples/sleep-service.mdx",767808],a112168d:[()=&gt;Promise.all([r.e("86212"),r.e("94060")]).then(r.bind(r,55022)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/introduction.mdx",55022],a1254542:[()=&gt;r.e("42215").then(r.bind(r,376849)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/apply.md",376849],a125c0aa:[()=&gt;r.e("93781").then(r.t.bind(r,639913,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-profile-v-2-grpc-d06.json",639913],a127d56b:[()=&gt;r.e("63255").then(r.bind(r,925913)),"@site/versioned_docs/version-1.8.x/refs/tsb/q/v2/approvals_service.mdx",925913],a12f4258:[()=&gt;r.e("1755").then(r.bind(r,272564)),"@site/versioned_docs/version-1.6.x/refs/tsb/registry/v2/lookup_service.mdx",272564],a12fc6af:[()=&gt;Promise.all([r.e("86212"),r.e("41618")]).then(r.bind(r,475391)),"@site/versioned_docs/version-1.8.x/design-guides/ha-dr-mp/dr-managementplane.mdx",475391],a1349e7f:[()=&gt;r.e("68740").then(r.bind(r,756288)),"@site/versioned_docs/version-next/refs/tsb/v2/organization_service.mdx",756288],a137e637:[()=&gt;r.e("57472").then(r.bind(r,229353)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/egress_gateway.mdx",229353],a138dc9f:[()=&gt;r.e("20449").then(r.t.bind(r,416585,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-security-v-2-grpc-2ad.json",416585],a151c2a7:[()=&gt;r.e("93866").then(r.bind(r,462881)),"@site/versioned_docs/version-next/operations/features/enable-config-protection.mdx",462881],a178fca9:[()=&gt;Promise.all([r.e("86212"),r.e("24019")]).then(r.bind(r,372670)),"@site/versioned_docs/version-1.7.x/setup/self-managed/management-plane-installation.mdx",372670],a1e2e865:[()=&gt;Promise.all([r.e("86212"),r.e("61001")]).then(r.bind(r,839544)),"@site/versioned_docs/version-next/setup/upgrades/non-revisioned-to-revisioned.mdx",839544],a1e9edef:[()=&gt;r.e("59497").then(r.bind(r,180103)),"@site/versioned_docs/version-1.12.x/operations/configuration-promotion.mdx",180103],a21d6263:[()=&gt;r.e("88877").then(r.bind(r,738985)),"@site/versioned_docs/version-1.6.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",738985],a222cd75:[()=&gt;r.e("83715").then(r.t.bind(r,288626,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-workload-onboarding-onboarding-runtime-889.json",288626],a237db7f:[()=&gt;Promise.all([r.e("86212"),r.e("29925")]).then(r.bind(r,824313)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/demo-1.mdx",824313],a24f1e68:[()=&gt;r.e("87069").then(r.bind(r,270391)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/organization_setting.mdx",270391],a259f508:[()=&gt;r.e("31771").then(r.bind(r,318113)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",318113],a26d2e14:[()=&gt;r.e("82134").then(r.bind(r,903974)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/service_security_setting.mdx",903974],a270de6f:[()=&gt;r.e("88022").then(r.bind(r,53751)),"@site/versioned_docs/version-1.12.x/operations/elasticsearch/elasticsearch-role.mdx",53751],a275284f:[()=&gt;r.e("32322").then(r.bind(r,519072)),"@site/versioned_docs/version-1.9.x/howto/authorization/tls-verification.mdx",519072],a27fbc10:[()=&gt;r.e("43065").then(r.bind(r,116289)),"@site/versioned_docs/version-1.9.x/howto/wasm/wasm-try.mdx",116289],a2a9b866:[()=&gt;r.e("2782").then(r.t.bind(r,818720,19)),"@generated/docusaurus-plugin-redoc/next/__plugin.json",818720],a2ab2ca0:[()=&gt;r.e("30905").then(r.bind(r,76335)),"@site/versioned_docs/version-1.10.x/setup/certificate/automated-certificate-management.mdx",76335],a2b47c03:[()=&gt;r.e("71641").then(r.bind(r,143059)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",143059],a2b516d2:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("1027")]).then(r.bind(r,569204)),"@site/versioned_docs/version-next/quickstart/observability.mdx",569204],a2e3d252:[()=&gt;r.e("17828").then(r.bind(r,978122)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",978122],a2e74239:[()=&gt;r.e("69234").then(r.bind(r,736785)),"@site/versioned_docs/version-1.7.x/setup/helm/managementplane.mdx",736785],a2f96c2e:[()=&gt;r.e("22707").then(r.bind(r,328361)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/edit.md",328361],a302f516:[()=&gt;Promise.all([r.e("86212"),r.e("58002")]).then(r.bind(r,484685)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/active-standby/troubleshoot.mdx",484685],a312e0fd:[()=&gt;r.e("83911").then(r.t.bind(r,971661,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-postgresql-9dc.json",971661],a3151e49:[()=&gt;Promise.all([r.e("86212"),r.e("5400")]).then(r.bind(r,419638)),"@site/versioned_docs/version-1.12.x/reference/cli/guide/index.mdx",419638],a33cfe43:[()=&gt;r.e("7962").then(r.bind(r,106118)),"@site/versioned_docs/version-1.12.x/concepts/configuration-dataflow.mdx",106118],a35b56b1:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("93645")]).then(r.bind(r,654986)),"@site/versioned_docs/version-1.12.x/design-guides/index.mdx",654986],a367c8a3:[()=&gt;r.e("33893").then(r.bind(r,416293)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/overview.mdx",416293],a378b4f7:[()=&gt;r.e("29531").then(r.bind(r,347872)),"@site/versioned_docs/version-next/operations/elasticsearch/elasticsearch-role.mdx",347872],a389770d:[()=&gt;r.e("69672").then(r.bind(r,721090)),"@site/versioned_docs/version-1.9.x/reference/samples/sleep-service.mdx",721090],a39d5273:[()=&gt;Promise.all([r.e("86212"),r.e("62034")]).then(r.bind(r,165333)),"@site/versioned_docs/version-1.8.x/quickstart/deploy-sample-app.mdx",165333],a3a45df9:[()=&gt;Promise.all([r.e("86212"),r.e("74195")]).then(r.bind(r,663946)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/cluster-failover.mdx",663946],a3a9c0f2:[()=&gt;r.e("92193").then(r.bind(r,92316)),"@site/versioned_docs/version-1.6.x/operations/elasticsearch/wipe-elastic.mdx",92316],a3abed73:[()=&gt;r.e("21028").then(r.t.bind(r,14618,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-workload-onboarding-quickstart-703.json",14618],a3cbc440:[()=&gt;r.e("51299").then(r.bind(r,847862)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",847862],a3d667af:[()=&gt;r.e("67816").then(r.t.bind(r,605429,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-install-d63.json",605429],a3d89946:[()=&gt;r.e("28577").then(r.t.bind(r,240823,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-fc8.json",240823],a3e21ece:[()=&gt;r.e("4457").then(r.bind(r,530007)),"@site/versioned_docs/version-1.7.x/setup/aws/vpc.mdx",530007],a3e4afe5:[()=&gt;r.e("36451").then(r.t.bind(r,757761,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-vault-18b.json",757761],a3eb415b:[()=&gt;Promise.all([r.e("86212"),r.e("30348")]).then(r.bind(r,270273)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/operating/troubleshoot.mdx",270273],a3f2a6b0:[()=&gt;r.e("91832").then(r.bind(r,418693)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/gateways-management.mdx",418693],a3fc93f4:[()=&gt;r.e("33590").then(r.bind(r,874987)),"@site/versioned_docs/version-1.12.x/setup/isolation-boundaries-installation.mdx",874987],a43640e0:[()=&gt;r.e("90545").then(r.bind(r,381567)),"@site/versioned_docs/version-1.8.x/refs/install/common/common_config.mdx",381567],a44418d6:[()=&gt;r.e("31396").then(r.bind(r,104959)),"@site/versioned_docs/version-1.6.x/operations/users/oidc-azure.mdx",104959],a452c8c3:[()=&gt;r.e("16837").then(r.bind(r,878891)),"@site/versioned_docs/version-1.9.x/refs/tsb/observability/telemetry/v2/source_service.mdx",878891],a4a5b73d:[()=&gt;r.e("74320").then(r.bind(r,604863)),"@site/versioned_docs/version-1.11.x/reference/samples/httpbin.mdx",604863],a4a5cc5a:[()=&gt;r.e("52393").then(r.bind(r,424175)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/ingress-gateway.mdx",424175],a4cc8031:[()=&gt;r.e("15083").then(r.bind(r,569344)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",569344],a4d93f17:[()=&gt;r.e("47122").then(r.bind(r,529197)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/access_bindings.mdx",529197],a4f1cc4a:[()=&gt;r.e("60068").then(r.bind(r,117258)),"@site/versioned_docs/version-1.10.x/troubleshooting/proxy-tools.mdx",117258],a4f1cff7:[()=&gt;r.e("64738").then(r.bind(r,408564)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/role_service.mdx",408564],a4fa1230:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("2368")]).then(r.bind(r,585407)),"@site/versioned_docs/version-1.7.x/design-guides/app-onboarding/index.mdx",585407],a5186798:[()=&gt;r.e("67234").then(r.bind(r,164302)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",164302],a519c974:[()=&gt;r.e("63794").then(r.bind(r,19419)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io.md",19419],a524b78c:[()=&gt;r.e("52757").then(r.bind(r,397566)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",397566],a52bcc5a:[()=&gt;r.e("49264").then(r.bind(r,622413)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/internal-rate-limiting.mdx",622413],a53cbda4:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("41519")]).then(r.bind(r,763625)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/index.mdx",763625],a54c1951:[()=&gt;r.e("27581").then(r.bind(r,171694)),"@site/versioned_docs/version-1.8.x/operations/elasticsearch/elasticsearch-role.mdx",171694],a55da15e:[()=&gt;r.e("33564").then(r.bind(r,784113)),"@site/versioned_docs/version-1.10.x/howto/service-accounts.mdx",784113],a560686b:[()=&gt;r.e("42966").then(r.bind(r,155923)),"@site/versioned_docs/version-1.8.x/howto/authorization/ingress-gateway.mdx",155923],a562e81b:[()=&gt;r.e("94989").then(r.bind(r,587331)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/tctl.md",587331],a56d1563:[()=&gt;r.e("90922").then(r.bind(r,155225)),"@site/versioned_docs/version-1.9.x/refs/tsb/extension/v2/wasm_extension.mdx",155225],a5a117df:[()=&gt;r.e("77826").then(r.bind(r,380581)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",380581],a5a9c51e:[()=&gt;r.e("88498").then(r.t.bind(r,189172,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-k-8-s-api-tsb-crds-gen-e58.json",189172],a5b975a6:[()=&gt;r.e("11609").then(r.bind(r,736297)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/access_bindings.mdx",736297],a5bf0f01:[()=&gt;r.e("46484").then(r.bind(r,123017)),"@site/versioned_docs/version-1.11.x/howto/security-domains.mdx",123017],a5cb6772:[()=&gt;r.e("93270").then(r.bind(r,264795)),"@site/versioned_docs/version-1.9.x/operations/kube-customization.mdx",264795],a5da99af:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("58843")]).then(r.bind(r,681588)),"@site/versioned_docs/version-1.11.x/design-guides/index.mdx",681588],a5edf3d6:[()=&gt;r.e("36865").then(r.bind(r,401080)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/service_security_setting.mdx",401080],a607e60f:[()=&gt;r.e("85730").then(r.bind(r,692158)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/team_service.mdx",692158],a6120c64:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("29543")]).then(r.bind(r,163835)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/external-rate-limiting.mdx",163835],a62b103e:[()=&gt;r.e("71061").then(r.bind(r,208312)),"@site/versioned_docs/version-1.8.x/concepts/configuration-dataflow.mdx",208312],a64bf4a7:[()=&gt;r.e("95906").then(r.t.bind(r,138973,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-observability-telemetry-v-2-grpc-82f.json",138973],a64dafeb:[()=&gt;r.e("63608").then(r.bind(r,336171)),"@site/versioned_docs/version-next/refs/tsb/dashboard/v1/dashboard_service.mdx",336171],a6508ff9:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("82831")]).then(r.bind(r,498752)),"@site/versioned_docs/version-1.7.x/quickstart/ingress-gateway.mdx",498752],a679147a:[()=&gt;r.e("89589").then(r.bind(r,145340)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",145340],a685a6aa:[()=&gt;r.e("63783").then(r.bind(r,275)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",275],a688f9aa:[()=&gt;Promise.all([r.e("86212"),r.e("69542")]).then(r.bind(r,724706)),"@site/versioned_docs/version-1.12.x/design-guides/ha-multicluster/demo-1.mdx",724706],a68e6490:[()=&gt;r.e("65539").then(r.t.bind(r,984614,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-q-v-2-grpc-adb.json",984614],a6b545f8:[()=&gt;r.e("50704").then(r.bind(r,737406)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/apply.md",737406],a6e7ae9b:[()=&gt;Promise.all([r.e("86212"),r.e("14410")]).then(r.bind(r,593761)),"@site/versioned_docs/version-1.8.x/reference/cli/guide/index.mdx",593761],a6ec60a0:[()=&gt;r.e("41369").then(r.bind(r,370566)),"@site/versioned_docs/version-next/refs/tsb/registry/v2/service.mdx",370566],a6ec950c:[()=&gt;r.e("42179").then(r.bind(r,778111)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/organization_service.mdx",778111],a7073a5f:[()=&gt;Promise.all([r.e("86212"),r.e("20809")]).then(r.bind(r,666303)),"@site/versioned_docs/version-1.11.x/setup/self-managed/onboarding-clusters.mdx",666303],a7233098:[()=&gt;r.e("63730").then(r.bind(r,151613)),"@site/versioned_docs/version-1.11.x/quickstart/introduction.mdx",151613],a725b7ba:[()=&gt;r.e("62435").then(r.bind(r,282396)),"@site/versioned_docs/version-1.7.x/howto/security-domains.mdx",282396],a73dfbf6:[()=&gt;r.e("59322").then(r.bind(r,447541)),"@site/versioned_docs/version-1.11.x/howto/authorization/tls-verification.mdx",447541],a7456010:[()=&gt;r.e("67365").then(r.t.bind(r,962050,19)),"@generated/docusaurus-plugin-content-pages/default/__plugin.json",962050],a75fb1be:[()=&gt;Promise.all([r.e("86212"),r.e("52498")]).then(r.bind(r,358862)),"@site/versioned_docs/version-1.10.x/operations/postgresql/azure-credentials.mdx",358862],a764a52b:[()=&gt;r.e("19792").then(r.bind(r,400334)),"@site/versioned_docs/version-1.8.x/operations/features/configure-gitops.mdx",400334],a786d655:[()=&gt;r.e("62382").then(r.bind(r,144014)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/introduction.mdx",144014],a7a05f99:[()=&gt;r.e("94655").then(r.bind(r,164681)),"@site/versioned_docs/version-1.9.x/refs/iam/v2/oidc_service.mdx",164681],a7b05071:[()=&gt;Promise.all([r.e("86212"),r.e("61147")]).then(r.bind(r,533114)),"@site/versioned_docs/version-1.8.x/setup/helm/toc.mdx",533114],a7b72e21:[()=&gt;r.e("5534").then(r.bind(r,962119)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/workspace.mdx",962119],a7bd4aaa:[()=&gt;r.e("55211").then(r.bind(r,926899)),"@theme/DocVersionRoot",926899],a7c3457a:[()=&gt;r.e("91095").then(r.bind(r,838018)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/introduction.mdx",838018],a808857d:[()=&gt;r.e("67519").then(r.bind(r,145333)),"@site/versioned_docs/version-next/reference/cli/reference/completion.md",145333],a80e10c8:[()=&gt;r.e("92808").then(r.bind(r,109146)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/service_security_setting.mdx",109146],a81d38b8:[()=&gt;r.e("68357").then(r.t.bind(r,436369,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-a31.json",436369],a81d868b:[()=&gt;r.e("45621").then(r.bind(r,480183)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",480183],a8263b12:[()=&gt;r.e("45439").then(r.bind(r,566831)),"@site/versioned_docs/version-1.9.x/concepts/operators/control-plane.mdx",566831],a84b9bda:[()=&gt;Promise.all([r.e("86212"),r.e("45789")]).then(r.bind(r,664661)),"@site/versioned_docs/version-1.6.x/design-guides/dr-mp/dr-managementplane.mdx",664661],a8576736:[()=&gt;r.e("30386").then(r.bind(r,323205)),"@site/versioned_docs/version-next/refs/install/controlplane/v1alpha1/spec.mdx",323205],a86b828c:[()=&gt;Promise.all([r.e("86212"),r.e("75931")]).then(r.bind(r,806416)),"@site/versioned_docs/version-1.11.x/setup/self-managed/management-plane-installation.mdx",806416],a876b667:[()=&gt;r.e("46336").then(r.bind(r,318906)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration.mdx",318906],a878f37e:[()=&gt;r.e("1881").then(r.t.bind(r,836813,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-install-b3c.json",836813],a88f1cee:[()=&gt;r.e("49255").then(r.bind(r,464513)),"@site/versioned_docs/version-1.6.x/operations/telemetry/distributed-tracing.md",464513],a89d4e71:[()=&gt;r.e("70678").then(r.t.bind(r,641569,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-knowledge-base-7a3.json",641569],a8bed352:[()=&gt;r.e("50174").then(r.bind(r,590276)),"@site/versioned_docs/version-1.7.x/troubleshooting/tsb-ui-metrics.mdx",590276],a8ce3b52:[()=&gt;r.e("70924").then(r.bind(r,208906)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/ecs-workloads.mdx",208906],a8ddebf8:[()=&gt;Promise.all([r.e("86212"),r.e("42813")]).then(r.bind(r,622864)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/demo-1.mdx",622864],a8e7484a:[()=&gt;Promise.all([r.e("86212"),r.e("5282")]).then(r.bind(r,596802)),"@site/versioned_docs/version-1.8.x/howto/gateway/https-with-proxy-protocol.mdx",596802],a8f3f710:[()=&gt;r.e("23148").then(r.bind(r,771231)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",771231],a8fb932f:[()=&gt;Promise.all([r.e("86212"),r.e("50125")]).then(r.bind(r,30158)),"@site/versioned_docs/version-next/howto/gateway/unified-gateway-upgrade.mdx",30158],a8fd4d00:[()=&gt;Promise.all([r.e("86212"),r.e("61938")]).then(r.bind(r,281898)),"@site/versioned_docs/version-1.7.x/concepts/toc.mdx",281898],a901f6ec:[()=&gt;r.e("53870").then(r.bind(r,191458)),"@site/versioned_docs/version-1.10.x/howto/traffic/gateway-mtls.mdx",191458],a9193099:[()=&gt;r.e("34878").then(r.t.bind(r,242932,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-rbac-v-2-grpc-4fe.json",242932],a93b3a77:[()=&gt;r.e("1183").then(r.t.bind(r,69129,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-aws-c1d.json",69129],a9448ecd:[()=&gt;r.e("56863").then(r.bind(r,708480)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/login.md",708480],a94703ab:[()=&gt;Promise.all([r.e("86212"),r.e("87441"),r.e("19914")]).then(r.bind(r,913924)),"@theme/DocRoot",913924],a95198ba:[()=&gt;r.e("84540").then(r.t.bind(r,605220,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-yaml-api-reference-07b.json",605220],a951bbc2:[()=&gt;r.e("42779").then(r.t.bind(r,475997,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-k-8-s-api-tsb-crds-gen-19d.json",475997],a95a7615:[()=&gt;r.e("71820").then(r.bind(r,898253)),"@site/versioned_docs/version-1.11.x/setup/helm/dataplane.mdx",898253],a9638558:[()=&gt;Promise.all([r.e("86212"),r.e("28970")]).then(r.bind(r,822234)),"@site/versioned_docs/version-1.6.x/concepts/operators/toc.mdx",822234],a977074c:[()=&gt;r.e("77511").then(r.bind(r,356538)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",356538],a997c63d:[()=&gt;r.e("60753").then(r.bind(r,919287)),"@site/versioned_docs/version-1.7.x/operations/elasticsearch/wipe-elastic.mdx",919287],a997d86e:[()=&gt;r.e("5152").then(r.bind(r,715312)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt.mdx",715312],a99f0876:[()=&gt;r.e("87469").then(r.bind(r,752234)),"@site/versioned_docs/version-1.6.x/knowledge-base/gitops.mdx",752234],a9ca7279:[()=&gt;r.e("22405").then(r.bind(r,403370)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",403370],a9e9d418:[()=&gt;r.e("74934").then(r.bind(r,764900)),"@site/versioned_docs/version-1.9.x/setup/security-context.mdx",764900],a9ee99db:[()=&gt;r.e("52140").then(r.bind(r,499584)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",499584],a9f0290c:[()=&gt;r.e("70922").then(r.bind(r,197718)),"@site/versioned_docs/version-1.11.x/cheatsheet/index.mdx",197718],aa02c956:[()=&gt;r.e("5579").then(r.bind(r,28583)),"@site/versioned_docs/version-1.7.x/setup/self-managed/demo-installation.mdx",28583],aa07f1bf:[()=&gt;r.e("51924").then(r.bind(r,982139)),"@site/versioned_docs/version-1.6.x/howto/waf.mdx",982139],aa1bca83:[()=&gt;Promise.all([r.e("86212"),r.e("57125")]).then(r.bind(r,174646)),"@site/versioned_docs/version-1.11.x/design-guides/ha-dr-mp/dr-managementplane.mdx",174646],aa207d9a:[()=&gt;r.e("73178").then(r.bind(r,225782)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg.mdx",225782],aa246375:[()=&gt;Promise.all([r.e("86212"),r.e("88672")]).then(r.bind(r,984256)),"@site/versioned_docs/version-1.10.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",984256],aa28612a:[()=&gt;r.e("93767").then(r.t.bind(r,931861,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-rbac-v-2-grpc-27e.json",931861],aa2bc659:[()=&gt;r.e("66826").then(r.bind(r,113118)),"@site/versioned_docs/version-1.10.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",113118],aa30d419:[()=&gt;r.e("42846").then(r.bind(r,706652)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/guide.mdx",706652],aa47b508:[()=&gt;r.e("53704").then(r.t.bind(r,439617,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-certificate-c45.json",439617],aa482c38:[()=&gt;r.e("19144").then(r.bind(r,830364)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/organization_setting.mdx",830364],aa4d6433:[()=&gt;r.e("50059").then(r.bind(r,187896)),"@site/versioned_docs/version-1.8.x/reference/rest-api/guide.mdx",187896],aa57e8cf:[()=&gt;r.e("70451").then(r.bind(r,118756)),"@site/versioned_docs/version-1.11.x/setup/aws/vpc.mdx",118756],aa7d56d7:[()=&gt;r.e("68180").then(r.t.bind(r,519315,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-tags-tsb-quickstart-cbf.json",519315],aaac0c03:[()=&gt;r.e("35477").then(r.bind(r,500403)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/tsb-concepts.mdx",500403],aab216e9:[()=&gt;Promise.all([r.e("86212"),r.e("99745")]).then(r.bind(r,960676)),"@site/versioned_docs/version-1.8.x/setup/upgrades/cni-upgrade.mdx",960676],aab6dc06:[()=&gt;r.e("46736").then(r.t.bind(r,518380,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-diagnostic-v-2-grpc-f47.json",518380],aab8ec50:[()=&gt;Promise.all([r.e("86212"),r.e("11571")]).then(r.bind(r,716129)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/deploy-service.mdx",716129],aad2363e:[()=&gt;r.e("79443").then(r.bind(r,171767)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",171767],aadad1d6:[()=&gt;r.e("53074").then(r.bind(r,843331)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/edge-failover.mdx",843331],aadd7827:[()=&gt;r.e("64520").then(r.bind(r,287052)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/onboarding.mdx",287052],aae28aa1:[()=&gt;r.e("40873").then(r.bind(r,572708)),"@site/versioned_docs/version-1.7.x/concepts/traffic-management.mdx",572708],aae50a70:[()=&gt;r.e("14325").then(r.bind(r,172051)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",172051],ab04b800:[()=&gt;r.e("68261").then(r.bind(r,780857)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/tenant_service.mdx",780857],ab303757:[()=&gt;Promise.all([r.e("86212"),r.e("34743")]).then(r.bind(r,271972)),"@site/versioned_docs/version-next/setup/upgrades/gateway-upgrade.mdx",271972],ab33ef40:[()=&gt;r.e("74736").then(r.t.bind(r,404701,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-howto-gitops-736.json",404701],ab6113dd:[()=&gt;r.e("98370").then(r.t.bind(r,250891,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-4a7.json",250891],ab6452a2:[()=&gt;r.e("12721").then(r.bind(r,299631)),"@site/versioned_docs/version-1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway.mdx",299631],ab9be1b0:[()=&gt;r.e("13578").then(r.bind(r,468597)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/onboarding.mdx",468597],aba21aa0:[()=&gt;r.e("15112").then(r.t.bind(r,342418,19)),"@generated/docusaurus-plugin-content-docs/default/__plugin.json",342418],abbf75c6:[()=&gt;r.e("41910").then(r.t.bind(r,766119,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-754.json",766119],ac071c5f:[()=&gt;r.e("46410").then(r.bind(r,109173)),"@site/versioned_docs/version-1.9.x/refs/tsb/traffic/v2/traffic_group.mdx",109173],ac12193a:[()=&gt;Promise.all([r.e("86212"),r.e("88359")]).then(r.bind(r,698505)),"@site/versioned_docs/version-1.12.x/howto/authorization/toc.mdx",698505],ac1f6b65:[()=&gt;r.e("20769").then(r.bind(r,739176)),"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-quickstart.mdx",739176],ac2293a9:[()=&gt;r.e("41264").then(r.bind(r,777739)),"@site/versioned_docs/version-1.10.x/howto/gateway/host-based-egress-access-control.mdx",777739],ac2dfe85:[()=&gt;r.e("96828").then(r.t.bind(r,803940,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-cli-5dc.json",803940],ac34c264:[()=&gt;r.e("94232").then(r.t.bind(r,163692,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_11_x/redocApiLayoutV1-1_11_x.json",163692],ac44e306:[()=&gt;r.e("8702").then(r.t.bind(r,809047,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-users-1ef.json",809047],ac51c276:[()=&gt;r.e("8731").then(r.bind(r,599404)),"@site/versioned_docs/version-1.12.x/howto/gitops/flagger.mdx",599404],ac66e332:[()=&gt;r.e("15447").then(r.bind(r,734180)),"@site/versioned_docs/version-1.12.x/operations/features/enable-config-protection.mdx",734180],ac7a2dd1:[()=&gt;Promise.all([r.e("86212"),r.e("24858")]).then(r.bind(r,930119)),"@site/versioned_docs/version-1.12.x/howto/gateway/https-with-proxy-protocol.mdx",930119],acad3778:[()=&gt;Promise.all([r.e("86212"),r.e("80379")]).then(r.bind(r,407122)),"@site/versioned_docs/version-1.11.x/quickstart/deploy-sample-app.mdx",407122],acb1c92d:[()=&gt;r.e("12993").then(r.t.bind(r,364584,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-gateway-v-2-grpc-fd1.json",364584],acb79b49:[()=&gt;r.e("12020").then(r.bind(r,114092)),"@site/versioned_docs/version-1.7.x/howto/wasm/wasm-overview.mdx",114092],acc169fb:[()=&gt;r.e("9277").then(r.bind(r,267976)),"@site/versioned_docs/version-1.11.x/refs/tsb/observability/telemetry/v2/metric.mdx",267976],acc4bc9d:[()=&gt;Promise.all([r.e("86212"),r.e("78058")]).then(r.bind(r,604316)),"@site/versioned_docs/version-1.12.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",604316],acde09de:[()=&gt;r.e("46456").then(r.bind(r,852498)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",852498],acdedb08:[()=&gt;r.e("20559").then(r.bind(r,417935)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/ingress_gateway.mdx",417935],ace675f7:[()=&gt;Promise.all([r.e("86212"),r.e("11183")]).then(r.bind(r,784614)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",784614],acec8395:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("56340")]).then(r.bind(r,368989)),"@site/versioned_docs/version-1.8.x/howto/gateway/multi-cluster-traffic-shifting.mdx",368989],acef92f0:[()=&gt;Promise.all([r.e("86212"),r.e("19381")]).then(r.bind(r,867039)),"@site/versioned_docs/version-1.10.x/howto/gateway/https-with-proxy-protocol.mdx",867039],acfee351:[()=&gt;r.e("13339").then(r.bind(r,4209)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/ingress-gateway.mdx",4209],ad09d860:[()=&gt;r.e("10206").then(r.bind(r,784245)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/operations.mdx",784245],ad304b2c:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("98095")]).then(r.bind(r,898836)),"@site/versioned_docs/version-next/howto/gateway/application-gateway-with-openapi-annotations.mdx",898836],ad412eaf:[()=&gt;Promise.all([r.e("86212"),r.e("20880")]).then(r.bind(r,29211)),"@site/versioned_docs/version-1.12.x/concepts/operators/toc.mdx",29211],ad4320df:[()=&gt;r.e("6190").then(r.t.bind(r,887897,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-application-v-2-yaml-57e.json",887897],ad4461b2:[()=&gt;r.e("64246").then(r.bind(r,719379)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/service_route.mdx",719379],ad6d8156:[()=&gt;r.e("22756").then(r.bind(r,152397)),"@site/versioned_docs/version-1.11.x/setup/components.mdx",152397],ad71e513:[()=&gt;r.e("90581").then(r.bind(r,444381)),"@site/versioned_docs/version-1.12.x/setup/self-managed/upgrade.mdx",444381],ad8d0989:[()=&gt;r.e("45544").then(r.bind(r,854584)),"@site/versioned_docs/version-1.12.x/reference/grpc-api/guide.mdx",854584],ad9c559c:[()=&gt;r.e("54255").then(r.t.bind(r,93265,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-elasticsearch-283.json",93265],ada39fe6:[()=&gt;Promise.all([r.e("86212"),r.e("8096")]).then(r.bind(r,988618)),"@site/versioned_docs/version-1.9.x/reference/cli/guide/index.mdx",988618],ada617db:[()=&gt;r.e("40364").then(r.bind(r,478965)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/istio_traffic_direct.mdx",478965],addfb80b:[()=&gt;r.e("8570").then(r.bind(r,148937)),"@site/versioned_docs/version-1.11.x/operations/telemetry/distributed-tracing.md",148937],adf0a257:[()=&gt;r.e("2580").then(r.bind(r,763093)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin.mdx",763093],ae0bc265:[()=&gt;r.e("20002").then(r.bind(r,592066)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/install.md",592066],ae0eb984:[()=&gt;r.e("52715").then(r.bind(r,45309)),"@site/versioned_docs/version-next/release-notes.mdx",45309],ae119996:[()=&gt;r.e("40128").then(r.bind(r,423368)),"@site/versioned_docs/version-1.12.x/troubleshooting/component-status.mdx",423368],ae1805cf:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("97720")]).then(r.bind(r,193662)),"@site/versioned_docs/version-1.6.x/quickstart/observability.mdx",193662],ae1f8bca:[()=&gt;r.e("44384").then(r.bind(r,892283)),"@site/versioned_docs/version-1.11.x/howto/gateway/configure-oidc.mdx",892283],ae33650f:[()=&gt;r.e("47108").then(r.t.bind(r,284707,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-istiointernal-v-2-grpc-88d.json",284707],ae518f3d:[()=&gt;r.e("57432").then(r.bind(r,835146)),"@site/versioned_docs/version-next/setup/workload-onboarding/guides/troubleshooting.mdx",835146],aec1ec6f:[()=&gt;r.e("25424").then(r.bind(r,152177)),"@site/versioned_docs/version-1.6.x/operations/configuration-promotion.mdx",152177],aec23212:[()=&gt;r.e("59524").then(r.bind(r,387996)),"@site/versioned_docs/version-1.11.x/howto/gitops/gitops.mdx",387996],aec5814a:[()=&gt;r.e("12194").then(r.bind(r,915193)),"@site/versioned_docs/version-next/howto/gitops/argo-rollouts.mdx",915193],aefb46d8:[()=&gt;r.e("35298").then(r.bind(r,486234)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",486234],af0113cf:[()=&gt;r.e("54299").then(r.bind(r,822494)),"@site/versioned_docs/version-1.8.x/operations/features/deletion-protection.mdx",822494],af18ff88:[()=&gt;r.e("26661").then(r.bind(r,620747)),"@site/versioned_docs/version-1.11.x/setup/self-managed/uninstallation.mdx",620747],af2831dd:[()=&gt;r.e("70602").then(r.bind(r,140827)),"@site/versioned_docs/version-next/operations/users/user-synchronization.mdx",140827],af387f4e:[()=&gt;r.e("89788").then(r.bind(r,314051)),"@site/versioned_docs/version-1.11.x/operations/users/users-roles-and-permissions.mdx",314051],af47e6a0:[()=&gt;r.e("26174").then(r.bind(r,831346)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",831346],af4b1486:[()=&gt;r.e("95309").then(r.bind(r,841423)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",841423],af536908:[()=&gt;r.e("28181").then(r.bind(r,70953)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/ingress_gateway.mdx",70953],af604a9f:[()=&gt;r.e("19592").then(r.t.bind(r,428935,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-rbac-v-2-yaml-840.json",428935],af6bcf26:[()=&gt;r.e("54093").then(r.bind(r,695479)),"@site/versioned_docs/version-1.7.x/concepts/architecture.mdx",695479],af702ff2:[()=&gt;Promise.all([r.e("86212"),r.e("9828")]).then(r.bind(r,943181)),"@site/versioned_docs/version-1.9.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",943181],af91ccdc:[()=&gt;r.e("6874").then(r.bind(r,691525)),"@site/versioned_docs/version-1.9.x/refs/tsb/q/v2/approvals_service.mdx",691525],af9576eb:[()=&gt;r.e("6824").then(r.bind(r,952909)),"@site/versioned_docs/version-1.9.x/howto/gitops/argo-rollouts.mdx",952909],afbaa193:[()=&gt;r.e("33756").then(r.bind(r,660304)),"@site/versioned_docs/version-1.12.x/setup/self-managed/demo-installation.mdx",660304],afbb25f5:[()=&gt;r.e("28384").then(r.bind(r,999927)),"@site/versioned_docs/version-1.11.x/design-guides/ha-dr-mp/scenarios.mdx",999927],afbd6ea0:[()=&gt;r.e("24047").then(r.bind(r,785186)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",785186],afc0284a:[()=&gt;r.e("36744").then(r.bind(r,6173)),"@site/versioned_docs/version-1.8.x/howto/gateway/service-identity-propagation.mdx",6173],afd5ef19:[()=&gt;r.e("35460").then(r.bind(r,464559)),"@site/versioned_docs/version-next/operations/migrate-organization.mdx",464559],afd9de24:[()=&gt;r.e("13965").then(r.bind(r,828208)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",828208],afe03298:[()=&gt;r.e("22461").then(r.bind(r,960325)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/role.mdx",960325],afecb657:[()=&gt;r.e("20118").then(r.bind(r,683663)),"@site/versioned_docs/version-next/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin.mdx",683663],afee03a9:[()=&gt;r.e("10162").then(r.bind(r,792418)),"@site/versioned_docs/version-1.10.x/concepts/terminology.mdx",792418],aff01688:[()=&gt;r.e("53319").then(r.bind(r,883177)),"@site/versioned_docs/version-1.11.x/troubleshooting/troubleshooting.mdx",883177],aff743be:[()=&gt;r.e("16399").then(r.bind(r,824776)),"@site/versioned_docs/version-1.12.x/howto/gitops/flux.mdx",824776],b001939b:[()=&gt;r.e("60975").then(r.bind(r,732308)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",732308],b0046a7f:[()=&gt;r.e("10646").then(r.bind(r,997969)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/istio_gateway_direct.mdx",997969],b00ef544:[()=&gt;r.e("40892").then(r.bind(r,221357)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/ingress-gateway.mdx",221357],b022a781:[()=&gt;r.e("56646").then(r.t.bind(r,129232,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-extension-v-2-yaml-f29.json",129232],b02b53a4:[()=&gt;r.e("81336").then(r.bind(r,711866)),"@site/versioned_docs/version-1.10.x/howto/gitops/flux.mdx",711866],b045eff8:[()=&gt;r.e("2585").then(r.bind(r,113606)),"@site/versioned_docs/version-1.6.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",113606],b0482a3d:[()=&gt;r.e("75987").then(r.bind(r,262714)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",262714],b04848ed:[()=&gt;r.e("90951").then(r.t.bind(r,685001,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-registry-v-2-yaml-f95.json",685001],b07ac6e5:[()=&gt;r.e("81135").then(r.bind(r,676821)),"@site/versioned_docs/version-1.9.x/howto/waf.mdx",676821],b090831b:[()=&gt;r.e("54355").then(r.bind(r,81835)),"@site/versioned_docs/version-1.7.x/setup/helm/upgrade.mdx",81835],b092a602:[()=&gt;r.e("33178").then(r.bind(r,113660)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/gateway_service.mdx",113660],b09f3f93:[()=&gt;r.e("3742").then(r.bind(r,320025)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tctl.mdx",320025],b0bddd54:[()=&gt;r.e("72843").then(r.t.bind(r,420330,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-certificate-6f3.json",420330],b0bee6a2:[()=&gt;r.e("12942").then(r.t.bind(r,483668,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-workload-onboarding-onboarding-runtime-a0e.json",483668],b0e28972:[()=&gt;r.e("10791").then(r.bind(r,564945)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service.mdx",564945],b0f4cd6d:[()=&gt;Promise.all([r.e("86212"),r.e("42529")]).then(r.bind(r,114914)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/gateway-security.mdx",114914],b10de658:[()=&gt;r.e("33931").then(r.bind(r,7770)),"@site/versioned_docs/version-1.7.x/knowledge-base/faq.mdx",7770],b1148a1e:[()=&gt;r.e("15820").then(r.t.bind(r,998985,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-observability-telemetry-v-2-grpc-28f.json",998985],b13cd7a0:[()=&gt;r.e("26386").then(r.bind(r,306846)),"@site/versioned_docs/version-1.6.x/refs/install/managementplane/v1alpha1/spec.mdx",306846],b13f77ae:[()=&gt;r.e("63224").then(r.bind(r,629447)),"@site/versioned_docs/version-1.12.x/refs/install/dataplane/v1alpha1/spec.mdx",629447],b14450a1:[()=&gt;r.e("70990").then(r.bind(r,596378)),"@site/versioned_docs/version-1.9.x/operations/features/edge-dns-resolution.mdx",596378],b1482f7b:[()=&gt;r.e("13380").then(r.bind(r,970342)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/audit.md",970342],b14d85fe:[()=&gt;Promise.all([r.e("86212"),r.e("93831")]).then(r.bind(r,225295)),"@site/versioned_docs/version-1.12.x/setup/firewall-information.mdx",225295],b15671ea:[()=&gt;r.e("65886").then(r.bind(r,536231)),"@site/versioned_docs/version-1.8.x/operations/features/label-annotation.mdx",536231],b186a554:[()=&gt;r.e("23947").then(r.bind(r,811277)),"@site/versioned_docs/version-1.6.x/refs/tsb/gateway/v2/gateway_group.mdx",811277],b18c057c:[()=&gt;r.e("85618").then(r.t.bind(r,810249,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-grpc-api-469.json",810249],b18cf1cd:[()=&gt;Promise.all([r.e("86212"),r.e("8239")]).then(r.bind(r,907996)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/gateway-security.mdx",907996],b191355b:[()=&gt;r.e("23724").then(r.bind(r,304648)),"@site/versioned_docs/version-1.8.x/refs/tsb/application/v2/application.mdx",304648],b1920c07:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("78080")]).then(r.bind(r,356941)),"@site/versioned_docs/version-1.7.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",356941],b1bfdf6d:[()=&gt;r.e("19496").then(r.t.bind(r,670288,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-extension-v-2-yaml-c60.json",670288],b1d31ab3:[()=&gt;r.e("24683").then(r.bind(r,483451)),"@site/versioned_docs/version-next/operations/users/new-user-local-idp.mdx",483451],b1f41a54:[()=&gt;r.e("33668").then(r.t.bind(r,846861,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-profile-v-2-yaml-925.json",846861],b1f89a6a:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("14616")]).then(r.bind(r,431211)),"@site/versioned_docs/version-1.11.x/quickstart/observability.mdx",431211],b2182d0d:[()=&gt;Promise.all([r.e("86212"),r.e("30169")]).then(r.bind(r,426141)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",426141],b2202a22:[()=&gt;r.e("61562").then(r.bind(r,153086)),"@site/versioned_docs/version-1.7.x/refs/tsb/auth/v2/auth.mdx",153086],b225885b:[()=&gt;r.e("44413").then(r.bind(r,777958)),"@site/versioned_docs/version-next/refs/tsb/segmentation/v1/policy.mdx",777958],b24142dd:[()=&gt;Promise.all([r.e("86212"),r.e("77862")]).then(r.bind(r,294851)),"@site/versioned_docs/version-1.6.x/reference/cli/guide/index.mdx",294851],b25903ec:[()=&gt;r.e("19068").then(r.bind(r,381135)),"@site/versioned_docs/version-1.12.x/operations/lower-istio-resources.mdx",381135],b282ac97:[()=&gt;r.e("23630").then(r.bind(r,290146)),"@site/versioned_docs/version-1.7.x/refs/install/dataplane/v1alpha1/spec.mdx",290146],b285a4b0:[()=&gt;r.e("2310").then(r.t.bind(r,38869,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-workload-onboarding-onboarding-agent-011.json",38869],b2aaeb30:[()=&gt;r.e("52829").then(r.t.bind(r,447409,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-security-v-2-yaml-806.json",447409],b2b086c3:[()=&gt;Promise.all([r.e("86212"),r.e("37170")]).then(r.bind(r,434207)),"@site/versioned_docs/version-next/reference/cli/guide/index.mdx",434207],b2bc1887:[()=&gt;r.e("30014").then(r.bind(r,648850)),"@site/versioned_docs/version-1.9.x/refs/tsb/observability/telemetry/v2/source.mdx",648850],b2cdbdf6:[()=&gt;r.e("65817").then(r.t.bind(r,198487,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-tags-tsb-quickstart-2c8.json",198487],b2ded32e:[()=&gt;r.e("42418").then(r.bind(r,151313)),"@site/versioned_docs/version-1.7.x/operations/features/tier1-in-app-cluster.mdx",151313],b2ed36ae:[()=&gt;r.e("87988").then(r.bind(r,295062)),"@site/versioned_docs/version-next/reference/samples/opa.mdx",295062],b301719a:[()=&gt;r.e("1092").then(r.bind(r,209162)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/gateway_group.mdx",209162],b306b991:[()=&gt;r.e("46968").then(r.bind(r,384243)),"@site/versioned_docs/version-1.6.x/cheatsheet/index.mdx",384243],b3116755:[()=&gt;r.e("29733").then(r.bind(r,63646)),"@site/versioned_docs/version-1.10.x/setup/tctl-connect.mdx",63646],b336a979:[()=&gt;Promise.all([r.e("86212"),r.e("43278")]).then(r.bind(r,863588)),"@site/versioned_docs/version-1.11.x/operations/postgresql/azure-credentials.mdx",863588],b3449eea:[()=&gt;r.e("17178").then(r.bind(r,973951)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/role.mdx",973951],b3564314:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("81908")]).then(r.bind(r,242745)),"@site/versioned_docs/version-1.12.x/howto/traffic/canary-releases.mdx",242745],b39143d1:[()=&gt;Promise.all([r.e("86212"),r.e("52321")]).then(r.bind(r,142515)),"@site/versioned_docs/version-1.10.x/concepts/toc.mdx",142515],b3935fc4:[()=&gt;r.e("41434").then(r.bind(r,402799)),"@site/versioned_docs/version-1.7.x/release-notes-announcements/support-policy.mdx",402799],b3964e83:[()=&gt;r.e("40197").then(r.bind(r,366107)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/security_setting.mdx",366107],b3984b4c:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("35597")]).then(r.bind(r,990291)),"@site/versioned_docs/version-1.8.x/howto/traffic/load-balance.mdx",990291],b3bb38f9:[()=&gt;r.e("97472").then(r.t.bind(r,384076,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-setup-workload-onboarding-6d0.json",384076],b3c388af:[()=&gt;Promise.all([r.e("86212"),r.e("48123")]).then(r.bind(r,213692)),"@site/versioned_docs/version-1.10.x/quickstart/security.mdx",213692],b3e5aee8:[()=&gt;r.e("1394").then(r.bind(r,185384)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/experimental.md",185384],b3fbbeea:[()=&gt;r.e("21644").then(r.bind(r,485376)),"@site/versioned_docs/version-1.8.x/reference/samples/opa.mdx",485376],b414d0fb:[()=&gt;r.e("65633").then(r.bind(r,207262)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/demo-2.mdx",207262],b4227fd7:[()=&gt;r.e("16452").then(r.bind(r,621748)),"@site/versioned_docs/version-1.9.x/setup/self-managed/demo-installation.mdx",621748],b428074a:[()=&gt;r.e("3623").then(r.bind(r,283191)),"@site/versioned_docs/version-1.6.x/operations/vault/istiod-ca.mdx",283191],b440de91:[()=&gt;r.e("68430").then(r.t.bind(r,729805,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-tags-featured-465.json",729805],b448404c:[()=&gt;r.e("2289").then(r.bind(r,539350)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",539350],b453faaa:[()=&gt;r.e("51252").then(r.bind(r,367522)),"@site/versioned_docs/version-1.7.x/refs/tsb/observability/telemetry/v2/source.mdx",367522],b455a76d:[()=&gt;r.e("47905").then(r.bind(r,919555)),"@site/versioned_docs/version-1.9.x/refs/tsb/q/v2/permissions_service.mdx",919555],b4640281:[()=&gt;r.e("16836").then(r.bind(r,446033)),"@site/versioned_docs/version-1.7.x/refs/tsb/security/v2/waf_settings.mdx",446033],b468ce89:[()=&gt;r.e("58991").then(r.bind(r,32706)),"@site/versioned_docs/version-1.8.x/release-notes-announcements/support-policy.mdx",32706],b47536fb:[()=&gt;r.e("59495").then(r.bind(r,869335)),"@site/versioned_docs/version-1.8.x/setup/components.mdx",869335],b48c4f09:[()=&gt;r.e("99265").then(r.bind(r,142751)),"@site/versioned_docs/version-next/refs/tsb/observability/telemetry/v2/metric_service.mdx",142751],b4ab1cfe:[()=&gt;r.e("50101").then(r.bind(r,386426)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",386426],b4b5e4ee:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("89105")]).then(r.bind(r,576956)),"@site/versioned_docs/version-1.11.x/quickstart/traffic-shifting.mdx",576956],b4c06aa7:[()=&gt;r.e("13195").then(r.t.bind(r,80997,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-samples-96d.json",80997],b4e1a9e6:[()=&gt;r.e("43724").then(r.t.bind(r,238177,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-q-v-2-grpc-312.json",238177],b4fbbfcb:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("18025")]).then(r.bind(r,226389)),"@site/versioned_docs/version-next/howto/rate-limiting/external-rate-limiting.mdx",226389],b4febb53:[()=&gt;r.e("17300").then(r.t.bind(r,986304,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-postgresql-aa1.json",986304],b54b6318:[()=&gt;r.e("31478").then(r.bind(r,135322)),"@site/versioned_docs/version-1.7.x/operations/users/roles-and-permissions.mdx",135322],b556abfb:[()=&gt;r.e("43478").then(r.bind(r,507627)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/binding.mdx",507627],b562c079:[()=&gt;r.e("37172").then(r.bind(r,290627)),"@site/versioned_docs/version-1.9.x/howto/gateway/egress-gateways.mdx",290627],b571b928:[()=&gt;r.e("29703").then(r.bind(r,346510)),"@site/versioned_docs/version-1.6.x/refs/iam/v2/oauth_service.mdx",346510],b5724f38:[()=&gt;Promise.all([r.e("86212"),r.e("60594")]).then(r.bind(r,513369)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/on-premise/toc.mdx",513369],b58e9237:[()=&gt;r.e("81660").then(r.t.bind(r,302598,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-workload-onboarding-onboarding-authorization-57f.json",302598],b59cc367:[()=&gt;r.e("47006").then(r.bind(r,944086)),"@site/versioned_docs/version-1.12.x/refs/private/iam/v1/iam.mdx",944086],b5af043c:[()=&gt;r.e("38936").then(r.bind(r,31655)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/kubectl.mdx",31655],b5be760a:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("26530")]).then(r.bind(r,773e3)),"@site/versioned_docs/version-next/design-guides/index.mdx",773e3],b5c44547:[()=&gt;r.e("53656").then(r.bind(r,574158)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",574158],b5c655b6:[()=&gt;r.e("15202").then(r.t.bind(r,588957,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-types-v-2-yaml-74f.json",588957],b5cbd8f9:[()=&gt;r.e("898").then(r.bind(r,851517)),"@site/versioned_docs/version-next/workingwithsupport/workingWithTetrateSupport.mdx",851517],b5e0535a:[()=&gt;r.e("41934").then(r.bind(r,454449)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",454449],b5e20f4e:[()=&gt;r.e("53384").then(r.bind(r,909005)),"@site/versioned_docs/version-1.7.x/refs/iam/v2/oauth_service.mdx",909005],b60e3e31:[()=&gt;r.e("71382").then(r.bind(r,355302)),"@site/versioned_docs/version-1.9.x/operations/graceful-connection-drain.mdx",355302],b62353c4:[()=&gt;r.e("9414").then(r.t.bind(r,252355,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_6_x/redocApiSpecV1.2-1_6_x.json",252355],b6335ffa:[()=&gt;r.e("57138").then(r.bind(r,689340)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/tier1-gateway.mdx",689340],b63cd214:[()=&gt;r.e("72913").then(r.bind(r,686950)),"@site/versioned_docs/version-next/refs/tsb/v2/api.mdx",686950],b647ace3:[()=&gt;r.e("23770").then(r.t.bind(r,58041,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-grpc-api-e67.json",58041],b6560d4a:[()=&gt;r.e("94742").then(r.bind(r,520056)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",520056],b65e532d:[()=&gt;r.e("54129").then(r.bind(r,872722)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/promote-service.mdx",872722],b6858591:[()=&gt;r.e("75159").then(r.bind(r,765082)),"@site/versioned_docs/version-next/refs/tsb/auth/v2/auth.mdx",765082],b68768a8:[()=&gt;Promise.all([r.e("86212"),r.e("48084")]).then(r.bind(r,646270)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/active-standby/manual-backup-restore.mdx",646270],b6ae3bee:[()=&gt;Promise.all([r.e("86212"),r.e("45900")]).then(r.bind(r,102404)),"@site/versioned_docs/version-1.9.x/setup/requirements-and-download.mdx",102404],b6b038ea:[()=&gt;r.e("76147").then(r.t.bind(r,978819,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-istiointernal-v-2-grpc-7a2.json",978819],b6b47e11:[()=&gt;Promise.all([r.e("86212"),r.e("20646")]).then(r.bind(r,64178)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/toc.mdx",64178],b6b58e4d:[()=&gt;Promise.all([r.e("86212"),r.e("15768")]).then(r.bind(r,861989)),"@site/versioned_docs/version-1.8.x/quickstart/apps.mdx",861989],b6c6611d:[()=&gt;r.e("23810").then(r.bind(r,210649)),"@site/versioned_docs/version-1.8.x/howto/gateway/app-ingress.mdx",210649],b6cf020a:[()=&gt;r.e("58124").then(r.bind(r,268828)),"@site/versioned_docs/version-1.12.x/operations/vault/elasticsearch.mdx",268828],b6dd7c95:[()=&gt;r.e("83498").then(r.bind(r,107028)),"@site/versioned_docs/version-1.8.x/troubleshooting/gateway-troubleshooting.mdx",107028],b6deb551:[()=&gt;r.e("9355").then(r.t.bind(r,312306,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-elasticsearch-464.json",312306],b6ee9e45:[()=&gt;r.e("56514").then(r.bind(r,278717)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",278717],b6f3e65a:[()=&gt;r.e("88191").then(r.bind(r,412286)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",412286],b6f4fb04:[()=&gt;r.e("7312").then(r.bind(r,704059)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",704059],b7002e5a:[()=&gt;r.e("64669").then(r.bind(r,351443)),"@site/versioned_docs/version-next/reference/cli/reference/apply.md",351443],b722f42c:[()=&gt;r.e("23612").then(r.bind(r,989794)),"@site/versioned_docs/version-1.6.x/troubleshooting/tsb-ui-metrics.mdx",989794],b72431af:[()=&gt;r.e("4527").then(r.t.bind(r,991958,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-workload-onboarding-quickstart-c17.json",991958],b72b5b4c:[()=&gt;r.e("34552").then(r.bind(r,515648)),"@site/versioned_docs/version-next/refs/tsb/profile/v2/profile_service.mdx",515648],b72d7afa:[()=&gt;r.e("53692").then(r.bind(r,688870)),"@site/versioned_docs/version-1.10.x/refs/tsb/registry/v2/lookup_service.mdx",688870],b74b3012:[()=&gt;r.e("60355").then(r.bind(r,32266)),"@site/versioned_docs/version-1.10.x/concepts/operators/control-plane.mdx",32266],b7a2fba8:[()=&gt;r.e("78615").then(r.t.bind(r,183493,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-registry-v-2-grpc-ab0.json",183493],b7cd80f5:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("26009")]).then(r.bind(r,217809)),"@site/versioned_docs/version-next/howto/authorization/sidecar.mdx",217809],b7d62ceb:[()=&gt;Promise.all([r.e("86212"),r.e("34744")]).then(r.bind(r,506218)),"@site/versioned_docs/version-next/setup/firewall-information.mdx",506218],b808ec84:[()=&gt;r.e("78225").then(r.bind(r,304664)),"@site/versioned_docs/version-1.8.x/operations/features/internal-wasm-extensions.mdx",304664],b815ad92:[()=&gt;r.e("44144").then(r.bind(r,104526)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",104526],b82e3d49:[()=&gt;r.e("92865").then(r.bind(r,216032)),"@site/versioned_docs/version-1.10.x/setup/aws/vpc.mdx",216032],b8365aa7:[()=&gt;r.e("96222").then(r.t.bind(r,499386,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-workload-onboarding-de1.json",499386],b8377558:[()=&gt;r.e("91844").then(r.bind(r,980201)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/demo-2.mdx",980201],b83d21ce:[()=&gt;Promise.all([r.e("86212"),r.e("63680")]).then(r.bind(r,628165)),"@site/versioned_docs/version-1.12.x/setup/self-managed/management-plane-installation.mdx",628165],b86cdb0e:[()=&gt;r.e("80495").then(r.t.bind(r,178522,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-howto-wasm-749.json",178522],b88b1993:[()=&gt;r.e("93050").then(r.bind(r,395398)),"@site/versioned_docs/version-1.8.x/setup/isolation-boundaries.mdx",395398],b8a5f99c:[()=&gt;r.e("89412").then(r.bind(r,572897)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/waf_settings.mdx",572897],b8ae0d8a:[()=&gt;r.e("25800").then(r.t.bind(r,153422,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-extension-v-2-grpc-a6b.json",153422],b8c0b34e:[()=&gt;r.e("65586").then(r.bind(r,215799)),"@site/versioned_docs/version-next/setup/certificate/certificate-requirements.mdx",215799],b8c640e8:[()=&gt;r.e("77431").then(r.t.bind(r,144594,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-operators-762.json",144594],b8e1b90a:[()=&gt;r.e("86744").then(r.bind(r,181640)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/operations.mdx",181640],b92192c5:[()=&gt;r.e("61527").then(r.bind(r,149538)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/workload-entry-annotations.md",149538],b924e791:[()=&gt;r.e("52244").then(r.bind(r,134750)),"@site/versioned_docs/version-1.6.x/refs/tsb/extension/v2/wasm_service.mdx",134750],b92c301a:[()=&gt;r.e("87855").then(r.bind(r,309093)),"@site/versioned_docs/version-1.8.x/refs/tsb/observability/telemetry/v2/source_service.mdx",309093],b9445d16:[()=&gt;r.e("59948").then(r.bind(r,368572)),"@site/versioned_docs/version-1.7.x/howto/traffic/migrating-VM-monoliths.mdx",368572],b96ff29e:[()=&gt;r.e("95604").then(r.bind(r,206969)),"@site/versioned_docs/version-1.11.x/operations/features/edge-dns-resolution.mdx",206969],b974bc14:[()=&gt;r.e("10500").then(r.bind(r,204530)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/scenarios.mdx",204530],b996df9a:[()=&gt;r.e("31268").then(r.t.bind(r,258935,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-application-v-2-yaml-17f.json",258935],b9deea99:[()=&gt;r.e("13338").then(r.bind(r,236638)),"@site/versioned_docs/version-next/setup/certificate/certificate-setup.mdx",236638],b9e9b60e:[()=&gt;r.e("10143").then(r.t.bind(r,112642,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-troubleshooting-989.json",112642],ba550525:[()=&gt;r.e("77934").then(r.bind(r,670880)),"@site/versioned_docs/version-1.8.x/setup/tctl-connect.mdx",670880],ba5aa166:[()=&gt;r.e("27066").then(r.bind(r,606668)),"@site/versioned_docs/version-1.6.x/howto/traffic/external-site-https.mdx",606668],ba5fa47f:[()=&gt;r.e("65883").then(r.bind(r,286773)),"@site/versioned_docs/version-1.12.x/howto/authorization/tier1-gateway.mdx",286773],ba770b51:[()=&gt;r.e("92631").then(r.t.bind(r,985911,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-security-v-2-yaml-dd6.json",985911],ba7b5d35:[()=&gt;r.e("9724").then(r.bind(r,361857)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",361857],ba7e6c03:[()=&gt;r.e("60909").then(r.bind(r,235693)),"@site/versioned_docs/version-1.10.x/refs/tsb/q/v2/permissions_service.mdx",235693],ba7ee1f8:[()=&gt;r.e("45758").then(r.bind(r,724993)),"@site/versioned_docs/version-1.11.x/howto/gitops/clusterrole.mdx",724993],ba8a3640:[()=&gt;Promise.all([r.e("86212"),r.e("99071")]).then(r.bind(r,395789)),"@site/versioned_docs/version-1.10.x/setup/upgrades/revisioned-to-revisioned.mdx",395789],bab95740:[()=&gt;r.e("62001").then(r.bind(r,84133)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/delete.md",84133],baf0d165:[()=&gt;r.e("46674").then(r.bind(r,517623)),"@site/versioned_docs/version-1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",517623],bb143690:[()=&gt;r.e("68107").then(r.t.bind(r,988897,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-quickstart-8ec.json",988897],bb1c29d7:[()=&gt;r.e("41258").then(r.t.bind(r,333296,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-workload-onboarding-d86.json",333296],bb227b79:[()=&gt;Promise.all([r.e("86212"),r.e("33903")]).then(r.bind(r,755230)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",755230],bb25e637:[()=&gt;r.e("35276").then(r.bind(r,515193)),"@site/versioned_docs/version-1.9.x/operations/postgresql/managing-kubegres.mdx",515193],bb35d139:[()=&gt;r.e("43821").then(r.t.bind(r,871793,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-observability-telemetry-v-2-grpc-d7f.json",871793],bb4e718e:[()=&gt;r.e("44170").then(r.bind(r,280855)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-concepts.mdx",280855],bb5ca059:[()=&gt;r.e("32152").then(r.bind(r,86464)),"@site/versioned_docs/version-1.8.x/design-guides/ha-dr-mp/introduction.mdx",86464],bb88ac63:[()=&gt;r.e("76159").then(r.bind(r,713288)),"@site/versioned_docs/version-1.7.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",713288],bb891f10:[()=&gt;r.e("27306").then(r.t.bind(r,444739,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-tags-tsb-concepts-b35.json",444739],bb938165:[()=&gt;Promise.all([r.e("86212"),r.e("3516")]).then(r.bind(r,92726)),"@site/versioned_docs/version-1.7.x/quickstart/apps.mdx",92726],bbc72aec:[()=&gt;r.e("83817").then(r.t.bind(r,752978,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-extension-v-2-grpc-5ae.json",752978],bbd85fcb:[()=&gt;r.e("49506").then(r.t.bind(r,144186,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-postgresql-616.json",144186],bbe98802:[()=&gt;r.e("82409").then(r.bind(r,224138)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",224138],bc260256:[()=&gt;r.e("58323").then(r.bind(r,89532)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",89532],bc317bf7:[()=&gt;Promise.all([r.e("86212"),r.e("68872")]).then(r.bind(r,169875)),"@site/versioned_docs/version-1.12.x/concepts/toc.mdx",169875],bc465ad6:[()=&gt;r.e("13325").then(r.bind(r,979892)),"@site/versioned_docs/version-next/cheatsheet/sheets/tsb-concepts.mdx",979892],bc51af11:[()=&gt;r.e("65093").then(r.bind(r,252956)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2.mdx",252956],bc9949ef:[()=&gt;r.e("2904").then(r.bind(r,566373)),"@site/versioned_docs/version-1.6.x/howto/wasm/wasm-extension.mdx",566373],bcbdcbc1:[()=&gt;r.e("86443").then(r.bind(r,966880)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",966880],bcbecac3:[()=&gt;r.e("70398").then(r.bind(r,42103)),"@site/versioned_docs/version-1.9.x/refs/audit/v1/audit.mdx",42103],bce361b6:[()=&gt;r.e("80808").then(r.bind(r,230976)),"@site/versioned_docs/version-1.11.x/troubleshooting/configuration-status.mdx",230976],bceff424:[()=&gt;r.e("79886").then(r.t.bind(r,327919,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-application-v-2-yaml-0b0.json",327919],bcf0ea1f:[()=&gt;r.e("62619").then(r.bind(r,246413)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/collect.md",246413],bd07ad7d:[()=&gt;r.e("14753").then(r.t.bind(r,762891,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-rbac-v-2-yaml-389.json",762891],bd1e1d17:[()=&gt;r.e("69714").then(r.bind(r,126228)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",126228],bd3cb94d:[()=&gt;r.e("1757").then(r.bind(r,757516)),"@site/versioned_docs/version-1.10.x/refs/tsb/extension/v2/wasm_service.mdx",757516],bd480091:[()=&gt;r.e("2752").then(r.bind(r,595666)),"@site/versioned_docs/version-1.7.x/operations/features/edge-dns-resolution.mdx",595666],bd5a1be3:[()=&gt;r.e("2202").then(r.bind(r,506347)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/delete.md",506347],bd5f2c8d:[()=&gt;r.e("20877").then(r.t.bind(r,829080,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-istiointernal-v-2-yaml-1b8.json",829080],bd6a22ad:[()=&gt;r.e("82506").then(r.bind(r,508173)),"@site/versioned_docs/version-1.11.x/operations/features/label-annotation.mdx",508173],bd6f7201:[()=&gt;r.e("77199").then(r.bind(r,864881)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/promote-service.mdx",864881],bd8bbd55:[()=&gt;r.e("63571").then(r.t.bind(r,25881,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-istiointernal-v-2-yaml-9a7.json",25881],bdb60fb3:[()=&gt;r.e("45487").then(r.bind(r,893641)),"@site/versioned_docs/version-1.11.x/troubleshooting/gateway-troubleshooting.mdx",893641],bdeadd3c:[()=&gt;r.e("29651").then(r.bind(r,112382)),"@site/versioned_docs/version-1.12.x/setup/upgrade-best-practices.md",112382],bdf50799:[()=&gt;r.e("33186").then(r.bind(r,39770)),"@site/versioned_docs/version-1.11.x/howto/traffic/migrating-VM-monoliths.mdx",39770],be1d81bd:[()=&gt;r.e("80140").then(r.bind(r,577513)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/kubectl.mdx",577513],be1d9f06:[()=&gt;Promise.all([r.e("86212"),r.e("58780")]).then(r.bind(r,365374)),"@site/versioned_docs/version-1.10.x/design-guides/ha-dr-mp/ha-managementplane.mdx",365374],be2e6895:[()=&gt;r.e("46796").then(r.bind(r,720710)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/binding.mdx",720710],be3ac5c2:[()=&gt;r.e("36939").then(r.bind(r,683260)),"@site/versioned_docs/version-1.11.x/operations/vault/postgresql.mdx",683260],be5b53f2:[()=&gt;Promise.all([r.e("86212"),r.e("54042")]).then(r.bind(r,506843)),"@site/versioned_docs/version-1.9.x/concepts/toc.mdx",506843],be7046e0:[()=&gt;r.e("26065").then(r.bind(r,197069)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/whoami.md",197069],be8a72d5:[()=&gt;r.e("41615").then(r.t.bind(r,216391,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-vault-02a.json",216391],be8bf647:[()=&gt;Promise.all([r.e("86212"),r.e("72539")]).then(r.bind(r,287555)),"@site/versioned_docs/version-next/setup/self-managed/onboarding-clusters.mdx",287555],bebc14ff:[()=&gt;r.e("80994").then(r.t.bind(r,791100,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-eb8.json",791100],bed13171:[()=&gt;r.e("61726").then(r.bind(r,897558)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/permissions.mdx",897558],bef067a9:[()=&gt;r.e("74319").then(r.bind(r,833234)),"@site/versioned_docs/version-1.6.x/refs/install/common/common_config.mdx",833234],befabdb1:[()=&gt;r.e("57869").then(r.bind(r,907065)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/status_service.mdx",907065],befbb03d:[()=&gt;r.e("19041").then(r.bind(r,80795)),"@site/versioned_docs/version-1.11.x/operations/multiple-iam-keys.mdx",80795],befc3617:[()=&gt;r.e("66807").then(r.bind(r,457634)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/service-account.md",457634],befddaaa:[()=&gt;r.e("33619").then(r.bind(r,323302)),"@site/versioned_docs/version-1.11.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",323302],bf001d4f:[()=&gt;Promise.all([r.e("86212"),r.e("94814")]).then(r.bind(r,480900)),"@site/versioned_docs/version-1.12.x/operations/telemetry/telemetry-architecture.mdx",480900],bf028813:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("66725")]).then(r.bind(r,906875)),"@site/versioned_docs/version-1.8.x/quickstart/ingress-gateway.mdx",906875],bf0d08ab:[()=&gt;r.e("20843").then(r.bind(r,903024)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",903024],bf15fff8:[()=&gt;r.e("98847").then(r.bind(r,84936)),"@site/versioned_docs/version-1.9.x/howto/traffic/external-site-https.mdx",84936],bf22e763:[()=&gt;r.e("83269").then(r.bind(r,961755)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/login.md",961755],bf59a1a5:[()=&gt;r.e("61950").then(r.bind(r,567682)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/security_group.mdx",567682],bf660602:[()=&gt;r.e("12831").then(r.t.bind(r,428942,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-v-2-grpc-512.json",428942],bfbcf654:[()=&gt;r.e("3834").then(r.bind(r,889632)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",889632],bfc5f054:[()=&gt;r.e("93032").then(r.bind(r,319297)),"@site/versioned_docs/version-1.10.x/refs/tsb/registry/v2/service.mdx",319297],bfcd28fd:[()=&gt;r.e("58251").then(r.bind(r,399092)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/guide.mdx",399092],bfe6e1c0:[()=&gt;r.e("41742").then(r.t.bind(r,626390,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-tags-09a.json",626390],bfe798ca:[()=&gt;r.e("76883").then(r.t.bind(r,127627,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-howto-wasm-80b.json",127627],c0157dd3:[()=&gt;r.e("10515").then(r.bind(r,661297)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/organization_setting.mdx",661297],c0232a03:[()=&gt;r.e("37233").then(r.bind(r,629131)),"@site/versioned_docs/version-1.10.x/howto/gateway/app-ingress.mdx",629131],c023c5e8:[()=&gt;r.e("62547").then(r.t.bind(r,667856,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-howto-traffic-fda.json",667856],c05f05a8:[()=&gt;r.e("11675").then(r.t.bind(r,28386,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-segmentation-v-1-yaml-079.json",28386],c0701876:[()=&gt;r.e("88136").then(r.bind(r,909787)),"@site/versioned_docs/version-next/setup/self-managed/upgrade.mdx",909787],c0797ab1:[()=&gt;r.e("83115").then(r.bind(r,11092)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",11092],c07b9904:[()=&gt;r.e("4516").then(r.bind(r,534218)),"@site/versioned_docs/version-1.6.x/refs/tsb/observability/telemetry/v2/source.mdx",534218],c08d45d6:[()=&gt;r.e("14809").then(r.bind(r,787606)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",787606],c0937b31:[()=&gt;r.e("51487").then(r.bind(r,417898)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",417898],c09e6b51:[()=&gt;r.e("59055").then(r.bind(r,996969)),"@site/versioned_docs/version-1.12.x/concepts/configuration-inheritance.mdx",996969],c0a41e7e:[()=&gt;r.e("60273").then(r.bind(r,308738)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/binding.mdx",308738],c0cda790:[()=&gt;r.e("57687").then(r.bind(r,72459)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/version.md",72459],c0d26a61:[()=&gt;r.e("62999").then(r.bind(r,231445)),"@site/versioned_docs/version-1.12.x/quickstart/introduction.mdx",231445],c0feea16:[()=&gt;r.e("6528").then(r.bind(r,833344)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/cluster.mdx",833344],c123df4f:[()=&gt;r.e("17714").then(r.bind(r,148708)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/completion.md",148708],c1283019:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("18277")]).then(r.bind(r,343485)),"@site/versioned_docs/version-1.10.x/howto/traffic/load-balance.mdx",343485],c13756e9:[()=&gt;r.e("95416").then(r.bind(r,557512)),"@site/versioned_docs/version-1.10.x/refs/audit/v1/audit.mdx",557512],c142dca3:[()=&gt;r.e("32528").then(r.bind(r,672649)),"@site/versioned_docs/version-1.10.x/troubleshooting/gateway-troubleshooting.mdx",672649],c14ee80a:[()=&gt;r.e("87096").then(r.bind(r,366721)),"@site/versioned_docs/version-1.9.x/operations/postgresql/auditlog-retention.mdx",366721],c16759db:[()=&gt;r.e("88795").then(r.t.bind(r,49612,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-tags-tsb-quickstart-953.json",49612],c1a043d2:[()=&gt;r.e("25844").then(r.bind(r,254214)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",254214],c1d0bc1f:[()=&gt;Promise.all([r.e("86212"),r.e("14691")]).then(r.bind(r,648765)),"@site/versioned_docs/version-next/design-guides/app-onboarding/gateway-security.mdx",648765],c1dd51d0:[()=&gt;Promise.all([r.e("86212"),r.e("9468")]).then(r.bind(r,240931)),"@site/versioned_docs/version-1.7.x/design-guides/ha-dr-mp/ha-managementplane.mdx",240931],c1ed5ed1:[()=&gt;r.e("78391").then(r.t.bind(r,849535,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-audit-v-1-grpc-d7a.json",849535],c1fc2c8d:[()=&gt;Promise.all([r.e("86212"),r.e("38685")]).then(r.bind(r,429271)),"@site/versioned_docs/version-1.8.x/release-notes-announcements/toc.mdx",429271],c1fdfea2:[()=&gt;r.e("43773").then(r.bind(r,146413)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",146413],c21ffc05:[()=&gt;r.e("21758").then(r.bind(r,126396)),"@site/versioned_docs/version-1.9.x/refs/tsb/registry/v2/service.mdx",126396],c22fd776:[()=&gt;r.e("14769").then(r.bind(r,599976)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",599976],c242664e:[()=&gt;r.e("1175").then(r.bind(r,489660)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",489660],c246adb3:[()=&gt;r.e("53283").then(r.bind(r,321059)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/edit.md",321059],c262cdfe:[()=&gt;r.e("23215").then(r.bind(r,929338)),"@site/versioned_docs/version-1.9.x/howto/network-policies.mdx",929338],c276b345:[()=&gt;r.e("51937").then(r.t.bind(r,712759,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-howto-305.json",712759],c2779a84:[()=&gt;r.e("83649").then(r.bind(r,439937)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/api.mdx",439937],c2a686fb:[()=&gt;r.e("53666").then(r.bind(r,324891)),"@site/versioned_docs/version-1.8.x/operations/postgresql/backup-and-restore.mdx",324891],c2aea5fa:[()=&gt;r.e("55920").then(r.bind(r,400057)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/security_group.mdx",400057],c2bf892c:[()=&gt;r.e("69991").then(r.bind(r,854207)),"@site/versioned_docs/version-1.6.x/wokingwithsupport/workingWithTetrateSupport.mdx",854207],c2d642ed:[()=&gt;r.e("38389").then(r.t.bind(r,233488,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-iam-v-2-grpc-14b.json",233488],c2dace94:[()=&gt;r.e("59763").then(r.t.bind(r,395906,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-setup-aws-772.json",395906],c2ef5831:[()=&gt;r.e("98479").then(r.bind(r,359399)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",359399],c2f41a6d:[()=&gt;r.e("51796").then(r.bind(r,366086)),"@site/versioned_docs/version-next/release-notes-announcements/feature-status.mdx",366086],c30f3d2a:[()=&gt;r.e("25306").then(r.bind(r,809598)),"@site/versioned_docs/version-1.10.x/concepts/security.mdx",809598],c3107b9c:[()=&gt;r.e("67637").then(r.t.bind(r,113959,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-samples-09b.json",113959],c31ddccb:[()=&gt;r.e("11545").then(r.t.bind(r,641671,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-category-working-with-tetrate-customer-support-857.json",641671],c340f527:[()=&gt;r.e("51121").then(r.bind(r,840314)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt.mdx",840314],c3419cb2:[()=&gt;r.e("1934").then(r.t.bind(r,276185,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-cli-guide-toc-9ae.json",276185],c3473eb6:[()=&gt;r.e("3934").then(r.t.bind(r,902465,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-workload-onboarding-onboarding-runtime-cf8.json",902465],c359859f:[()=&gt;r.e("45608").then(r.bind(r,579519)),"@site/versioned_docs/version-1.10.x/setup/self-managed/upgrade.mdx",579519],c3725d23:[()=&gt;r.e("78883").then(r.bind(r,730689)),"@site/versioned_docs/version-1.9.x/refs/tsb/types/v2/types.mdx",730689],c381f102:[()=&gt;r.e("22666").then(r.bind(r,929581)),"@site/versioned_docs/version-1.12.x/refs/tsb/extension/v2/wasm_service.mdx",929581],c392e4c1:[()=&gt;r.e("65667").then(r.bind(r,416262)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/application_access_bindings.mdx",416262],c3c00ec8:[()=&gt;r.e("44778").then(r.bind(r,488769)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin.mdx",488769],c3d14435:[()=&gt;r.e("74625").then(r.t.bind(r,627138,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-observability-telemetry-v-2-yaml-ec6.json",627138],c3d54a28:[()=&gt;r.e("42238").then(r.bind(r,862762)),"@site/versioned_docs/version-1.12.x/operations/postgresql/auditlog-retention.mdx",862762],c3d6f7e3:[()=&gt;r.e("92369").then(r.bind(r,683603)),"@site/versioned_docs/version-1.12.x/refs/tsb/q/v2/permissions_service.mdx",683603],c3de49f1:[()=&gt;r.e("65047").then(r.bind(r,883817)),"@site/versioned_docs/version-next/refs/tsb/v2/workspace_setting.mdx",883817],c3ee4df9:[()=&gt;r.e("88103").then(r.bind(r,515777)),"@site/versioned_docs/version-1.6.x/howto/gitops/gitops.mdx",515777],c3eee4ec:[()=&gt;r.e("30102").then(r.bind(r,222194)),"@site/versioned_docs/version-1.7.x/operations/features/configure-cluster-external-addresses.mdx",222194],c4137959:[()=&gt;r.e("61084").then(r.bind(r,83976)),"@site/versioned_docs/version-1.7.x/setup/certificate/automated-certificate-management.mdx",83976],c4223218:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("49901")]).then(r.bind(r,692916)),"@site/versioned_docs/version-1.6.x/howto/gateway/application-gateway-with-openapi-annotations.mdx",692916],c423c312:[()=&gt;r.e("64025").then(r.bind(r,340425)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",340425],c4514079:[()=&gt;r.e("22684").then(r.bind(r,753596)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig.md",753596],c451d609:[()=&gt;r.e("7046").then(r.t.bind(r,48867,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-features-b1a.json",48867],c47ac74c:[()=&gt;r.e("53866").then(r.t.bind(r,945366,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-v-2-grpc-100.json",945366],c4c714fb:[()=&gt;r.e("81841").then(r.bind(r,146640)),"@site/versioned_docs/version-1.12.x/setup/certificate/certificate-setup.mdx",146640],c4d821c7:[()=&gt;r.e("69091").then(r.bind(r,42914)),"@site/versioned_docs/version-1.12.x/refs/install/managementplane/v1alpha1/status.mdx",42914],c4da7417:[()=&gt;r.e("13212").then(r.bind(r,146586)),"@site/versioned_docs/version-1.10.x/refs/tsb/profile/v2/profile_service.mdx",146586],c4e401e2:[()=&gt;r.e("21772").then(r.bind(r,613185)),"@site/versioned_docs/version-1.12.x/refs/test/v1/echo.mdx",613185],c4e9bec4:[()=&gt;r.e("93739").then(r.bind(r,752337)),"@site/versioned_docs/version-1.12.x/howto/service-accounts.mdx",752337],c4f6b6ce:[()=&gt;r.e("82785").then(r.bind(r,368832)),"@site/versioned_docs/version-1.6.x/setup/remote-registry.mdx",368832],c4f9f45d:[()=&gt;r.e("98543").then(r.t.bind(r,635230,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-k-8-s-api-1cc.json",635230],c4fccddb:[()=&gt;Promise.all([r.e("86212"),r.e("28722")]).then(r.bind(r,727462)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/active-standby/automated-synchronization.mdx",727462],c4fd2ca4:[()=&gt;r.e("30181").then(r.bind(r,473623)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/api_access_bindings.mdx",473623],c503ca6a:[()=&gt;r.e("55535").then(r.t.bind(r,1822,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-category-working-with-tetrate-customer-support-5fc.json",1822],c5068571:[()=&gt;r.e("99978").then(r.bind(r,238045)),"@site/versioned_docs/version-1.6.x/operations/configure-log-levels.mdx",238045],c507847c:[()=&gt;r.e("12000").then(r.bind(r,691937)),"@site/versioned_docs/version-1.9.x/operations/users/user-synchronization.mdx",691937],c516c7a5:[()=&gt;r.e("85504").then(r.bind(r,437164)),"@site/versioned_docs/version-1.11.x/setup/self-managed/upgrade.mdx",437164],c5215ea4:[()=&gt;r.e("67381").then(r.bind(r,287536)),"@site/versioned_docs/version-1.10.x/refs/tsb/observability/telemetry/v2/metric_service.mdx",287536],c537eaef:[()=&gt;r.e("61030").then(r.bind(r,516415)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",516415],c53d7e8f:[()=&gt;r.e("95258").then(r.t.bind(r,617510,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-operators-b7a.json",617510],c550ea99:[()=&gt;r.e("82143").then(r.t.bind(r,823762,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_10_x/redocApiSpecV1.2-1_10_x.json",823762],c55190b5:[()=&gt;r.e("62614").then(r.t.bind(r,465872,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-operations-elasticsearch-001.json",465872],c5562c33:[()=&gt;r.e("87202").then(r.bind(r,122859)),"@site/versioned_docs/version-next/operations/telemetry/alerting-guidelines.mdx",122859],c55691f9:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("25582")]).then(r.bind(r,877102)),"@site/versioned_docs/version-1.10.x/howto/gateway/multi-cluster-traffic-shifting.mdx",877102],c55b4b72:[()=&gt;r.e("77837").then(r.bind(r,164936)),"@site/versioned_docs/version-1.8.x/operations/features/streaming-log.mdx",164936],c55fe77a:[()=&gt;r.e("99205").then(r.t.bind(r,109272,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-howto-wasm-a9d.json",109272],c566e8a7:[()=&gt;Promise.all([r.e("86212"),r.e("46972")]).then(r.bind(r,855393)),"@site/versioned_docs/version-next/design-guides/app-onboarding/introduction.mdx",855393],c575dc8b:[()=&gt;r.e("85861").then(r.bind(r,386448)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/troubleshooting.mdx",386448],c58f135d:[()=&gt;r.e("33213").then(r.t.bind(r,445117,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-167.json",445117],c5978fee:[()=&gt;r.e("11026").then(r.bind(r,706149)),"@site/versioned_docs/version-1.8.x/cheatsheet/sheets/tsb-terminology.mdx",706149],c597bd7a:[()=&gt;r.e("12947").then(r.bind(r,700336)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",700336],c5b497b2:[()=&gt;r.e("58352").then(r.t.bind(r,618117,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-profile-v-2-grpc-373.json",618117],c5c09e02:[()=&gt;r.e("2544").then(r.bind(r,758074)),"@site/versioned_docs/version-1.12.x/troubleshooting/proxy-tools.mdx",758074],c5c199c2:[()=&gt;r.e("14239").then(r.bind(r,897878)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",897878],c5fb9836:[()=&gt;r.e("84152").then(r.bind(r,701698)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/validate.md",701698],c6208f05:[()=&gt;r.e("83005").then(r.t.bind(r,437016,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-application-v-2-grpc-6b4.json",437016],c66cfa9a:[()=&gt;r.e("59043").then(r.bind(r,895447)),"@site/versioned_docs/version-1.7.x/refs/tsb/application/v2/application_service.mdx",895447],c69640c2:[()=&gt;r.e("61704").then(r.bind(r,683348)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",683348],c69ab64f:[()=&gt;r.e("64671").then(r.bind(r,217351)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/role_service.mdx",217351],c6b488e9:[()=&gt;r.e("25973").then(r.bind(r,277421)),"@site/versioned_docs/version-1.8.x/operations/users/oidc-azure.mdx",277421],c6d41e85:[()=&gt;r.e("75414").then(r.bind(r,334587)),"@site/versioned_docs/version-1.8.x/howto/authorization/tier1-gateway.mdx",334587],c6df81a0:[()=&gt;r.e("8645").then(r.bind(r,727555)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",727555],c6ec2fb6:[()=&gt;r.e("29974").then(r.t.bind(r,780447,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-extension-v-2-yaml-132.json",780447],c6f71d95:[()=&gt;r.e("12359").then(r.bind(r,399547)),"@site/versioned_docs/version-1.7.x/setup/helm/dataplane.mdx",399547],c6fa973b:[()=&gt;r.e("79854").then(r.bind(r,826958)),"@site/versioned_docs/version-1.8.x/setup/security-context.mdx",826958],c706d69a:[()=&gt;r.e("45337").then(r.bind(r,404055)),"@site/versioned_docs/version-1.8.x/operations/features/tls-origin-multi-cluster.mdx",404055],c70835e1:[()=&gt;r.e("30502").then(r.bind(r,866435)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/traffic-management.mdx",866435],c7221b2e:[()=&gt;Promise.all([r.e("86212"),r.e("20757")]).then(r.bind(r,437371)),"@site/versioned_docs/version-next/setup/upgrades/revisioned-to-revisioned.mdx",437371],c759b15a:[()=&gt;r.e("68640").then(r.bind(r,913263)),"@site/versioned_docs/version-1.12.x/howto/hpa-using-skywalking.mdx",913263],c760b61c:[()=&gt;r.e("79127").then(r.bind(r,650186)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/edit.md",650186],c7673cc4:[()=&gt;r.e("18473").then(r.bind(r,115819)),"@site/versioned_docs/version-1.10.x/troubleshooting/cluster-onboarding.mdx",115819],c78c70f3:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("39763")]).then(r.bind(r,481664)),"@site/versioned_docs/version-next/design-guides/ha-multicluster/index.mdx",481664],c78d0e8e:[()=&gt;r.e("90110").then(r.bind(r,736958)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/tenant_setting.mdx",736958],c7a48c6c:[()=&gt;r.e("71960").then(r.t.bind(r,914454,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-k-8-s-api-71c.json",914454],c7a66f29:[()=&gt;r.e("43069").then(r.bind(r,201243)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-terminology.mdx",201243],c7b6a669:[()=&gt;r.e("60054").then(r.bind(r,789258)),"@site/versioned_docs/version-1.6.x/troubleshooting/cluster-onboarding.mdx",789258],c7d717ad:[()=&gt;r.e("32562").then(r.t.bind(r,14514,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-istiointernal-v-2-grpc-448.json",14514],c7e5a193:[()=&gt;r.e("3333").then(r.t.bind(r,701930,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-istiointernal-v-2-yaml-f33.json",701930],c7efd4d8:[()=&gt;r.e("57320").then(r.t.bind(r,130794,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-istiointernal-v-2-yaml-8a6.json",130794],c7ff95f0:[()=&gt;r.e("20632").then(r.bind(r,560835)),"@site/versioned_docs/version-1.12.x/troubleshooting/cluster-onboarding.mdx",560835],c82134fd:[()=&gt;r.e("29685").then(r.bind(r,91408)),"@site/versioned_docs/version-1.7.x/concepts/security.mdx",91408],c8322ffa:[()=&gt;r.e("25766").then(r.bind(r,528834)),"@site/versioned_docs/version-next/reference/cli/reference/debug.md",528834],c83b357c:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("74291")]).then(r.bind(r,408967)),"@site/versioned_docs/version-1.12.x/howto/gateway/end-user-auth-keycloak.mdx",408967],c85d92aa:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("3921")]).then(r.bind(r,648546)),"@site/versioned_docs/version-next/design-guides/app-onboarding/index.mdx",648546],c8761800:[()=&gt;r.e("1646").then(r.bind(r,304593)),"@site/versioned_docs/version-1.9.x/howto/gitops/flux.mdx",304593],c8775dc7:[()=&gt;r.e("21874").then(r.bind(r,634734)),"@site/versioned_docs/version-1.11.x/refs/tsb/application/v2/openapi_extensions.mdx",634734],c891a3fa:[()=&gt;r.e("70267").then(r.bind(r,492343)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo.mdx",492343],c898faf7:[()=&gt;r.e("1100").then(r.bind(r,218367)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",218367],c89df767:[()=&gt;r.e("96020").then(r.bind(r,486438)),"@site/versioned_docs/version-1.9.x/troubleshooting/tsb-ui-metrics.mdx",486438],c89fc917:[()=&gt;r.e("73955").then(r.t.bind(r,905486,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-registry-v-2-yaml-e9d.json",905486],c8b7c3d4:[()=&gt;r.e("40790").then(r.bind(r,487170)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",487170],c8ceb034:[()=&gt;r.e("91530").then(r.t.bind(r,49999,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-setup-certificate-eb5.json",49999],c8dbf4c6:[()=&gt;r.e("83902").then(r.bind(r,222672)),"@site/versioned_docs/version-next/design-guides/app-onboarding/promote-service.mdx",222672],c8e80e73:[()=&gt;r.e("96219").then(r.bind(r,59494)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api.md",59494],c8f41744:[()=&gt;r.e("71501").then(r.bind(r,945858)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/config.md",945858],c8f4aa12:[()=&gt;r.e("8271").then(r.bind(r,360596)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/plane/generator/v1alpha1/version.mdx",360596],c90b1c61:[()=&gt;r.e("86106").then(r.bind(r,727999)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/traffic_service.mdx",727999],c9233195:[()=&gt;r.e("81631").then(r.bind(r,484514)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/application_access_bindings.mdx",484514],c940816d:[()=&gt;r.e("2882").then(r.bind(r,401955)),"@site/versioned_docs/version-1.7.x/operations/multiple-iam-keys.mdx",401955],c95b901a:[()=&gt;Promise.all([r.e("86212"),r.e("49732")]).then(r.bind(r,910295)),"@site/versioned_docs/version-1.8.x/operations/postgresql/azure-credentials.mdx",910295],c96d16d0:[()=&gt;r.e("75010").then(r.bind(r,500253)),"@site/versioned_docs/version-1.10.x/quickstart/introduction.mdx",500253],c9834781:[()=&gt;r.e("14770").then(r.bind(r,599463)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/tier1-gateway.mdx",599463],c9abc82f:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("80782")]).then(r.bind(r,241683)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/index.mdx",241683],c9db70ee:[()=&gt;r.e("3697").then(r.bind(r,24820)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/setup.mdx",24820],c9eb3cd5:[()=&gt;r.e("60701").then(r.bind(r,607206)),"@site/versioned_docs/version-1.9.x/refs/istio.io/api/operator/v1alpha1/operator.mdx",607206],c9ed2f69:[()=&gt;r.e("54811").then(r.bind(r,952888)),"@site/versioned_docs/version-1.12.x/refs/tsb/observability/telemetry/v2/source.mdx",952888],c9f80b62:[()=&gt;r.e("51146").then(r.bind(r,492275)),"@site/versioned_docs/version-1.7.x/operations/features/deletion-protection.mdx",492275],c9fd7d63:[()=&gt;r.e("95797").then(r.bind(r,908027)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/workspace_access_bindings.mdx",908027],ca2f4c7c:[()=&gt;r.e("83165").then(r.bind(r,692967)),"@site/versioned_docs/version-next/refs/tsb/segmentation/v1/rules.mdx",692967],ca307ef1:[()=&gt;Promise.all([r.e("86212"),r.e("82162")]).then(r.bind(r,620410)),"@site/versioned_docs/version-1.7.x/setup/self-managed/toc.mdx",620410],ca3722a6:[()=&gt;r.e("80537").then(r.bind(r,673002)),"@site/versioned_docs/version-1.11.x/refs/tsb/observability/telemetry/v2/source_service.mdx",673002],ca42eac5:[()=&gt;r.e("86211").then(r.bind(r,796131)),"@site/versioned_docs/version-next/operations/users/configuring-ldap.mdx",796131],ca60c0f9:[()=&gt;r.e("37695").then(r.bind(r,418071)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/install/v1alpha1/spec.mdx",418071],ca61bfb6:[()=&gt;r.e("74233").then(r.bind(r,667037)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",667037],ca7bf612:[()=&gt;r.e("71022").then(r.t.bind(r,63417,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-extension-v-2-yaml-4d6.json",63417],ca7f418b:[()=&gt;Promise.all([r.e("86212"),r.e("47351")]).then(r.bind(r,321951)),"@site/versioned_docs/version-1.10.x/howto/authorization/toc.mdx",321951],ca8a6edb:[()=&gt;r.e("76712").then(r.bind(r,979356)),"@site/versioned_docs/version-1.7.x/howto/gitops/flux.mdx",979356],ca8e32f6:[()=&gt;r.e("1492").then(r.t.bind(r,927260,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-workload-onboarding-onboarding-authorization-f3d.json",927260],ca958aa1:[()=&gt;r.e("55431").then(r.bind(r,175583)),"@site/versioned_docs/version-1.11.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",175583],caa03b01:[()=&gt;Promise.all([r.e("86212"),r.e("98431")]).then(r.bind(r,80174)),"@site/versioned_docs/version-1.12.x/operations/postgresql/azure-credentials.mdx",80174],caa94d78:[()=&gt;r.e("50507").then(r.bind(r,538989)),"@site/versioned_docs/version-1.7.x/operations/migrate-organization.mdx",538989],cabb44d5:[()=&gt;r.e("88949").then(r.bind(r,181541)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/ingress_gateway.mdx",181541],cabb4e62:[()=&gt;r.e("3227").then(r.bind(r,546919)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/workspace.mdx",546919],cacc2f6c:[()=&gt;r.e("52234").then(r.bind(r,286977)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/auth.mdx",286977],cadace7a:[()=&gt;r.e("57678").then(r.t.bind(r,71547,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-istiointernal-v-2-yaml-2c2.json",71547],cadb89bd:[()=&gt;r.e("41517").then(r.bind(r,906846)),"@site/versioned_docs/version-1.10.x/setup/components.mdx",906846],caf5570e:[()=&gt;r.e("10902").then(r.bind(r,971469)),"@site/versioned_docs/version-1.12.x/operations/features/istio-cni.mdx",971469],cb078388:[()=&gt;r.e("81466").then(r.bind(r,873434)),"@site/versioned_docs/version-1.11.x/howto/traffic/gateway-mtls.mdx",873434],cb0d5330:[()=&gt;r.e("90259").then(r.bind(r,178514)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/validate.md",178514],cb141059:[()=&gt;r.e("46212").then(r.bind(r,399319)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/traffic_access_bindings.mdx",399319],cb20463f:[()=&gt;r.e("78782").then(r.bind(r,190413)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/operations.mdx",190413],cb21b243:[()=&gt;r.e("88903").then(r.bind(r,326181)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/edge-failover.mdx",326181],cb25bc4b:[()=&gt;r.e("80459").then(r.bind(r,448220)),"@site/versioned_docs/version-1.7.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",448220],cb2a911c:[()=&gt;r.e("72834").then(r.bind(r,834131)),"@site/versioned_docs/version-1.6.x/setup/migrate-tctl-to-helm.mdx",834131],cb4cf4f1:[()=&gt;r.e("78209").then(r.bind(r,200889)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/role.mdx",200889],cb51218f:[()=&gt;r.e("56298").then(r.bind(r,472019)),"@site/versioned_docs/version-1.12.x/troubleshooting/configuration-status.mdx",472019],cb5744d7:[()=&gt;Promise.all([r.e("86212"),r.e("65152")]).then(r.bind(r,225352)),"@site/versioned_docs/version-1.8.x/setup/self-managed/management-plane-installation.mdx",225352],cb594c86:[()=&gt;Promise.all([r.e("86212"),r.e("52780")]).then(r.bind(r,310702)),"@site/versioned_docs/version-next/release-notes-announcements/announcement.mdx",310702],cb656370:[()=&gt;r.e("7151").then(r.bind(r,805620)),"@site/versioned_docs/version-1.7.x/howto/authorization/tls-verification.mdx",805620],cb66b069:[()=&gt;r.e("24811").then(r.bind(r,283046)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",283046],cb66c90f:[()=&gt;r.e("49912").then(r.bind(r,805423)),"@site/versioned_docs/version-1.8.x/operations/telemetry/new-relic.mdx",805423],cbaaca7d:[()=&gt;r.e("57592").then(r.bind(r,578170)),"@site/versioned_docs/version-1.9.x/setup/aws/container-marketplace.mdx",578170],cbb12b00:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("18559")]).then(r.bind(r,75782)),"@site/versioned_docs/version-1.8.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",75782],cbc4e2b9:[()=&gt;r.e("71250").then(r.bind(r,568518)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service.mdx",568518],cbcec790:[()=&gt;r.e("10822").then(r.bind(r,204395)),"@site/versioned_docs/version-1.6.x/refs/tsb/v2/organization_setting.mdx",204395],cbdc46a5:[()=&gt;r.e("10460").then(r.t.bind(r,446768,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-grpc-api-reference-eff.json",446768],cc173750:[()=&gt;r.e("85886").then(r.bind(r,793850)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",793850],cc2929f9:[()=&gt;r.e("55361").then(r.bind(r,207899)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/protocol/session/v1alpha1/session_service.mdx",207899],cc6cafc5:[()=&gt;r.e("10677").then(r.bind(r,383170)),"@site/versioned_docs/version-next/refs/tsb/istiointernal/v2/istiointernal_service.mdx",383170],cc7131e4:[()=&gt;r.e("56054").then(r.bind(r,108698)),"@site/versioned_docs/version-1.8.x/howto/wasm/wasm-extension.mdx",108698],cc98bc6d:[()=&gt;r.e("22813").then(r.bind(r,764883)),"@site/versioned_docs/version-1.8.x/refs/tsb/traffic/v2/service_route.mdx",764883],ccdbc072:[()=&gt;r.e("96929").then(r.t.bind(r,979888,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-howto-1a2.json",979888],cce60511:[()=&gt;r.e("30962").then(r.bind(r,134440)),"@site/versioned_docs/version-next/setup/fips.md",134440],cd197ccb:[()=&gt;r.e("858").then(r.t.bind(r,923201,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-registry-v-2-yaml-bec.json",923201],cd2cf4dc:[()=&gt;Promise.all([r.e("86212"),r.e("23783")]).then(r.bind(r,471050)),"@site/versioned_docs/version-next/concepts/operators/toc.mdx",471050],cd43c50d:[()=&gt;Promise.all([r.e("86212"),r.e("96538")]).then(r.bind(r,644594)),"@site/versioned_docs/version-next/concepts/toc.mdx",644594],cd47d10c:[()=&gt;r.e("35555").then(r.bind(r,294525)),"@site/versioned_docs/version-1.10.x/refs/install/managementplane/v1alpha1/spec.mdx",294525],cd646c70:[()=&gt;Promise.all([r.e("86212"),r.e("34721")]).then(r.bind(r,35845)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/deploy-service.mdx",35845],cd93c295:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("95430")]).then(r.bind(r,399331)),"@site/versioned_docs/version-1.10.x/design-guides/ha-dr-mp/index.mdx",399331],cd948510:[()=&gt;r.e("20377").then(r.bind(r,964848)),"@site/versioned_docs/version-1.7.x/refs/tsb/application/v2/openapi_extensions.mdx",964848],cda791b7:[()=&gt;r.e("81456").then(r.bind(r,551728)),"@site/versioned_docs/version-1.6.x/operations/telemetry/red-metrics.mdx",551728],cdabf853:[()=&gt;r.e("51059").then(r.bind(r,921290)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",921290],cdba762a:[()=&gt;r.e("53641").then(r.t.bind(r,10740,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-types-v-2-yaml-b8a.json",10740],cdbe3295:[()=&gt;Promise.all([r.e("86212"),r.e("60612")]).then(r.bind(r,99370)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ec2/toc.mdx",99370],cdc97d7b:[()=&gt;r.e("25376").then(r.bind(r,157238)),"@site/versioned_docs/version-1.9.x/release-notes-announcements/support-policy.mdx",157238],cdcc511a:[()=&gt;r.e("63461").then(r.t.bind(r,59319,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-traffic-v-2-yaml-c7a.json",59319],cdd7753e:[()=&gt;r.e("81935").then(r.t.bind(r,31219,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-operations-vault-249.json",31219],cdfd5be7:[()=&gt;r.e("62267").then(r.t.bind(r,236624,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-istiointernal-v-2-yaml-df7.json",236624],ce29f77e:[()=&gt;r.e("70554").then(r.bind(r,613026)),"@site/versioned_docs/version-1.10.x/operations/multiple-iam-keys.mdx",613026],ce2e70ae:[()=&gt;r.e("75530").then(r.t.bind(r,347087,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-rbac-v-2-grpc-5e7.json",347087],ce32b962:[()=&gt;r.e("53467").then(r.bind(r,643297)),"@site/versioned_docs/version-1.10.x/concepts/configuration-inheritance.mdx",643297],ce3998c4:[()=&gt;Promise.all([r.e("86212"),r.e("68914")]).then(r.bind(r,309846)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/high-availability.mdx",309846],ce3d80e9:[()=&gt;r.e("13843").then(r.bind(r,370151)),"@site/versioned_docs/version-1.9.x/operations/telemetry/distributed-tracing.md",370151],ce544900:[()=&gt;r.e("720").then(r.bind(r,882419)),"@site/versioned_docs/version-1.11.x/refs/tsb/application/v2/application_service.mdx",882419],ce599a01:[()=&gt;r.e("4294").then(r.bind(r,649713)),"@site/versioned_docs/version-1.8.x/quickstart/introduction.mdx",649713],ce766d6e:[()=&gt;r.e("80650").then(r.t.bind(r,172380,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-gateway-v-2-yaml-a51.json",172380],ce79d6b8:[()=&gt;r.e("8354").then(r.bind(r,283715)),"@site/versioned_docs/version-next/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt.mdx",283715],ceacd334:[()=&gt;r.e("69110").then(r.bind(r,416346)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/role.mdx",416346],cece06b2:[()=&gt;r.e("42221").then(r.bind(r,198589)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/kubectl.mdx",198589],ceecbc25:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("77603")]).then(r.bind(r,822947)),"@site/versioned_docs/version-next/howto/gateway/distributed-ingress.mdx",822947],cf01a667:[()=&gt;r.e("95827").then(r.bind(r,518682)),"@site/versioned_docs/version-next/refs/tsb/gateway/v2/gateway_service.mdx",518682],cf09c6df:[()=&gt;r.e("68431").then(r.bind(r,979466)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/tier1-gateway.mdx",979466],cf0d8c43:[()=&gt;r.e("61381").then(r.bind(r,31518)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/role_service.mdx",31518],cf284558:[()=&gt;r.e("92609").then(r.bind(r,506620)),"@site/versioned_docs/version-1.8.x/refs/tsb/security/v2/security_group.mdx",506620],cf5dca9f:[()=&gt;r.e("77308").then(r.bind(r,460853)),"@site/versioned_docs/version-1.7.x/refs/tsb/registry/v2/lookup_service.mdx",460853],cf5ef03e:[()=&gt;r.e("72149").then(r.bind(r,426967)),"@site/versioned_docs/version-next/setup/self-managed/uninstallation.mdx",426967],cf62017f:[()=&gt;Promise.all([r.e("86212"),r.e("54349")]).then(r.bind(r,588196)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/security.mdx",588196],cf7320bb:[()=&gt;r.e("17410").then(r.bind(r,785985)),"@site/versioned_docs/version-1.9.x/reference/rest-api/guide.mdx",785985],cf736723:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("51750")]).then(r.bind(r,748881)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/onboarding-vms.mdx",748881],cf74a804:[()=&gt;r.e("52513").then(r.bind(r,180704)),"@site/versioned_docs/version-1.9.x/refs/tsb/application/v2/application_service.mdx",180704],cf8ac450:[()=&gt;r.e("40890").then(r.bind(r,69971)),"@site/versioned_docs/version-1.7.x/refs/install/controlplane/v1alpha1/spec.mdx",69971],cf9c681c:[()=&gt;r.e("45122").then(r.t.bind(r,265704,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-samples-52d.json",265704],cfb08025:[()=&gt;r.e("50952").then(r.bind(r,89181)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/collect.md",89181],cfb9648f:[()=&gt;r.e("35653").then(r.bind(r,102194)),"@site/versioned_docs/version-1.11.x/setup/isolation-boundaries.mdx",102194],cfba3d73:[()=&gt;r.e("85799").then(r.t.bind(r,272843,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-reference-workload-onboarding-onboarding-agent-f0c.json",272843],cfcfb42f:[()=&gt;r.e("86761").then(r.t.bind(r,996124,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-yaml-api-380.json",996124],cfdfa154:[()=&gt;r.e("20503").then(r.bind(r,740520)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",740520],cfdfb912:[()=&gt;r.e("67379").then(r.bind(r,422504)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/service_security_setting.mdx",422504],cfdff84d:[()=&gt;r.e("94434").then(r.bind(r,922797)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/info.mdx",922797],cffae4be:[()=&gt;r.e("39100").then(r.bind(r,592337)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/config.md",592337],cffc6024:[()=&gt;r.e("69030").then(r.bind(r,795977)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/policy_service.mdx",795977],d00ed9b6:[()=&gt;r.e("47114").then(r.bind(r,256626)),"@site/versioned_docs/version-1.6.x/cheatsheet/sheets/traffic-management.mdx",256626],d019a50e:[()=&gt;r.e("30938").then(r.t.bind(r,698710,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-reference-grpc-api-299.json",698710],d02588e9:[()=&gt;r.e("91578").then(r.bind(r,267435)),"@site/versioned_docs/version-1.8.x/refs/tsb/q/v2/permissions_service.mdx",267435],d029f560:[()=&gt;r.e("3876").then(r.t.bind(r,733534,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-operations-telemetry-d4e.json",733534],d02b7a1c:[()=&gt;r.e("40258").then(r.t.bind(r,119123,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-howto-traffic-b8c.json",119123],d034c633:[()=&gt;r.e("26712").then(r.bind(r,978473)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",978473],d035237e:[()=&gt;r.e("58940").then(r.bind(r,900751)),"@site/versioned_docs/version-1.10.x/troubleshooting/tsb-ui-metrics.mdx",900751],d0539583:[()=&gt;r.e("94177").then(r.bind(r,213391)),"@site/versioned_docs/version-1.9.x/concepts/operators/management-plane.mdx",213391],d05577f8:[()=&gt;r.e("55046").then(r.bind(r,157001)),"@site/versioned_docs/version-1.7.x/concepts/operators/control-plane.mdx",157001],d06380c2:[()=&gt;r.e("63963").then(r.bind(r,172256)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",172256],d09a95c7:[()=&gt;r.e("2197").then(r.bind(r,904647)),"@site/versioned_docs/version-1.9.x/knowledge-base/faq.mdx",904647],d0a55d92:[()=&gt;r.e("73399").then(r.bind(r,202838)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/status.mdx",202838],d0b93d5f:[()=&gt;r.e("54622").then(r.bind(r,144455)),"@site/versioned_docs/version-1.10.x/troubleshooting/configuration-status.mdx",144455],d0d44b20:[()=&gt;r.e("39112").then(r.t.bind(r,181495,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-traffic-v-2-yaml-71a.json",181495],d0e71946:[()=&gt;Promise.all([r.e("86212"),r.e("8075")]).then(r.bind(r,956883)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/operating/monitor.mdx",956883],d0e90f28:[()=&gt;r.e("58274").then(r.bind(r,829414)),"@site/versioned_docs/version-1.12.x/concepts/traffic-management.mdx",829414],d0eba7d3:[()=&gt;r.e("72987").then(r.bind(r,891297)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/install.md",891297],d0ff7a82:[()=&gt;r.e("67551").then(r.bind(r,953672)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",953672],d11a012b:[()=&gt;r.e("5819").then(r.t.bind(r,876308,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-v-2-yaml-342.json",876308],d13415a6:[()=&gt;r.e("32275").then(r.bind(r,535069)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/kubectl.mdx",535069],d14981af:[()=&gt;r.e("39873").then(r.bind(r,46657)),"@site/versioned_docs/version-1.11.x/operations/elasticsearch/wipe-elastic.mdx",46657],d16da88a:[()=&gt;r.e("69752").then(r.bind(r,460202)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/team.mdx",460202],d19cd076:[()=&gt;r.e("33363").then(r.t.bind(r,923482,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-postgresql-e9d.json",923482],d1a631af:[()=&gt;r.e("29438").then(r.bind(r,454911)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/status_service.mdx",454911],d1b6192c:[()=&gt;r.e("41725").then(r.bind(r,411671)),"@site/versioned_docs/version-1.11.x/refs/tsb/diagnostic/v2/diagnostic_service.mdx",411671],d1c7759b:[()=&gt;r.e("31878").then(r.t.bind(r,635058,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-iam-v-2-grpc-ea7.json",635058],d1c79f79:[()=&gt;r.e("31572").then(r.bind(r,133080)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-quickstart.mdx",133080],d1d30239:[()=&gt;r.e("38836").then(r.bind(r,134582)),"@site/versioned_docs/version-1.10.x/reference/grpc-api/guide.mdx",134582],d1fdeccb:[()=&gt;r.e("42884").then(r.bind(r,153721)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/demo-2.mdx",153721],d22913ee:[()=&gt;r.e("46504").then(r.bind(r,627595)),"@site/versioned_docs/version-1.11.x/operations/elasticsearch/elasticsearch-role.mdx",627595],d22e051b:[()=&gt;r.e("50278").then(r.bind(r,178197)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/security_access_bindings.mdx",178197],d23922f5:[()=&gt;r.e("88585").then(r.bind(r,733793)),"@site/versioned_docs/version-next/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",733793],d242b60f:[()=&gt;r.e("95886").then(r.bind(r,165271)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/authorization/aws/v1alpha1/aws.mdx",165271],d244e1b0:[()=&gt;r.e("65555").then(r.bind(r,914551)),"@site/versioned_docs/version-1.8.x/quickstart/workspace.mdx",914551],d28f06f0:[()=&gt;r.e("43427").then(r.bind(r,438190)),"@site/versioned_docs/version-1.10.x/refs/tsb/observability/telemetry/v2/source.mdx",438190],d2973fca:[()=&gt;r.e("19646").then(r.bind(r,632528)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",632528],d29fb880:[()=&gt;r.e("37239").then(r.bind(r,362936)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/tsb-quickstart.mdx",362936],d2a2781a:[()=&gt;Promise.all([r.e("86212"),r.e("48975")]).then(r.bind(r,419634)),"@site/versioned_docs/version-next/quickstart/deploy-sample-app.mdx",419634],d2c396f6:[()=&gt;r.e("61101").then(r.bind(r,354525)),"@site/versioned_docs/version-1.8.x/operations/features/configure-cluster-external-addresses.mdx",354525],d2d038d0:[()=&gt;r.e("34844").then(r.bind(r,153870)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/access_bindings.mdx",153870],d2d95c70:[()=&gt;r.e("93598").then(r.bind(r,553115)),"@site/versioned_docs/version-1.11.x/refs/tsb/traffic/v2/istio_traffic_direct.mdx",553115],d2ef3e85:[()=&gt;r.e("52099").then(r.bind(r,551274)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/edge-failover.mdx",551274],d2f04c16:[()=&gt;r.e("73158").then(r.bind(r,374214)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",374214],d318bb70:[()=&gt;Promise.all([r.e("86212"),r.e("21807")]).then(r.bind(r,39058)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/toc.mdx",39058],d365f739:[()=&gt;r.e("85670").then(r.t.bind(r,413753,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-security-v-2-grpc-0a8.json",413753],d38cee2e:[()=&gt;r.e("70244").then(r.bind(r,914008)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",914008],d3afdb3b:[()=&gt;r.e("651").then(r.bind(r,544121)),"@site/versioned_docs/version-1.7.x/operations/kube-customization.mdx",544121],d3cbe39e:[()=&gt;r.e("80625").then(r.t.bind(r,136867,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-v-2-yaml-434.json",136867],d3d83646:[()=&gt;r.e("69226").then(r.bind(r,400977)),"@site/versioned_docs/version-1.9.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",400977],d3dde112:[()=&gt;r.e("5386").then(r.t.bind(r,367095,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-k-8-s-api-9ad.json",367095],d3e3542a:[()=&gt;r.e("66781").then(r.bind(r,107486)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/security_access_bindings.mdx",107486],d3e671ce:[()=&gt;r.e("13900").then(r.bind(r,278051)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/tsb-concepts.mdx",278051],d4153d81:[()=&gt;r.e("73049").then(r.bind(r,380499)),"@site/versioned_docs/version-1.6.x/operations/users/configuring-ldap.mdx",380499],d4419a67:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("70820")]).then(r.bind(r,542923)),"@site/versioned_docs/version-1.11.x/quickstart/permissions.mdx",542923],d463f799:[()=&gt;r.e("71741").then(r.t.bind(r,493265,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-operators-cdb.json",493265],d4ae3c45:[()=&gt;r.e("52027").then(r.bind(r,717465)),"@site/versioned_docs/version-next/setup/upgrade-best-practices.md",717465],d4c08079:[()=&gt;Promise.all([r.e("86212"),r.e("67353")]).then(r.bind(r,949837)),"@site/versioned_docs/version-1.7.x/setup/firewall-information.mdx",949837],d4e4039d:[()=&gt;r.e("98819").then(r.bind(r,329467)),"@site/versioned_docs/version-1.6.x/operations/graceful-connection-drain.mdx",329467],d4e480ee:[()=&gt;Promise.all([r.e("86212"),r.e("29565")]).then(r.bind(r,956095)),"@site/versioned_docs/version-1.11.x/setup/helm/toc.mdx",956095],d4ef315e:[()=&gt;Promise.all([r.e("86212"),r.e("53879")]).then(r.bind(r,529086)),"@site/versioned_docs/version-1.7.x/howto/gateway/shared-ingress.mdx",529086],d4f45549:[()=&gt;r.e("62504").then(r.bind(r,335120)),"@site/versioned_docs/version-1.11.x/howto/gitops/flagger.mdx",335120],d514c959:[()=&gt;r.e("97593").then(r.bind(r,384850)),"@site/versioned_docs/version-next/howto/waf.mdx",384850],d514d70b:[()=&gt;Promise.all([r.e("86212"),r.e("41915")]).then(r.bind(r,920220)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/active-standby/troubleshoot.mdx",920220],d52a0c84:[()=&gt;r.e("51683").then(r.bind(r,937876)),"@site/versioned_docs/version-1.7.x/howto/gateway/unified-gateway.mdx",937876],d5656167:[()=&gt;r.e("17605").then(r.bind(r,161683)),"@site/versioned_docs/version-1.11.x/refs/tsb/q/v2/approvals_service.mdx",161683],d579c62a:[()=&gt;r.e("4229").then(r.bind(r,161245)),"@site/versioned_docs/version-next/howto/hpa-using-oap.mdx",161245],d5852747:[()=&gt;r.e("94912").then(r.bind(r,323249)),"@site/versioned_docs/version-1.12.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",323249],d58bf6b2:[()=&gt;r.e("7328").then(r.t.bind(r,468167,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-setup-workload-onboarding-quickstart-201.json",468167],d5a12e89:[()=&gt;Promise.all([r.e("86212"),r.e("50352")]).then(r.bind(r,396890)),"@site/versioned_docs/version-1.8.x/setup/self-managed/toc.mdx",396890],d5d003c5:[()=&gt;r.e("61821").then(r.bind(r,879694)),"@site/versioned_docs/version-1.12.x/concepts/architecture.mdx",879694],d5ee4d1e:[()=&gt;r.e("99374").then(r.bind(r,684552)),"@site/versioned_docs/version-1.6.x/refs/tsb/rbac/v2/istio_internal_access_bindings.mdx",684552],d6008c2d:[()=&gt;r.e("41541").then(r.bind(r,617323)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/permissions.mdx",617323],d629df33:[()=&gt;r.e("18166").then(r.bind(r,200651)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",200651],d62fadc6:[()=&gt;r.e("94472").then(r.bind(r,552963)),"@site/versioned_docs/version-1.12.x/troubleshooting/troubleshooting.mdx",552963],d647b67c:[()=&gt;r.e("23825").then(r.t.bind(r,394147,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-gateway-v-2-yaml-e1f.json",394147],d66561d0:[()=&gt;r.e("13584").then(r.bind(r,649267)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",649267],d66627c9:[()=&gt;Promise.all([r.e("86212"),r.e("66299")]).then(r.bind(r,610542)),"@site/versioned_docs/version-1.10.x/reference/cli/guide/index.mdx",610542],d6714bb7:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("73316")]).then(r.bind(r,716336)),"@site/versioned_docs/version-1.8.x/quickstart/traffic-shifting.mdx",716336],d67e078c:[()=&gt;r.e("37444").then(r.bind(r,325641)),"@site/versioned_docs/version-1.8.x/refs/istio.io/api/operator/v1alpha1/operator.mdx",325641],d6b97431:[()=&gt;r.e("88550").then(r.bind(r,290868)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/tsb-concepts.mdx",290868],d6cf3814:[()=&gt;r.e("33254").then(r.bind(r,703201)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/cluster_service.mdx",703201],d6d58d60:[()=&gt;r.e("41978").then(r.bind(r,413887)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/workspace_access_bindings.mdx",413887],d6ea071f:[()=&gt;r.e("58502").then(r.bind(r,654656)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/info.mdx",654656],d6ee98b9:[()=&gt;r.e("37871").then(r.t.bind(r,553406,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-application-v-2-yaml-eff.json",553406],d71f49b9:[()=&gt;r.e("779").then(r.bind(r,769906)),"@site/versioned_docs/version-1.10.x/operations/elasticsearch/wipe-elastic.mdx",769906],d744e69c:[()=&gt;r.e("49414").then(r.bind(r,853171)),"@site/versioned_docs/version-1.11.x/reference/rest-api/guide.mdx",853171],d76d2e88:[()=&gt;r.e("46298").then(r.bind(r,280069)),"@site/versioned_docs/version-1.7.x/refs/iam/v2/oidc_service.mdx",280069],d7b57a60:[()=&gt;r.e("30437").then(r.bind(r,489561)),"@site/versioned_docs/version-1.12.x/setup/components.mdx",489561],d7ba9175:[()=&gt;r.e("74813").then(r.bind(r,878413)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",878413],d7c077d5:[()=&gt;r.e("70149").then(r.bind(r,914799)),"@site/versioned_docs/version-1.8.x/reference/yaml-api/guide.mdx",914799],d7cc4ca2:[()=&gt;r.e("53923").then(r.bind(r,186948)),"@site/versioned_docs/version-next/concepts/configuration-dataflow.mdx",186948],d7d60e42:[()=&gt;r.e("63111").then(r.bind(r,296618)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",296618],d7e02660:[()=&gt;r.e("55050").then(r.t.bind(r,392564,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-observability-telemetry-v-2-yaml-939.json",392564],d83f762e:[()=&gt;r.e("85540").then(r.t.bind(r,291322,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-tags-featured-0be.json",291322],d84290f8:[()=&gt;r.e("61018").then(r.bind(r,727635)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting.md",727635],d843bcee:[()=&gt;r.e("72491").then(r.bind(r,728459)),"@site/versioned_docs/version-1.8.x/operations/features/tier1-in-app-cluster.mdx",728459],d8604b5e:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("25207")]).then(r.bind(r,716571)),"@site/versioned_docs/version-1.6.x/howto/gateway/end-user-auth-keycloak.mdx",716571],d860f72a:[()=&gt;r.e("62634").then(r.bind(r,749868)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/apply.md",749868],d873ff4f:[()=&gt;r.e("45260").then(r.t.bind(r,187423,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-traffic-v-2-grpc-e05.json",187423],d87ff565:[()=&gt;r.e("99404").then(r.t.bind(r,680106,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-rbac-v-2-grpc-21f.json",680106],d8ae0479:[()=&gt;r.e("97406").then(r.bind(r,639748)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",639748],d8e136a5:[()=&gt;r.e("33891").then(r.t.bind(r,568954,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-howto-c8f.json",568954],d90f7fb3:[()=&gt;r.e("14943").then(r.bind(r,570769)),"@site/versioned_docs/version-1.11.x/howto/gateway/service-identity-propagation.mdx",570769],d94b60ed:[()=&gt;r.e("70306").then(r.bind(r,637478)),"@site/versioned_docs/version-1.8.x/setup/certificate/automated-certificate-management.mdx",637478],d9914b1b:[()=&gt;r.e("54582").then(r.bind(r,579775)),"@site/versioned_docs/version-1.6.x/reference/rest-api/guide.mdx",579775],d997f7c6:[()=&gt;r.e("26792").then(r.bind(r,475737)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/istio_security_direct.mdx",475737],d9b7b374:[()=&gt;r.e("50277").then(r.t.bind(r,277929,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-k-8-s-api-tsb-crds-gen-fae.json",277929],d9d0cfbb:[()=&gt;r.e("71702").then(r.bind(r,667624)),"@site/versioned_docs/version-1.7.x/setup/tctl-connect.mdx",667624],d9d3cadf:[()=&gt;r.e("24388").then(r.bind(r,521565)),"@site/versioned_docs/version-1.9.x/design-guides/ha-multicluster/demo-2.mdx",521565],d9e0a5ee:[()=&gt;Promise.all([r.e("86212"),r.e("92471")]).then(r.bind(r,995315)),"@site/versioned_docs/version-next/setup/workload-onboarding/quickstart/on-premise/toc.mdx",995315],d9e21ad8:[()=&gt;r.e("93045").then(r.t.bind(r,876698,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-tags-tsb-concepts-7dc.json",876698],d9e4f943:[()=&gt;r.e("75130").then(r.bind(r,984148)),"@site/versioned_docs/version-1.7.x/reference/rest-api/guide.mdx",984148],d9ead56a:[()=&gt;r.e("79051").then(r.bind(r,632621)),"@site/versioned_docs/version-1.8.x/howto/waf.mdx",632621],d9f52332:[()=&gt;r.e("7178").then(r.bind(r,759325)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/cluster_service.mdx",759325],d9f96cf9:[()=&gt;r.e("88201").then(r.bind(r,336461)),"@site/versioned_docs/version-1.12.x/howto/authorization/tls-verification.mdx",336461],da012ee7:[()=&gt;Promise.all([r.e("86212"),r.e("54169")]).then(r.bind(r,272303)),"@site/versioned_docs/version-1.11.x/quickstart/security.mdx",272303],da030864:[()=&gt;r.e("14846").then(r.bind(r,631809)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",631809],da03ef5b:[()=&gt;r.e("32990").then(r.bind(r,435413)),"@site/versioned_docs/version-1.8.x/troubleshooting/identify-underperforming-services.mdx",435413],da0f4f3b:[()=&gt;r.e("23633").then(r.bind(r,677355)),"@site/versioned_docs/version-next/index.mdx",677355],da1b1939:[()=&gt;r.e("87067").then(r.t.bind(r,25785,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-certificate-14b.json",25785],da1b6cae:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("50923")]).then(r.bind(r,971438)),"@site/versioned_docs/version-1.9.x/howto/rate-limiting/external-rate-limiting.mdx",971438],da280135:[()=&gt;r.e("94746").then(r.t.bind(r,516505,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-registry-v-2-grpc-cb3.json",516505],da3a8962:[()=&gt;r.e("13390").then(r.bind(r,246998)),"@site/versioned_docs/version-next/setup/helm/controlplane.mdx",246998],da3f36e5:[()=&gt;r.e("83409").then(r.bind(r,987905)),"@site/versioned_docs/version-1.8.x/howto/security-domains.mdx",987905],da6e5fba:[()=&gt;r.e("78321").then(r.bind(r,637287)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/onboarding.mdx",637287],da807d9e:[()=&gt;r.e("15242").then(r.bind(r,816476)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/plane/generator/v1alpha1/version.mdx",816476],da8ad1e6:[()=&gt;r.e("85723").then(r.t.bind(r,279732,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_9_x/redocApiSpecV1.2-1_9_x.json",279732],da9d0e11:[()=&gt;r.e("1227").then(r.bind(r,633607)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/application_access_bindings.mdx",633607],dab287ee:[()=&gt;r.e("46957").then(r.t.bind(r,226068,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-aws-245.json",226068],dae26c67:[()=&gt;r.e("59008").then(r.bind(r,527211)),"@site/versioned_docs/version-1.9.x/operations/vault/istiod-ca.mdx",527211],db1326ee:[()=&gt;Promise.all([r.e("86212"),r.e("16681")]).then(r.bind(r,729699)),"@site/versioned_docs/version-1.8.x/design-guides/app-onboarding/high-availability.mdx",729699],db263acb:[()=&gt;r.e("64434").then(r.bind(r,157794)),"@site/versioned_docs/version-next/operations/users/users-roles-and-permissions.mdx",157794],db5c254e:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("76601")]).then(r.bind(r,526165)),"@site/versioned_docs/version-1.9.x/quickstart/traffic-shifting.mdx",526165],db65c72d:[()=&gt;r.e("70525").then(r.bind(r,783368)),"@site/versioned_docs/version-1.6.x/refs/tsb/auth/v2/auth.mdx",783368],db6b0a50:[()=&gt;r.e("76323").then(r.t.bind(r,979022,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-howto-gateway-015.json",979022],db6e6426:[()=&gt;r.e("71611").then(r.bind(r,586837)),"@site/versioned_docs/version-1.11.x/cheatsheet/sheets/tctl.mdx",586837],db887a09:[()=&gt;r.e("48693").then(r.bind(r,661668)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/onboarding.mdx",661668],db92dce0:[()=&gt;r.e("67679").then(r.bind(r,144913)),"@site/versioned_docs/version-1.10.x/reference/yaml-api/guide.mdx",144913],dbabe2dc:[()=&gt;r.e("55702").then(r.bind(r,985059)),"@site/versioned_docs/version-1.6.x/refs/audit/v1/audit.mdx",985059],dbb1a60e:[()=&gt;r.e("52193").then(r.bind(r,850053)),"@site/versioned_docs/version-1.12.x/refs/tsb/application/v2/api.mdx",850053],dbd7050b:[()=&gt;r.e("17874").then(r.t.bind(r,763923,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-yaml-api-7c2.json",763923],dbe87919:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("60964")]).then(r.bind(r,747611)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/index.mdx",747611],dbec3712:[()=&gt;Promise.all([r.e("86212"),r.e("77967")]).then(r.bind(r,838195)),"@site/versioned_docs/version-1.11.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw.mdx",838195],dc084f49:[()=&gt;r.e("45861").then(r.bind(r,614759)),"@site/versioned_docs/version-next/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token.mdx",614759],dc0e2bb3:[()=&gt;r.e("6121").then(r.bind(r,469466)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig.md",469466],dc13454d:[()=&gt;r.e("92330").then(r.bind(r,725826)),"@site/versioned_docs/version-1.11.x/design-guides/ha-multicluster/introduction.mdx",725826],dc23d971:[()=&gt;r.e("62491").then(r.bind(r,835519)),"@site/versioned_docs/version-1.7.x/operations/vault/postgresql.mdx",835519],dc4be721:[()=&gt;r.e("81629").then(r.bind(r,851444)),"@site/versioned_docs/version-1.8.x/concepts/operators/management-plane.mdx",851444],dc4db134:[()=&gt;r.e("88665").then(r.bind(r,977059)),"@site/versioned_docs/version-1.9.x/howto/gateway/unified-gateway.mdx",977059],dc57ab53:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("23681")]).then(r.bind(r,884241)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/onboarding-vms.mdx",884241],dc5dc24d:[()=&gt;r.e("6517").then(r.bind(r,655853)),"@site/versioned_docs/version-1.12.x/howto/wasm/wasm-overview.mdx",655853],dc791139:[()=&gt;r.e("40972").then(r.bind(r,373557)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/gateway_common.mdx",373557],dc86b3ce:[()=&gt;r.e("33023").then(r.bind(r,512872)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm.mdx",512872],dc94b4f0:[()=&gt;r.e("23511").then(r.bind(r,377775)),"@site/versioned_docs/version-1.6.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",377775],dca005eb:[()=&gt;r.e("61942").then(r.bind(r,68984)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/team_service.mdx",68984],dca9b665:[()=&gt;r.e("61892").then(r.t.bind(r,98123,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-profile-v-2-yaml-804.json",98123],dcb079e0:[()=&gt;r.e("11076").then(r.bind(r,904767)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/whoami.md",904767],dcb15fcf:[()=&gt;r.e("74000").then(r.bind(r,174608)),"@site/versioned_docs/version-1.11.x/howto/traffic/configure-multi-port-service-route.mdx",174608],dcb219dc:[()=&gt;r.e("91925").then(r.bind(r,524157)),"@site/versioned_docs/version-1.7.x/quickstart/config-groups.mdx",524157],dcdce063:[()=&gt;r.e("70726").then(r.t.bind(r,405458,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-ee7.json",405458],dce63438:[()=&gt;r.e("82772").then(r.t.bind(r,999425,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-aws-a5a.json",999425],dd0a946e:[()=&gt;r.e("18105").then(r.bind(r,911453)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",911453],dd0b7dd4:[()=&gt;r.e("22979").then(r.t.bind(r,986573,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-registry-v-2-yaml-57d.json",986573],dd264a88:[()=&gt;r.e("77344").then(r.bind(r,168092)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io.md",168092],dd269cf6:[()=&gt;r.e("52830").then(r.bind(r,504708)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/managing.mdx",504708],dd286bd2:[()=&gt;r.e("44471").then(r.bind(r,219613)),"@site/versioned_docs/version-1.8.x/howto/traffic/external-site-https.mdx",219613],dd40de2b:[()=&gt;r.e("37333").then(r.bind(r,302798)),"@site/versioned_docs/version-1.6.x/refs/install/dataplane/v1alpha1/spec.mdx",302798],dd4d7c20:[()=&gt;r.e("60052").then(r.bind(r,586713)),"@site/versioned_docs/version-next/howto/traffic/gateway-mtls.mdx",586713],dd4fc284:[()=&gt;r.e("84355").then(r.bind(r,163752)),"@site/versioned_docs/version-1.12.x/setup/helm/controlplane.mdx",163752],dd7ede60:[()=&gt;r.e("23075").then(r.bind(r,355025)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/traffic_access_bindings.mdx",355025],dd7f6247:[()=&gt;r.e("70223").then(r.bind(r,287540)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/experimental.md",287540],dd889229:[()=&gt;r.e("71893").then(r.bind(r,917295)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/status_service.mdx",917295],ddac4a9c:[()=&gt;r.e("18714").then(r.bind(r,128807)),"@site/versioned_docs/version-next/refs/tsb/observability/telemetry/v2/metric.mdx",128807],ddc30092:[()=&gt;r.e("39483").then(r.bind(r,360241)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/gateway.mdx",360241],dddc2395:[()=&gt;Promise.all([r.e("86212"),r.e("26840")]).then(r.bind(r,533792)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/toc.mdx",533792],ddde7118:[()=&gt;r.e("14803").then(r.bind(r,578781)),"@site/versioned_docs/version-next/concepts/service-mesh.mdx",578781],ddef7ded:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("34171")]).then(r.bind(r,970195)),"@site/versioned_docs/version-1.7.x/howto/traffic/load-balance.mdx",970195],ddf7ab7e:[()=&gt;r.e("21347").then(r.bind(r,324420)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/debug.md",324420],de206643:[()=&gt;r.e("852").then(r.bind(r,433941)),"@site/versioned_docs/version-next/refs/private/iam/v1/iam.mdx",433941],de2f1b11:[()=&gt;r.e("86070").then(r.bind(r,384719)),"@site/versioned_docs/version-next/setup/helm/upgrade.mdx",384719],de426d2e:[()=&gt;r.e("87360").then(r.bind(r,265055)),"@site/versioned_docs/version-1.11.x/troubleshooting/tsb-ui-metrics.mdx",265055],de5a3d82:[()=&gt;r.e("33773").then(r.bind(r,249760)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service.mdx",249760],de69bfab:[()=&gt;r.e("21012").then(r.bind(r,364178)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/tenant.mdx",364178],de71a080:[()=&gt;r.e("18120").then(r.bind(r,751926)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/login.md",751926],de95b080:[()=&gt;r.e("83079").then(r.bind(r,917348)),"@site/versioned_docs/version-1.12.x/refs/tsb/segmentation/v1/membership.mdx",917348],de9bb0ad:[()=&gt;r.e("77970").then(r.t.bind(r,849893,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-gateway-v-2-yaml-b27.json",849893],dea02884:[()=&gt;r.e("87632").then(r.bind(r,683393)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/protocol/session/v1alpha1/session_service.mdx",683393],deab080d:[()=&gt;r.e("32883").then(r.bind(r,60592)),"@site/versioned_docs/version-1.8.x/refs/install/controlplane/v1alpha1/spec.mdx",60592],deade7e1:[()=&gt;r.e("18083").then(r.bind(r,568587)),"@site/versioned_docs/version-1.6.x/refs/tsb/extension/v2/wasm_extension.mdx",568587],debbc4b9:[()=&gt;r.e("12658").then(r.bind(r,808618)),"@site/versioned_docs/version-1.9.x/operations/features/istio-cni.mdx",808618],dec7dcab:[()=&gt;r.e("59350").then(r.t.bind(r,989449,19)),"@generated/docusaurus-plugin-redoc/1_6_x/__plugin.json",989449],ded2ba12:[()=&gt;r.e("66712").then(r.bind(r,351186)),"@site/versioned_docs/version-next/concepts/tsb-and-istio.mdx",351186],defc4737:[()=&gt;r.e("60765").then(r.bind(r,473036)),"@site/versioned_docs/version-1.8.x/refs/tsb/registry/v2/lookup_service.mdx",473036],df179c38:[()=&gt;r.e("66599").then(r.t.bind(r,210376,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-k-8-s-api-tsb-crds-gen-fba.json",210376],df186a93:[()=&gt;r.e("4810").then(r.bind(r,106633)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",106633],df1bdc6f:[()=&gt;r.e("25979").then(r.bind(r,423102)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/security-management.mdx",423102],df203c0f:[()=&gt;Promise.all([r.e("86212"),r.e("60815")]).then(r.bind(r,187046)),"@theme/DocTagDocListPage",187046],df28b5cf:[()=&gt;r.e("87702").then(r.bind(r,552411)),"@site/versioned_docs/version-1.9.x/operations/features/label-annotation.mdx",552411],df314566:[()=&gt;Promise.all([r.e("86212"),r.e("95634")]).then(r.bind(r,64955)),"@site/versioned_docs/version-1.6.x/quickstart/apps.mdx",64955],df34fcb6:[()=&gt;r.e("4299").then(r.bind(r,554535)),"@site/versioned_docs/version-1.10.x/refs/tsb/application/v2/application_service.mdx",554535],df351c5a:[()=&gt;r.e("27734").then(r.t.bind(r,432680,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-segmentation-v-1-grpc-3b9.json",432680],df4efaac:[()=&gt;r.e("55812").then(r.t.bind(r,112146,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-istiointernal-v-2-grpc-eb4.json",112146],df6bd70c:[()=&gt;r.e("8706").then(r.bind(r,518611)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",518611],df933a7f:[()=&gt;r.e("40027").then(r.bind(r,573275)),"@site/versioned_docs/version-1.9.x/operations/features/tls-origin-multi-cluster.mdx",573275],dfbc2035:[()=&gt;r.e("97525").then(r.bind(r,151739)),"@site/versioned_docs/version-1.10.x/howto/gitops/gitops.mdx",151739],dfc61c82:[()=&gt;r.e("85987").then(r.bind(r,758633)),"@site/versioned_docs/version-1.11.x/concepts/security.mdx",758633],dfc677c7:[()=&gt;r.e("62594").then(r.bind(r,689010)),"@site/versioned_docs/version-1.12.x/release-notes-announcements/support-policy.mdx",689010],e0199160:[()=&gt;r.e("38391").then(r.bind(r,293703)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",293703],e0266104:[()=&gt;r.e("71118").then(r.bind(r,584133)),"@site/versioned_docs/version-1.8.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",584133],e032f0ef:[()=&gt;r.e("72714").then(r.bind(r,264314)),"@site/versioned_docs/version-1.12.x/refs/onboarding/private/types/config/v1alpha1/transport_security.mdx",264314],e0365d08:[()=&gt;r.e("79995").then(r.bind(r,29144)),"@site/versioned_docs/version-1.9.x/howto/gitops/flagger.mdx",29144],e03f46e4:[()=&gt;r.e("92975").then(r.t.bind(r,825019,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-k-8-s-api-tsb-crds-gen-9f9.json",825019],e046d572:[()=&gt;r.e("3060").then(r.bind(r,324928)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/workspace_service.mdx",324928],e047ae28:[()=&gt;r.e("98821").then(r.bind(r,890609)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/internal-rate-limiting.mdx",890609],e0627c5f:[()=&gt;Promise.all([r.e("86212"),r.e("27366")]).then(r.bind(r,650373)),"@site/versioned_docs/version-next/operations/telemetry/telemetry-architecture.mdx",650373],e069c226:[()=&gt;r.e("83850").then(r.bind(r,292662)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",292662],e08f8ff5:[()=&gt;r.e("77013").then(r.bind(r,209117)),"@site/versioned_docs/version-1.12.x/operations/telemetry/distributed-tracing.md",209117],e092888b:[()=&gt;r.e("10525").then(r.bind(r,351119)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",351119],e09aa11f:[()=&gt;r.e("2084").then(r.bind(r,609979)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting.md",609979],e09ff68f:[()=&gt;r.e("84700").then(r.t.bind(r,894230,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_8_x/redocApiSpecV1.2-1_8_x.json",894230],e0d2c11b:[()=&gt;r.e("40155").then(r.bind(r,485482)),"@site/versioned_docs/version-1.12.x/release-notes-announcements/feature-status.mdx",485482],e0eccbc9:[()=&gt;r.e("80986").then(r.bind(r,267625)),"@site/versioned_docs/version-1.12.x/howto/network-policies.mdx",267625],e138c576:[()=&gt;r.e("40954").then(r.bind(r,923989)),"@site/versioned_docs/version-1.6.x/reference/grpc-api/guide.mdx",923989],e1640f9b:[()=&gt;r.e("91103").then(r.bind(r,310130)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",310130],e17f4106:[()=&gt;r.e("46468").then(r.bind(r,401723)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/cluster.mdx",401723],e182ac55:[()=&gt;r.e("58847").then(r.bind(r,624146)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/tier1-gateway.mdx",624146],e1a33887:[()=&gt;r.e("37982").then(r.bind(r,520479)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/experimental.md",520479],e1b25346:[()=&gt;r.e("31288").then(r.bind(r,739475)),"@site/versioned_docs/version-next/refs/tsb/rbac/v2/permissions.mdx",739475],e1b652d4:[()=&gt;r.e("88154").then(r.bind(r,908218)),"@site/versioned_docs/version-1.10.x/setup/certificate/certificate-setup.mdx",908218],e1c14ca6:[()=&gt;r.e("64310").then(r.bind(r,101410)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/get.md",101410],e1cf29af:[()=&gt;r.e("2345").then(r.bind(r,898702)),"@site/versioned_docs/version-1.8.x/operations/telemetry/distributed-tracing.md",898702],e1dde5c3:[()=&gt;r.e("15292").then(r.bind(r,549165)),"@site/versioned_docs/version-1.11.x/design-guides/app-onboarding/promote-service.mdx",549165],e1eda0ae:[()=&gt;r.e("64640").then(r.bind(r,314132)),"@site/versioned_docs/version-1.12.x/operations/users/configuring-ldap.mdx",314132],e1f29e56:[()=&gt;r.e("90589").then(r.t.bind(r,682482,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_8_x/redocApiLayoutV1-1_8_x.json",682482],e1fecf6f:[()=&gt;r.e("39739").then(r.bind(r,947181)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/workload-entry-annotations.md",947181],e207a9fe:[()=&gt;r.e("38655").then(r.bind(r,670739)),"@site/versioned_docs/version-1.8.x/setup/migrate-tctl-to-helm.mdx",670739],e20974ef:[()=&gt;r.e("63407").then(r.bind(r,529228)),"@site/versioned_docs/version-1.7.x/setup/helm/controlplane.mdx",529228],e20998bb:[()=&gt;r.e("12629").then(r.bind(r,124270)),"@site/versioned_docs/version-1.6.x/operations/users/roles-and-permissions.mdx",124270],e2167f4d:[()=&gt;r.e("96191").then(r.t.bind(r,395047,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-extension-v-2-grpc-8ba.json",395047],e23f8723:[()=&gt;r.e("96862").then(r.bind(r,722895)),"@site/versioned_docs/version-1.11.x/setup/self-managed/demo-installation.mdx",722895],e2653ef4:[()=&gt;r.e("71534").then(r.bind(r,157114)),"@site/versioned_docs/version-1.12.x/setup/fips.md",157114],e26eaebb:[()=&gt;r.e("82630").then(r.t.bind(r,77280,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-profile-v-2-grpc-60e.json",77280],e278ad7e:[()=&gt;r.e("43801").then(r.bind(r,229629)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",229629],e27cb98d:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("48033")]).then(r.bind(r,57771)),"@site/versioned_docs/version-1.8.x/design-guides/ha-multicluster/index.mdx",57771],e290b90f:[()=&gt;r.e("65540").then(r.bind(r,811888)),"@site/versioned_docs/version-1.11.x/setup/isolation-boundaries-installation.mdx",811888],e2a059da:[()=&gt;r.e("31991").then(r.bind(r,780798)),"@site/versioned_docs/version-1.8.x/troubleshooting/configuration-status.mdx",780798],e2a6c3f8:[()=&gt;r.e("72506").then(r.bind(r,483037)),"@site/versioned_docs/version-1.12.x/howto/traffic/gateway-mtls.mdx",483037],e2ab1b5e:[()=&gt;r.e("14631").then(r.bind(r,570053)),"@site/versioned_docs/version-1.8.x/setup/helm/managementplane.mdx",570053],e2aba6cb:[()=&gt;r.e("33709").then(r.t.bind(r,531172,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-category-working-with-tetrate-customer-support-953.json",531172],e2b18058:[()=&gt;r.e("67368").then(r.t.bind(r,719833,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-elasticsearch-f92.json",719833],e2c2d5fa:[()=&gt;r.e("27944").then(r.t.bind(r,129359,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-f66.json",129359],e2d3a61f:[()=&gt;r.e("89191").then(r.t.bind(r,570806,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-audit-v-1-grpc-3cb.json",570806],e2e0c593:[()=&gt;r.e("27434").then(r.t.bind(r,799778,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-traffic-v-2-grpc-163.json",799778],e2f0c46b:[()=&gt;r.e("38923").then(r.bind(r,635894)),"@site/versioned_docs/version-1.12.x/setup/security-context.mdx",635894],e3061229:[()=&gt;Promise.all([r.e("86212"),r.e("50872")]).then(r.bind(r,915232)),"@site/versioned_docs/version-1.9.x/setup/firewall-information.mdx",915232],e31a84ec:[()=&gt;r.e("70841").then(r.t.bind(r,747280,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-observability-telemetry-v-2-yaml-170.json",747280],e34172b0:[()=&gt;r.e("15371").then(r.bind(r,600248)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization.md",600248],e363986d:[()=&gt;r.e("94498").then(r.bind(r,134190)),"@site/versioned_docs/version-1.8.x/operations/lower-istio-resources.mdx",134190],e39ae4a5:[()=&gt;r.e("83123").then(r.t.bind(r,232203,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-telemetry-09c.json",232203],e3a2d79b:[()=&gt;r.e("44150").then(r.t.bind(r,928898,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-setup-632.json",928898],e3a39534:[()=&gt;Promise.all([r.e("86212"),r.e("21349")]).then(r.bind(r,165170)),"@site/versioned_docs/version-1.9.x/howto/gateway/shared-ingress.mdx",165170],e3b0e305:[()=&gt;r.e("89963").then(r.bind(r,840028)),"@site/versioned_docs/version-1.9.x/refs/tsb/traffic/v2/traffic_service.mdx",840028],e3c24203:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("66540")]).then(r.bind(r,228065)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/onboarding-vms.mdx",228065],e3d8e4d8:[()=&gt;r.e("2604").then(r.t.bind(r,891379,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-gateway-v-2-grpc-73f.json",891379],e3d928f3:[()=&gt;r.e("20688").then(r.bind(r,275429)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration.mdx",275429],e4115a63:[()=&gt;r.e("74564").then(r.t.bind(r,740360,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-tags-featured-53a.json",740360],e41f742e:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("62865")]).then(r.bind(r,123856)),"@site/versioned_docs/version-1.12.x/howto/authorization/sidecar.mdx",123856],e42593ca:[()=&gt;r.e("37044").then(r.t.bind(r,722333,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-cli-f76.json",722333],e4325c1f:[()=&gt;r.e("23832").then(r.bind(r,396625)),"@site/versioned_docs/version-1.8.x/refs/iam/v2/oauth_service.mdx",396625],e45d47d2:[()=&gt;r.e("1899").then(r.bind(r,697704)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io.md",697704],e460d660:[()=&gt;r.e("50262").then(r.bind(r,577699)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/tenant_access_bindings.mdx",577699],e469ce30:[()=&gt;r.e("28832").then(r.bind(r,460785)),"@site/versioned_docs/version-next/concepts/configuration-inheritance.mdx",460785],e4846830:[()=&gt;Promise.all([r.e("86212"),r.e("50257")]).then(r.bind(r,796469)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/introduction.mdx",796469],e4861b48:[()=&gt;r.e("1499").then(r.bind(r,803464)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin.mdx",803464],e4a4f9a5:[()=&gt;r.e("24150").then(r.bind(r,689388)),"@site/versioned_docs/version-1.11.x/refs/iam/v2/oauth_service.mdx",689388],e4af8df3:[()=&gt;r.e("80805").then(r.bind(r,546130)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/managing.mdx",546130],e4ebe3ae:[()=&gt;r.e("93500").then(r.t.bind(r,205821,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-howto-wasm-227.json",205821],e4f2e4c9:[()=&gt;r.e("64049").then(r.t.bind(r,84315,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-auth-v-2-yaml-380.json",84315],e4f94384:[()=&gt;r.e("69739").then(r.t.bind(r,802939,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-segmentation-v-1-grpc-649.json",802939],e4fa5877:[()=&gt;r.e("7644").then(r.bind(r,777408)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/gateway_access_bindings.mdx",777408],e52950d5:[()=&gt;Promise.all([r.e("86212"),r.e("17008")]).then(r.bind(r,692464)),"@site/versioned_docs/version-1.8.x/quickstart/security.mdx",692464],e539d7c1:[()=&gt;r.e("83781").then(r.bind(r,744103)),"@site/versioned_docs/version-1.9.x/cheatsheet/sheets/kubectl.mdx",744103],e547a68e:[()=&gt;r.e("2020").then(r.bind(r,365241)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/core/v1alpha1/condition.mdx",365241],e54c2dfb:[()=&gt;r.e("78966").then(r.bind(r,918820)),"@site/versioned_docs/version-next/reference/rest-api/guide.mdx",918820],e556e4dd:[()=&gt;r.e("68035").then(r.bind(r,819068)),"@site/versioned_docs/version-1.11.x/setup/migrate-tctl-to-helm.mdx",819068],e5604097:[()=&gt;r.e("40761").then(r.bind(r,453477)),"@site/versioned_docs/version-1.8.x/operations/telemetry/telemetry-architecture.mdx",453477],e5640064:[()=&gt;r.e("36220").then(r.bind(r,588080)),"@site/versioned_docs/version-1.10.x/operations/telemetry/red-metrics.mdx",588080],e5742bb3:[()=&gt;r.e("24915").then(r.bind(r,566777)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding.mdx",566777],e57d8e9b:[()=&gt;r.e("46576").then(r.bind(r,850112)),"@site/versioned_docs/version-1.6.x/concepts/operators/management-plane.mdx",850112],e5808934:[()=&gt;Promise.all([r.e("86212"),r.e("89528")]).then(r.bind(r,291370)),"@site/versioned_docs/version-1.10.x/design-guides/ha-multicluster/cluster-failover.mdx",291370],e595e069:[()=&gt;r.e("21013").then(r.bind(r,931048)),"@site/versioned_docs/version-1.8.x/refs/tsb/types/v2/types.mdx",931048],e59a4bd9:[()=&gt;r.e("37337").then(r.bind(r,327777)),"@site/versioned_docs/version-1.10.x/concepts/observability.mdx",327777],e5a67fbe:[()=&gt;r.e("59674").then(r.t.bind(r,387059,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-registry-v-2-grpc-ca4.json",387059],e5b59ce4:[()=&gt;r.e("27322").then(r.bind(r,935177)),"@site/versioned_docs/version-1.9.x/howto/gateway/app-ingress.mdx",935177],e5e47001:[()=&gt;r.e("28781").then(r.bind(r,504266)),"@site/versioned_docs/version-1.12.x/howto/gateway/configure-oidc.mdx",504266],e5f3eff3:[()=&gt;r.e("96933").then(r.bind(r,708309)),"@site/versioned_docs/version-1.12.x/refs/tsb/segmentation/v1/service.mdx",708309],e6058e39:[()=&gt;r.e("802").then(r.t.bind(r,781721,19)),"/runner/_work/sites/sites/products/service-bridge/.docusaurus/docusaurus-plugin-redoc/1_10_x/redocApiLayoutV1-1_10_x.json",781721],e623b714:[()=&gt;r.e("4808").then(r.bind(r,342269)),"@site/versioned_docs/version-next/reference/cli/reference/audit.md",342269],e637f5a4:[()=&gt;r.e("37740").then(r.bind(r,422092)),"@site/versioned_docs/version-1.9.x/operations/users/admin-password.mdx",422092],e63fcb1b:[()=&gt;Promise.all([r.e("86212"),r.e("84386")]).then(r.bind(r,682018)),"@site/versioned_docs/version-1.7.x/concepts/operators/toc.mdx",682018],e6416c85:[()=&gt;r.e("39416").then(r.t.bind(r,324048,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-refs-tsb-application-v-2-grpc-2b0.json",324048],e6613500:[()=&gt;r.e("36292").then(r.bind(r,665930)),"@site/versioned_docs/version-1.10.x/operations/features/tls-origin-multi-cluster.mdx",665930],e67c7537:[()=&gt;Promise.all([r.e("86212"),r.e("4483")]).then(r.bind(r,267033)),"@site/versioned_docs/version-next/design-guides/ha-dr-mp/active-standby/manual-backup-restore.mdx",267033],e6921d71:[()=&gt;r.e("86283").then(r.bind(r,777342)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/gateway_common.mdx",777342],e6abb804:[()=&gt;r.e("64173").then(r.bind(r,371992)),"@site/versioned_docs/version-next/howto/rate-limiting/service-to-service.mdx",371992],e6bb88d8:[()=&gt;r.e("36180").then(r.bind(r,997935)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/install/v1alpha1/jwt_issuer.mdx",997935],e6bf80c9:[()=&gt;r.e("79587").then(r.bind(r,631764)),"@site/versioned_docs/version-next/howto/authorization/tls-verification.mdx",631764],e7003b7b:[()=&gt;r.e("1798").then(r.bind(r,214502)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",214502],e72731f7:[()=&gt;r.e("4078").then(r.bind(r,429963)),"@site/versioned_docs/version-1.12.x/operations/features/edge-dns-resolution.mdx",429963],e72e73fd:[()=&gt;r.e("94807").then(r.bind(r,639651)),"@site/versioned_docs/version-1.8.x/operations/features/istio-cni.mdx",639651],e7412e61:[()=&gt;r.e("70286").then(r.bind(r,72362)),"@site/versioned_docs/version-1.11.x/setup/helm/controlplane.mdx",72362],e746aac2:[()=&gt;r.e("83182").then(r.bind(r,883461)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/install.md",883461],e76c804f:[()=&gt;r.e("93964").then(r.bind(r,364952)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",364952],e7746bb9:[()=&gt;r.e("39153").then(r.bind(r,407591)),"@site/versioned_docs/version-1.11.x/operations/graceful-connection-drain.mdx",407591],e787f301:[()=&gt;r.e("87973").then(r.bind(r,734800)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",734800],e7b4ab81:[()=&gt;r.e("95360").then(r.t.bind(r,687853,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-tags-tsb-quickstart-68f.json",687853],e7cf9723:[()=&gt;r.e("41717").then(r.bind(r,377707)),"@site/versioned_docs/version-1.8.x/refs/tsb/v2/organization_setting.mdx",377707],e7e17959:[()=&gt;r.e("89184").then(r.bind(r,855017)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",855017],e7fcdf72:[()=&gt;r.e("56261").then(r.bind(r,631286)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/access_bindings.mdx",631286],e7fd9a22:[()=&gt;r.e("70960").then(r.bind(r,853313)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/version.md",853313],e8298bbd:[()=&gt;Promise.all([r.e("86212"),r.e("34670")]).then(r.bind(r,973216)),"@site/versioned_docs/version-1.10.x/design-guides/app-onboarding/high-availability.mdx",973216],e84166c3:[()=&gt;r.e("73318").then(r.bind(r,418739)),"@site/versioned_docs/version-next/refs/onboarding/config/types/registration/v1alpha1/hostinfo.mdx",418739],e85a88ff:[()=&gt;r.e("90875").then(r.bind(r,975490)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/collect.md",975490],e8699e98:[()=&gt;r.e("14175").then(r.bind(r,909159)),"@site/versioned_docs/version-1.9.x/setup/self-managed/uninstallation.mdx",909159],e871938d:[()=&gt;r.e("16946").then(r.bind(r,718341)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",718341],e88c53af:[()=&gt;r.e("65759").then(r.bind(r,607796)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/login.md",607796],e88c8b34:[()=&gt;r.e("24133").then(r.t.bind(r,964190,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-rbac-v-2-yaml-9f1.json",964190],e89221ef:[()=&gt;Promise.all([r.e("86212"),r.e("88940")]).then(r.bind(r,574526)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/toc.mdx",574526],e8a2c011:[()=&gt;r.e("21406").then(r.bind(r,307318)),"@site/versioned_docs/version-1.10.x/operations/lower-istio-resources.mdx",307318],e8a80c71:[()=&gt;r.e("88238").then(r.bind(r,734411)),"@site/versioned_docs/version-1.7.x/refs/tsb/observability/telemetry/v2/source_service.mdx",734411],e8d4c7f4:[()=&gt;r.e("28558").then(r.bind(r,68868)),"@site/versioned_docs/version-next/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin.mdx",68868],e8e2c174:[()=&gt;r.e("36203").then(r.bind(r,401036)),"@site/versioned_docs/version-1.9.x/refs/tsb/rbac/v2/api_access_bindings.mdx",401036],e8f34999:[()=&gt;r.e("34681").then(r.bind(r,888537)),"@site/versioned_docs/version-1.11.x/refs/tsb/v2/tenant_service.mdx",888537],e9008175:[()=&gt;r.e("36962").then(r.bind(r,682006)),"@site/versioned_docs/version-1.8.x/refs/tsb/extension/v2/wasm_extension.mdx",682006],e92c15fb:[()=&gt;r.e("79994").then(r.bind(r,206120)),"@site/versioned_docs/version-1.10.x/refs/iam/v2/oauth_service.mdx",206120],e92c9f6f:[()=&gt;r.e("9118").then(r.bind(r,248741)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/eastwest_gateway.mdx",248741],e940c821:[()=&gt;r.e("61026").then(r.bind(r,705546)),"@site/versioned_docs/version-1.9.x/operations/users/configuring-ldap.mdx",705546],e94ba5e6:[()=&gt;r.e("62436").then(r.t.bind(r,745414,19)),"@generated/docusaurus-plugin-redoc/1_10_x/__plugin.json",745414],e98e4d41:[()=&gt;r.e("22516").then(r.bind(r,698070)),"@site/versioned_docs/version-1.12.x/refs/install/kubernetes/k8s.mdx",698070],e98e5833:[()=&gt;r.e("70861").then(r.bind(r,56874)),"@site/versioned_docs/version-1.7.x/concepts/operators/data-plane.mdx",56874],e9954154:[()=&gt;r.e("89154").then(r.bind(r,424772)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",424772],e9972098:[()=&gt;r.e("26094").then(r.t.bind(r,131410,19)),"@generated/docusaurus-theme-search-typesense/default/__plugin.json",131410],e9a5a1a6:[()=&gt;r.e("58751").then(r.bind(r,670480)),"@site/versioned_docs/version-1.7.x/operations/lower-istio-resources.mdx",670480],e9cc4e20:[()=&gt;r.e("71227").then(r.bind(r,651266)),"@site/versioned_docs/version-1.6.x/setup/workload-onboarding/guides/troubleshooting.mdx",651266],ea347eb8:[()=&gt;r.e("9394").then(r.bind(r,652325)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/api_access_bindings.mdx",652325],ea3fbe1c:[()=&gt;r.e("14988").then(r.bind(r,727060)),"@site/versioned_docs/version-1.12.x/setup/certificate/automated-certificate-management.mdx",727060],ea4e69e0:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("17770")]).then(r.bind(r,128944)),"@site/versioned_docs/version-1.8.x/quickstart/observability.mdx",128944],ea51ecbf:[()=&gt;r.e("43917").then(r.bind(r,847177)),"@site/versioned_docs/version-1.8.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",847177],ea5d1a8d:[()=&gt;r.e("33634").then(r.t.bind(r,244463,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-operations-vault-2e0.json",244463],ea5d3f20:[()=&gt;r.e("63161").then(r.bind(r,38883)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/istio_security_direct.mdx",38883],ea6701e3:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("56275")]).then(r.bind(r,817258)),"@site/versioned_docs/version-1.9.x/howto/traffic/canary-releases.mdx",817258],ea7421e0:[()=&gt;r.e("8743").then(r.bind(r,195575)),"@site/versioned_docs/version-1.9.x/concepts/architecture.mdx",195575],eab393b8:[()=&gt;r.e("53799").then(r.t.bind(r,515465,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-cli-guide-toc-974.json",515465],eac22da9:[()=&gt;r.e("65987").then(r.bind(r,179488)),"@site/versioned_docs/version-1.10.x/concepts/architecture.mdx",179488],eae659c4:[()=&gt;r.e("39390").then(r.bind(r,403093)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/guides/troubleshooting.mdx",403093],eb128830:[()=&gt;r.e("85831").then(r.bind(r,273312)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api.md",273312],eb2a5488:[()=&gt;r.e("27506").then(r.bind(r,387752)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/workload-entry-annotations.md",387752],eb476177:[()=&gt;r.e("86914").then(r.bind(r,63103)),"@site/versioned_docs/version-1.11.x/setup/helm/upgrade.mdx",63103],eb4f879e:[()=&gt;r.e("33699").then(r.t.bind(r,643283,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-istiointernal-v-2-grpc-234.json",643283],eb6b9c04:[()=&gt;r.e("65616").then(r.bind(r,465801)),"@site/versioned_docs/version-1.12.x/refs/tsb/gateway/v2/gateway_group.mdx",465801],eb8000e8:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("33717")]).then(r.bind(r,297286)),"@site/versioned_docs/version-1.9.x/howto/traffic/load-balance.mdx",297286],eb865ee9:[()=&gt;r.e("72675").then(r.bind(r,36326)),"@site/versioned_docs/version-1.6.x/howto/authorization/tls-verification.mdx",36326],eb88e070:[()=&gt;r.e("76205").then(r.bind(r,762136)),"@site/versioned_docs/version-next/refs/install/managementplane/v1alpha1/spec.mdx",762136],eb8c9d3e:[()=&gt;r.e("4545").then(r.t.bind(r,902585,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-traffic-v-2-yaml-9ce.json",902585],eba0b438:[()=&gt;r.e("95599").then(r.bind(r,773028)),"@site/versioned_docs/version-next/setup/resource-planning.mdx",773028],ebc17769:[()=&gt;r.e("77564").then(r.bind(r,638487)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/binding.mdx",638487],ebca8eb3:[()=&gt;r.e("26108").then(r.bind(r,793867)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/cluster.mdx",793867],ec04f059:[()=&gt;r.e("61506").then(r.bind(r,494136)),"@site/versioned_docs/version-1.6.x/refs/tsb/security/v2/waf_settings.mdx",494136],ec1de864:[()=&gt;r.e("18668").then(r.bind(r,886884)),"@site/versioned_docs/version-1.6.x/quickstart/config-groups.mdx",886884],ec24a493:[()=&gt;r.e("25036").then(r.bind(r,642635)),"@site/versioned_docs/version-1.9.x/refs/tsb/registry/v2/registration_service.mdx",642635],ec7164ea:[()=&gt;r.e("34112").then(r.bind(r,408919)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",408919],ec96806b:[()=&gt;r.e("33106").then(r.bind(r,49982)),"@site/versioned_docs/version-1.8.x/refs/install/kubernetes/k8s.mdx",49982],eca906d6:[()=&gt;r.e("73422").then(r.bind(r,175358)),"@site/versioned_docs/version-1.10.x/refs/tsb/profile/v2/profile.mdx",175358],ecb116c0:[()=&gt;r.e("57295").then(r.bind(r,209849)),"@site/versioned_docs/version-1.12.x/refs/tsb/observability/telemetry/v2/source_service.mdx",209849],ecb2b90b:[()=&gt;r.e("57691").then(r.t.bind(r,684617,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-segmentation-v-1-grpc-a2e.json",684617],ecb9bcf1:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("58255")]).then(r.bind(r,24781)),"@site/versioned_docs/version-1.9.x/design-guides/ha-dr-mp/index.mdx",24781],ecba6219:[()=&gt;r.e("75984").then(r.bind(r,145975)),"@site/versioned_docs/version-1.12.x/troubleshooting/Maximum-header-size-exceed.mdx",145975],ecbd51dc:[()=&gt;r.e("95503").then(r.bind(r,784957)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding.mdx",784957],ecc94156:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("5322")]).then(r.bind(r,780983)),"@site/versioned_docs/version-next/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",780983],ecd258e4:[()=&gt;r.e("9633").then(r.t.bind(r,45975,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-operations-675.json",45975],eceab9aa:[()=&gt;r.e("2562").then(r.t.bind(r,898025,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-yaml-api-reference-c62.json",898025],ecf302fe:[()=&gt;Promise.all([r.e("86212"),r.e("41424")]).then(r.bind(r,721329)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",721329],ecf599fc:[()=&gt;r.e("57706").then(r.t.bind(r,446460,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-refs-tsb-rbac-v-2-grpc-543.json",446460],ed0396aa:[()=&gt;r.e("65685").then(r.bind(r,406208)),"@site/versioned_docs/version-1.6.x/refs/tsb/istiointernal/v2/istio_internal_group.mdx",406208],ed0ba047:[()=&gt;r.e("36196").then(r.bind(r,823895)),"@site/versioned_docs/version-next/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration.mdx",823895],ed2b8677:[()=&gt;r.e("46768").then(r.t.bind(r,974112,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-gateway-v-2-grpc-c2f.json",974112],ed2ff2eb:[()=&gt;r.e("22341").then(r.t.bind(r,629696,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-tags-e6b.json",629696],ed51cea0:[()=&gt;r.e("34548").then(r.bind(r,88370)),"@site/versioned_docs/version-1.12.x/refs/tsb/rbac/v2/application_access_bindings.mdx",88370],ed5fe0a6:[()=&gt;Promise.all([r.e("86212"),r.e("22188")]).then(r.bind(r,969863)),"@site/versioned_docs/version-1.11.x/release-notes-announcements/announcement.mdx",969863],ed75cfe4:[()=&gt;r.e("97783").then(r.bind(r,25325)),"@site/versioned_docs/version-1.8.x/operations/configure-log-levels.mdx",25325],ed7fc3eb:[()=&gt;r.e("616").then(r.bind(r,920776)),"@site/versioned_docs/version-1.6.x/setup/aws/vpc.mdx",920776],eda07900:[()=&gt;r.e("7816").then(r.bind(r,419860)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/cluster_service.mdx",419860],eda6a434:[()=&gt;r.e("84207").then(r.bind(r,491802)),"@site/versioned_docs/version-1.12.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct.mdx",491802],edae6e3d:[()=&gt;r.e("90394").then(r.bind(r,911300)),"@site/versioned_docs/version-1.11.x/howto/gitops/flux.mdx",911300],edb1f069:[()=&gt;r.e("29732").then(r.t.bind(r,961854,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-workload-onboarding-a30.json",961854],edc2c22f:[()=&gt;r.e("15938").then(r.t.bind(r,710587,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-registry-v-2-yaml-ab9.json",710587],eddd50b5:[()=&gt;r.e("7634").then(r.bind(r,114637)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/authorization/v1alpha1/policy.mdx",114637],ede0c591:[()=&gt;r.e("59401").then(r.bind(r,700795)),"@site/versioned_docs/version-1.11.x/operations/features/configure-gitops.mdx",700795],ede2a415:[()=&gt;r.e("80662").then(r.bind(r,632595)),"@site/versioned_docs/version-1.9.x/refs/tsb/traffic/v2/service_route.mdx",632595],eded0ab9:[()=&gt;r.e("75896").then(r.bind(r,515246)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",515246],ee2d18ae:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("6748")]).then(r.bind(r,786158)),"@site/versioned_docs/version-1.12.x/quickstart/observability.mdx",786158],ee46118b:[()=&gt;Promise.all([r.e("86212"),r.e("6345")]).then(r.bind(r,120162)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/before-you-begin.mdx",120162],ee60ab41:[()=&gt;r.e("71719").then(r.bind(r,679272)),"@site/versioned_docs/version-1.11.x/setup/workload-onboarding/guides/managing.mdx",679272],ee6c7a6d:[()=&gt;r.e("96568").then(r.bind(r,198319)),"@site/versioned_docs/version-1.9.x/setup/self-managed/upgrade.mdx",198319],eeab1c5f:[()=&gt;r.e("89196").then(r.bind(r,952852)),"@site/versioned_docs/version-1.10.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",952852],eead7173:[()=&gt;r.e("98336").then(r.bind(r,265786)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io.md",265786],eeb506ad:[()=&gt;r.e("27710").then(r.bind(r,400145)),"@site/versioned_docs/version-1.8.x/howto/traffic/migrating-VM-monoliths.mdx",400145],eeb8a282:[()=&gt;r.e("40646").then(r.bind(r,93474)),"@site/versioned_docs/version-1.11.x/operations/features/tier1-in-app-cluster.mdx",93474],eec334dd:[()=&gt;r.e("39993").then(r.t.bind(r,521447,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-cc5.json",521447],eec9cbf5:[()=&gt;r.e("63530").then(r.bind(r,212761)),"@site/versioned_docs/version-next/reference/grpc-api/guide.mdx",212761],eeccbb81:[()=&gt;r.e("28161").then(r.bind(r,219169)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/collect.md",219169],eedb33f2:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("76518")]).then(r.bind(r,166555)),"@site/versioned_docs/version-1.11.x/howto/gateway/distributed-ingress.mdx",166555],ef12ef65:[()=&gt;r.e("88506").then(r.bind(r,976721)),"@site/versioned_docs/version-1.9.x/operations/vault/postgresql.mdx",976721],ef3be61a:[()=&gt;r.e("36132").then(r.bind(r,34226)),"@site/versioned_docs/version-1.9.x/refs/tsb/gateway/v2/gateway_group.mdx",34226],ef4c054c:[()=&gt;r.e("53881").then(r.bind(r,398211)),"@site/versioned_docs/version-1.10.x/concepts/traffic-management.mdx",398211],ef4f90d5:[()=&gt;r.e("82320").then(r.bind(r,842512)),"@site/versioned_docs/version-1.8.x/setup/certificate/certificate-setup.mdx",842512],ef973734:[()=&gt;r.e("71294").then(r.bind(r,364897)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/experimental.md",364897],efa84aa8:[()=&gt;Promise.all([r.e("86212"),r.e("31211")]).then(r.bind(r,970611)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/aws-ecs/toc.mdx",970611],efaa337c:[()=&gt;r.e("520").then(r.bind(r,999836)),"@site/versioned_docs/version-1.9.x/howto/wasm/wasm-overview.mdx",999836],efab6c4d:[()=&gt;r.e("19815").then(r.t.bind(r,193779,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-yaml-api-reference-6c8.json",193779],efb78c91:[()=&gt;Promise.all([r.e("86212"),r.e("27575")]).then(r.bind(r,405391)),"@site/versioned_docs/version-1.10.x/setup/upgrades/gateway-upgrade.mdx",405391],efb79c89:[()=&gt;r.e("95646").then(r.bind(r,535643)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/access_bindings.mdx",535643],efd8af76:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("13574")]).then(r.bind(r,548975)),"@site/versioned_docs/version-1.11.x/howto/gateway/multi-cluster-traffic-shifting.mdx",548975],efe044f9:[()=&gt;r.e("27397").then(r.bind(r,446470)),"@site/versioned_docs/version-1.11.x/operations/features/configure-cluster-external-addresses.mdx",446470],effa75ef:[()=&gt;r.e("21606").then(r.bind(r,113514)),"@site/versioned_docs/version-1.12.x/refs/onboarding/config/types/identity/v1alpha1/identity.mdx",113514],f000027a:[()=&gt;r.e("20034").then(r.bind(r,885176)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/gateway.mdx",885176],f01941da:[()=&gt;r.e("57147").then(r.bind(r,395925)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/security_group.mdx",395925],f03d0c00:[()=&gt;r.e("10571").then(r.bind(r,14034)),"@site/versioned_docs/version-1.12.x/reference/samples/sleep-service.mdx",14034],f0705c51:[()=&gt;r.e("70908").then(r.bind(r,960380)),"@site/versioned_docs/version-1.12.x/concepts/operators/control-plane.mdx",960380],f077c483:[()=&gt;r.e("29279").then(r.bind(r,179426)),"@site/versioned_docs/version-1.12.x/cheatsheet/sheets/security-management.mdx",179426],f078dc25:[()=&gt;Promise.all([r.e("86212"),r.e("53270")]).then(r.bind(r,534694)),"@site/versioned_docs/version-1.11.x/setup/upgrades/cni-upgrade.mdx",534694],f0880c2a:[()=&gt;r.e("21056").then(r.bind(r,809074)),"@site/versioned_docs/version-1.9.x/setup/tctl-connect.mdx",809074],f0ad3fbb:[()=&gt;Promise.all([r.e("86212"),r.e("22978"),r.e("26947")]).then(r.bind(r,279655)),"@theme/ApiDoc",279655],f0bbd7f7:[()=&gt;r.e("64097").then(r.bind(r,296662)),"@site/versioned_docs/version-next/refs/tsb/traffic/v2/service_traffic_setting.mdx",296662],f0bfee23:[()=&gt;r.e("91472").then(r.bind(r,196745)),"@site/versioned_docs/version-1.9.x/refs/tsb/istiointernal/v2/istiointernal_service.mdx",196745],f0dc8d96:[()=&gt;Promise.all([r.e("86212"),r.e("66058")]).then(r.bind(r,694154)),"@site/versioned_docs/version-1.10.x/release-notes-announcements/toc.mdx",694154],f0dd2fa0:[()=&gt;r.e("98519").then(r.t.bind(r,375315,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-workload-onboarding-ce0.json",375315],f0eb8188:[()=&gt;Promise.all([r.e("86212"),r.e("52389")]).then(r.bind(r,165049)),"@site/versioned_docs/version-1.9.x/quickstart/security.mdx",165049],f1065438:[()=&gt;r.e("90811").then(r.bind(r,511827)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/install/v1alpha1/workload_configuration.mdx",511827],f1158d4b:[()=&gt;r.e("79165").then(r.bind(r,942969)),"@site/versioned_docs/version-next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting.md",942969],f119fa9f:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("34255")]).then(r.bind(r,141231)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/index.mdx",141231],f13a4efe:[()=&gt;r.e("62981").then(r.t.bind(r,320434,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-dashboard-v-1-grpc-666.json",320434],f13e78b1:[()=&gt;r.e("24007").then(r.bind(r,685211)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/organization_service.mdx",685211],f14df8af:[()=&gt;r.e("77689").then(r.bind(r,529230)),"@site/versioned_docs/version-1.12.x/refs/tsb/security/v2/security_setting.mdx",529230],f151aeba:[()=&gt;r.e("52216").then(r.bind(r,606479)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/demo-2.mdx",606479],f1788f2e:[()=&gt;r.e("36888").then(r.bind(r,569416)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/install.md",569416],f190d3af:[()=&gt;r.e("61450").then(r.bind(r,329490)),"@site/versioned_docs/version-next/refs/install/managementplane/v1alpha1/status.mdx",329490],f19157f8:[()=&gt;r.e("66431").then(r.bind(r,781251)),"@site/versioned_docs/version-1.9.x/operations/features/internal-wasm-extensions.mdx",781251],f19e1855:[()=&gt;r.e("28114").then(r.bind(r,579804)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",579804],f1be3f25:[()=&gt;r.e("56443").then(r.bind(r,682779)),"@site/versioned_docs/version-1.6.x/operations/features/istio-cni.mdx",682779],f1d78f65:[()=&gt;r.e("62790").then(r.bind(r,696797)),"@site/versioned_docs/version-1.9.x/troubleshooting/gateway-troubleshooting.mdx",696797],f1e979f3:[()=&gt;r.e("30658").then(r.bind(r,556135)),"@site/versioned_docs/version-1.8.x/troubleshooting/tsb-ui-metrics.mdx",556135],f1f3d2f2:[()=&gt;r.e("1816").then(r.bind(r,8605)),"@site/versioned_docs/version-next/operations/graceful-connection-drain.mdx",8605],f206def0:[()=&gt;r.e("9848").then(r.bind(r,407376)),"@site/versioned_docs/version-1.10.x/operations/vault/istiod-ca.mdx",407376],f20ab8a3:[()=&gt;r.e("23803").then(r.bind(r,324471)),"@site/versioned_docs/version-1.12.x/refs/tsb/traffic/v2/traffic_group.mdx",324471],f212d18c:[()=&gt;r.e("88604").then(r.bind(r,312475)),"@site/versioned_docs/version-1.6.x/refs/iam/v2/oidc_service.mdx",312475],f2144d63:[()=&gt;r.e("4781").then(r.bind(r,648103)),"@site/versioned_docs/version-next/refs/tsb/segmentation/v1/membership.mdx",648103],f22997f8:[()=&gt;r.e("73829").then(r.bind(r,653726)),"@site/versioned_docs/version-1.6.x/operations/features/eastwest-routing.mdx",653726],f2338e6f:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("98066")]).then(r.bind(r,707643)),"@site/versioned_docs/version-1.11.x/howto/traffic/load-balance.mdx",707643],f27c8dea:[()=&gt;Promise.all([r.e("86212"),r.e("66244")]).then(r.bind(r,447026)),"@site/versioned_docs/version-1.8.x/howto/rate-limiting/toc.mdx",447026],f2923ade:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("24792")]).then(r.bind(r,939104)),"@site/versioned_docs/version-1.12.x/design-guides/app-onboarding/index.mdx",939104],f29400e3:[()=&gt;r.e("842").then(r.bind(r,363564)),"@site/versioned_docs/version-1.7.x/setup/remote-registry.mdx",363564],f2a6ac66:[()=&gt;r.e("18341").then(r.bind(r,773387)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/security_setting.mdx",773387],f2ac3efc:[()=&gt;r.e("6120").then(r.bind(r,793707)),"@site/versioned_docs/version-1.7.x/troubleshooting/debug-container.mdx",793707],f2c546e8:[()=&gt;r.e("15729").then(r.bind(r,777290)),"@site/versioned_docs/version-1.11.x/howto/network-policies.mdx",777290],f2ffa285:[()=&gt;Promise.all([r.e("86212"),r.e("86457")]).then(r.bind(r,587892)),"@site/versioned_docs/version-1.7.x/howto/gateway/configure-and-route-nonhttp-traffic.mdx",587892],f2ffe01b:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("78165")]).then(r.bind(r,597649)),"@site/versioned_docs/version-1.12.x/quickstart/ingress-gateway.mdx",597649],f30468fa:[()=&gt;r.e("84857").then(r.bind(r,899340)),"@site/versioned_docs/version-1.7.x/refs/tsb/registry/v2/registration_service.mdx",899340],f306e76e:[()=&gt;r.e("9063").then(r.bind(r,570727)),"@site/versioned_docs/version-1.10.x/quickstart/config-groups.mdx",570727],f323dc46:[()=&gt;r.e("93756").then(r.bind(r,840279)),"@site/versioned_docs/version-1.11.x/refs/install/common/common_config.mdx",840279],f3375f89:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("43216")]).then(r.bind(r,361879)),"@site/versioned_docs/version-1.10.x/howto/gateway/subset-based-routing-using-igw-and-service-route.mdx",361879],f33cebfe:[()=&gt;r.e("9749").then(r.bind(r,219824)),"@site/versioned_docs/version-1.7.x/cheatsheet/sheets/gateways-management.mdx",219824],f348f219:[()=&gt;r.e("41197").then(r.bind(r,200089)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/guides/on-premise-workloads.mdx",200089],f356263f:[()=&gt;r.e("23211").then(r.t.bind(r,637852,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-reference-k-8-s-api-tsb-crds-gen-tsb-tetrate-io-v-2-739.json",637852],f37cde8f:[()=&gt;r.e("5359").then(r.bind(r,465799)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/team.mdx",465799],f38c4342:[()=&gt;r.e("26350").then(r.bind(r,74553)),"@site/versioned_docs/version-1.7.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",74553],f3a7ee63:[()=&gt;Promise.all([r.e("86212"),r.e("92607")]).then(r.bind(r,344283)),"@site/versioned_docs/version-1.12.x/setup/self-managed/onboarding-clusters.mdx",344283],f3b46062:[()=&gt;r.e("53803").then(r.bind(r,49081)),"@site/versioned_docs/version-1.6.x/operations/features/streaming-log.mdx",49081],f3bbc562:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("66391")]).then(r.bind(r,969260)),"@site/versioned_docs/version-1.12.x/howto/gateway/multi-cluster-traffic-shifting.mdx",969260],f3d0482e:[()=&gt;r.e("2543").then(r.bind(r,563842)),"@site/versioned_docs/version-1.7.x/refs/tsb/rbac/v2/role.mdx",563842],f3d3ce01:[()=&gt;r.e("96820").then(r.bind(r,195812)),"@site/versioned_docs/version-1.12.x/howto/security-domains.mdx",195812],f3d3da2e:[()=&gt;r.e("77462").then(r.bind(r,314763)),"@site/versioned_docs/version-1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts.mdx",314763],f3da22a0:[()=&gt;r.e("53726").then(r.bind(r,210505)),"@site/versioned_docs/version-1.12.x/refs/tsb/application/v2/application.mdx",210505],f3de62b0:[()=&gt;r.e("80711").then(r.bind(r,413637)),"@site/versioned_docs/version-1.7.x/refs/tsb/gateway/v2/gateway_group.mdx",413637],f3e1b1de:[()=&gt;r.e("53366").then(r.bind(r,319077)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm.mdx",319077],f3e4ca51:[()=&gt;r.e("34977").then(r.t.bind(r,904875,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-reference-cli-guide-toc-336.json",904875],f3e5e3d7:[()=&gt;r.e("82132").then(r.bind(r,975462)),"@site/versioned_docs/version-1.8.x/refs/tsb/extension/v2/wasm_service.mdx",975462],f40b83d6:[()=&gt;r.e("884").then(r.bind(r,13953)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/guides/ecs-workloads.mdx",13953],f40be84b:[()=&gt;r.e("46861").then(r.bind(r,278187)),"@site/versioned_docs/version-1.8.x/operations/features/enable-config-protection.mdx",278187],f414a007:[()=&gt;r.e("39").then(r.bind(r,721695)),"@site/versioned_docs/version-1.12.x/refs/tsb/observability/telemetry/v2/metric.mdx",721695],f416a895:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("92950")]).then(r.bind(r,355088)),"@site/versioned_docs/version-1.7.x/howto/rate-limiting/tls-validation.mdx",355088],f422510f:[()=&gt;r.e("94819").then(r.bind(r,980660)),"@site/versioned_docs/version-1.9.x/troubleshooting/Multiple-Transfer-encoding-chunked.mdx",980660],f4266b3b:[()=&gt;r.e("39995").then(r.bind(r,344678)),"@site/versioned_docs/version-1.11.x/setup/tctl-connect.mdx",344678],f444af6b:[()=&gt;Promise.all([r.e("86212"),r.e("57299")]).then(r.bind(r,902101)),"@site/versioned_docs/version-1.10.x/setup/helm/toc.mdx",902101],f459abf0:[()=&gt;r.e("34450").then(r.bind(r,702710)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/get.md",702710],f46f8920:[()=&gt;r.e("41863").then(r.bind(r,190847)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/ingress_gateway.mdx",190847],f4736e7c:[()=&gt;r.e("75910").then(r.t.bind(r,63330,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-setup-aws-659.json",63330],f4744169:[()=&gt;r.e("63901").then(r.bind(r,783614)),"@site/versioned_docs/version-1.12.x/setup/isolation-boundaries.mdx",783614],f47e8ecb:[()=&gt;r.e("96100").then(r.bind(r,10019)),"@site/versioned_docs/version-1.6.x/setup/self-managed/uninstallation.mdx",10019],f4805fdb:[()=&gt;r.e("44833").then(r.bind(r,522902)),"@site/versioned_docs/version-1.7.x/howto/traffic/configure-multi-port-service-route.mdx",522902],f4ce647b:[()=&gt;r.e("92738").then(r.bind(r,101528)),"@site/versioned_docs/version-1.9.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io.md",101528],f4def980:[()=&gt;r.e("6544").then(r.bind(r,274229)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding.mdx",274229],f4f8bd1d:[()=&gt;r.e("73279").then(r.t.bind(r,201330,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-audit-v-1-grpc-9ed.json",201330],f50a4ff1:[()=&gt;r.e("14229").then(r.bind(r,545288)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io.md",545288],f50ef1b1:[()=&gt;r.e("55628").then(r.bind(r,963393)),"@site/versioned_docs/version-1.7.x/refs/tsb/q/v2/approvals_service.mdx",963393],f544d0b1:[()=&gt;r.e("45441").then(r.t.bind(r,753044,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-v-2-grpc-fbc.json",753044],f54fc819:[()=&gt;r.e("94886").then(r.bind(r,425377)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/organization_access_bindings.mdx",425377],f5518976:[()=&gt;Promise.all([r.e("86212"),r.e("69866")]).then(r.bind(r,837754)),"@site/versioned_docs/version-1.9.x/setup/helm/toc.mdx",837754],f5662a8a:[()=&gt;r.e("54079").then(r.bind(r,786112)),"@site/versioned_docs/version-1.10.x/operations/telemetry/alerting-guidelines.mdx",786112],f5716509:[()=&gt;r.e("58495").then(r.bind(r,966625)),"@site/versioned_docs/version-1.8.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm.mdx",966625],f57c0f70:[()=&gt;r.e("91621").then(r.bind(r,933508)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/guides/troubleshooting.mdx",933508],f57e024f:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("61365")]).then(r.bind(r,352805)),"@site/versioned_docs/version-1.12.x/howto/gateway/distributed-ingress.mdx",352805],f58604cb:[()=&gt;r.e("12074").then(r.bind(r,680896)),"@site/versioned_docs/version-1.11.x/refs/tsb/security/v2/security_setting.mdx",680896],f5980880:[()=&gt;r.e("68480").then(r.bind(r,298707)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token.mdx",298707],f5a9618b:[()=&gt;Promise.all([r.e("86212"),r.e("55935")]).then(r.bind(r,341672)),"@site/versioned_docs/version-next/setup/requirements-and-download.mdx",341672],f5aa75be:[()=&gt;r.e("51919").then(r.t.bind(r,426717,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-operators-041.json",426717],f5be9ba6:[()=&gt;r.e("84067").then(r.bind(r,487974)),"@site/versioned_docs/version-1.8.x/howto/gateway/unified-gateway.mdx",487974],f5c6a2a9:[()=&gt;r.e("44156").then(r.bind(r,190509)),"@site/versioned_docs/version-1.7.x/operations/features/enable-config-protection.mdx",190509],f5cb2c1e:[()=&gt;r.e("21490").then(r.bind(r,115777)),"@site/versioned_docs/version-1.7.x/quickstart/introduction.mdx",115777],f5d97320:[()=&gt;r.e("95854").then(r.bind(r,969010)),"@site/versioned_docs/version-1.7.x/wokingwithsupport/workingWithTetrateSupport.mdx",969010],f5de16fe:[()=&gt;r.e("68377").then(r.bind(r,186118)),"@site/versioned_docs/version-1.10.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io.md",186118],f5fccd25:[()=&gt;r.e("75110").then(r.t.bind(r,9645,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-knowledge-base-281.json",9645],f5ff4a5b:[()=&gt;Promise.all([r.e("86212"),r.e("39702")]).then(r.bind(r,647421)),"@site/versioned_docs/version-1.7.x/design-guides/ha-multicluster/cluster-failover.mdx",647421],f62860a6:[()=&gt;r.e("28313").then(r.bind(r,423642)),"@site/versioned_docs/version-next/refs/tsb/v2/cluster_service.mdx",423642],f633398e:[()=&gt;r.e("59588").then(r.bind(r,309011)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service.mdx",309011],f6354a6c:[()=&gt;r.e("92565").then(r.bind(r,543351)),"@site/versioned_docs/version-1.8.x/setup/helm/upgrade.mdx",543351],f64afaae:[()=&gt;r.e("75554").then(r.bind(r,545612)),"@site/versioned_docs/version-1.9.x/setup/helm/dataplane.mdx",545612],f656b44f:[()=&gt;r.e("64442").then(r.bind(r,391970)),"@site/versioned_docs/version-1.12.x/howto/rate-limiting/internal-rate-limiting.mdx",391970],f66ce14b:[()=&gt;r.e("33566").then(r.bind(r,317728)),"@site/versioned_docs/version-1.11.x/release-notes-announcements/feature-status.mdx",317728],f67ded98:[()=&gt;Promise.all([r.e("86212"),r.e("67106")]).then(r.bind(r,159993)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/security.mdx",159993],f69da338:[()=&gt;r.e("86978").then(r.bind(r,867020)),"@site/versioned_docs/version-1.10.x/refs/tsb/observability/telemetry/v2/metric.mdx",867020],f6d7e255:[()=&gt;r.e("53925").then(r.bind(r,109413)),"@site/versioned_docs/version-1.9.x/concepts/security.mdx",109413],f6e976c6:[()=&gt;r.e("89215").then(r.bind(r,835403)),"@site/versioned_docs/version-1.10.x/operations/features/edge-dns-resolution.mdx",835403],f6f36037:[()=&gt;r.e("63320").then(r.bind(r,783310)),"@site/versioned_docs/version-1.6.x/operations/lower-istio-resources.mdx",783310],f6f40d6b:[()=&gt;r.e("80072").then(r.bind(r,657817)),"@site/versioned_docs/version-1.12.x/refs/tsb/v2/cluster_service.mdx",657817],f6fc730c:[()=&gt;Promise.all([r.e("86212"),r.e("76516"),r.e("11658")]).then(r.bind(r,758306)),"@site/versioned_docs/version-1.10.x/quickstart/traffic-shifting.mdx",758306],f727d782:[()=&gt;r.e("28157").then(r.bind(r,511640)),"@site/versioned_docs/version-1.8.x/operations/elasticsearch/wipe-elastic.mdx",511640],f72ecdf4:[()=&gt;r.e("18301").then(r.bind(r,638349)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster.md",638349],f758702c:[()=&gt;r.e("24256").then(r.bind(r,947586)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/runtime/v1alpha1/registration.mdx",947586],f7594017:[()=&gt;r.e("42939").then(r.bind(r,754708)),"@site/versioned_docs/version-1.10.x/operations/features/configure-cluster-external-addresses.mdx",754708],f7685f93:[()=&gt;r.e("43053").then(r.bind(r,952033)),"@site/versioned_docs/version-1.10.x/cheatsheet/sheets/traffic-management.mdx",952033],f77c9e02:[()=&gt;r.e("33272").then(r.bind(r,307793)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",307793],f77d67d0:[()=&gt;r.e("30447").then(r.bind(r,923355)),"@site/versioned_docs/version-1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm.mdx",923355],f795f0ca:[()=&gt;r.e("43812").then(r.bind(r,186384)),"@site/versioned_docs/version-1.11.x/reference/cli/reference/login.md",186384],f7965eba:[()=&gt;r.e("69006").then(r.bind(r,70020)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",70020],f7a5a240:[()=&gt;Promise.all([r.e("86212"),r.e("77597")]).then(r.bind(r,181734)),"@site/versioned_docs/version-next/howto/gateway/https-with-proxy-protocol.mdx",181734],f7be97b1:[()=&gt;Promise.all([r.e("86212"),r.e("89759")]).then(r.bind(r,619743)),"@site/versioned_docs/version-1.7.x/quickstart/deploy-sample-app.mdx",619743],f7e196a3:[()=&gt;r.e("43680").then(r.bind(r,339302)),"@site/versioned_docs/version-next/reference/cli/reference/get.md",339302],f7f3c6a4:[()=&gt;r.e("43042").then(r.bind(r,429292)),"@site/versioned_docs/version-1.10.x/refs/tsb/gateway/v2/gateway.mdx",429292],f7f9229c:[()=&gt;r.e("82146").then(r.bind(r,184266)),"@site/versioned_docs/version-next/howto/gateway/unified-gateway.mdx",184266],f7fa029d:[()=&gt;r.e("18357").then(r.bind(r,899619)),"@site/versioned_docs/version-1.12.x/howto/gateway/multi-cluster-traffic-failover-priority.mdx",899619],f814a037:[()=&gt;r.e("8634").then(r.bind(r,769069)),"@site/versioned_docs/version-1.7.x/refs/tsb/v2/tenant_setting.mdx",769069],f81a4009:[()=&gt;r.e("71038").then(r.bind(r,853657)),"@site/versioned_docs/version-1.10.x/refs/install/dataplane/v1alpha1/spec.mdx",853657],f8305ddb:[()=&gt;r.e("63589").then(r.bind(r,600409)),"@site/versioned_docs/version-1.11.x/refs/tsb/gateway/v2/egress_gateway.mdx",600409],f830a281:[()=&gt;r.e("72627").then(r.bind(r,134247)),"@site/versioned_docs/version-1.6.x/reference/cli/reference/tctl.md",134247],f849ca0a:[()=&gt;r.e("63400").then(r.bind(r,64968)),"@site/versioned_docs/version-1.10.x/operations/features/istio-cni.mdx",64968],f84e30fb:[()=&gt;r.e("13854").then(r.bind(r,766388)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/istio_security_direct.mdx",766388],f85d68d8:[()=&gt;r.e("96848").then(r.t.bind(r,632607,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-setup-workload-onboarding-quickstart-c73.json",632607],f85e031e:[()=&gt;r.e("36951").then(r.bind(r,767962)),"@site/versioned_docs/version-next/setup/isolation-boundaries-installation.mdx",767962],f89914bd:[()=&gt;Promise.all([r.e("86212"),r.e("83930")]).then(r.bind(r,750012)),"@site/versioned_docs/version-1.12.x/design-guides/ha-dr-mp/active-standby/automated-synchronization.mdx",750012],f8ae3932:[()=&gt;r.e("71597").then(r.bind(r,669279)),"@site/versioned_docs/version-1.8.x/refs/tsb/rbac/v2/binding.mdx",669279],f8c1fed8:[()=&gt;r.e("89111").then(r.bind(r,221752)),"@site/versioned_docs/version-1.12.x/concepts/tsb-and-istio.mdx",221752],f8cb6a2a:[()=&gt;Promise.all([r.e("86212"),r.e("3756")]).then(r.bind(r,410548)),"@site/versioned_docs/version-1.11.x/howto/gateway/https-with-proxy-protocol.mdx",410548],f8d6b418:[()=&gt;r.e("65203").then(r.bind(r,446496)),"@site/versioned_docs/version-1.9.x/reference/cli/reference/edit.md",446496],f8d9cbf1:[()=&gt;r.e("10193").then(r.t.bind(r,960185,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-registry-v-2-yaml-216.json",960185],f8f89595:[()=&gt;r.e("17294").then(r.t.bind(r,265439,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-reference-grpc-api-reference-235.json",265439],f9172bd1:[()=&gt;r.e("84139").then(r.bind(r,598398)),"@site/versioned_docs/version-1.10.x/refs/tsb/security/v2/security_setting.mdx",598398],f91c2529:[()=&gt;r.e("60204").then(r.bind(r,247638)),"@site/versioned_docs/version-1.7.x/reference/cli/reference/apply.md",247638],f9292639:[()=&gt;r.e("15237").then(r.bind(r,684197)),"@site/versioned_docs/version-1.8.x/operations/features/gateway-deletion-webhook.mdx",684197],f93556f1:[()=&gt;r.e("54197").then(r.t.bind(r,912753,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-operations-1be.json",912753],f9355839:[()=&gt;Promise.all([r.e("86212"),r.e("31722")]).then(r.bind(r,778409)),"@site/versioned_docs/version-1.12.x/quickstart/security.mdx",778409],f9466dff:[()=&gt;r.e("50141").then(r.bind(r,319162)),"@site/versioned_docs/version-1.6.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name.mdx",319162],f96a815f:[()=&gt;r.e("42689").then(r.bind(r,177811)),"@site/versioned_docs/version-1.7.x/refs/istio.io/api/operator/v1alpha1/operator.mdx",177811],f97af5d7:[()=&gt;r.e("53795").then(r.bind(r,890897)),"@site/versioned_docs/version-1.8.x/refs/tsb/gateway/v2/egress_gateway.mdx",890897],f97dacd5:[()=&gt;r.e("19994").then(r.bind(r,664831)),"@site/versioned_docs/version-1.9.x/operations/migrate-organization.mdx",664831],f985f669:[()=&gt;r.e("26699").then(r.bind(r,310974)),"@site/versioned_docs/version-1.12.x/reference/cli/reference/collect.md",310974],f9fc64f1:[()=&gt;r.e("57919").then(r.bind(r,395535)),"@site/versioned_docs/version-1.12.x/reference/k8s-api/guide.mdx",395535],fa28f9c8:[()=&gt;r.e("98969").then(r.bind(r,260646)),"@site/versioned_docs/version-next/refs/tsb/v2/tenant.mdx",260646],fa293a24:[()=&gt;r.e("11994").then(r.t.bind(r,179921,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-troubleshooting-1e5.json",179921],fa37e374:[()=&gt;r.e("87145").then(r.bind(r,780090)),"@site/versioned_docs/version-1.6.x/howto/wasm/wasm-try.mdx",780090],fa3a05e3:[()=&gt;r.e("48351").then(r.bind(r,259021)),"@site/versioned_docs/version-1.9.x/refs/tsb/security/v2/security_service.mdx",259021],fa5cf6a3:[()=&gt;r.e("81829").then(r.bind(r,100920)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant.md",100920],fa676858:[()=&gt;r.e("1916").then(r.bind(r,899442)),"@site/versioned_docs/version-next/refs/tsb/v2/status.mdx",899442],fa6e56cb:[()=&gt;r.e("99104").then(r.t.bind(r,217944,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-operations-telemetry-af9.json",217944],fa75cd4b:[()=&gt;r.e("45605").then(r.t.bind(r,736932,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-howto-traffic-8e5.json",736932],fa7bc08c:[()=&gt;r.e("92481").then(r.t.bind(r,74656,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-security-v-2-grpc-cd2.json",74656],fa86afad:[()=&gt;r.e("61029").then(r.bind(r,566160)),"@site/versioned_docs/version-1.8.x/refs/tsb/traffic/v2/traffic_setting.mdx",566160],fa9134c2:[()=&gt;r.e("43015").then(r.bind(r,312911)),"@site/versioned_docs/version-next/refs/tsb/registry/v2/lookup_service.mdx",312911],fa9bf215:[()=&gt;r.e("13219").then(r.bind(r,585114)),"@site/versioned_docs/version-1.11.x/quickstart/config-groups.mdx",585114],faa3783f:[()=&gt;r.e("29220").then(r.bind(r,131931)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/registration/v1alpha1/registration.mdx",131931],fabd5efb:[()=&gt;r.e("94634").then(r.bind(r,91583)),"@site/versioned_docs/version-1.9.x/setup/certificate/automated-certificate-management.mdx",91583],fad445e1:[()=&gt;r.e("24289").then(r.bind(r,599978)),"@site/versioned_docs/version-next/refs/tsb/v2/team_service.mdx",599978],fad6e8d3:[()=&gt;r.e("39983").then(r.bind(r,22448)),"@site/versioned_docs/version-1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team.md",22448],fadcda3a:[()=&gt;r.e("32393").then(r.t.bind(r,479427,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-setup-upgrades-99f.json",479427],fae6216c:[()=&gt;r.e("33866").then(r.bind(r,309260)),"@site/versioned_docs/version-1.12.x/release-notes.mdx",309260],faef8211:[()=&gt;Promise.all([r.e("86212"),r.e("76889")]).then(r.bind(r,590008)),"@site/versioned_docs/version-next/setup/self-managed/management-plane-installation.mdx",590008],fb243264:[()=&gt;r.e("21450").then(r.bind(r,413875)),"@site/versioned_docs/version-1.9.x/refs/tsb/v2/tenant.mdx",413875],fb3df53b:[()=&gt;r.e("80725").then(r.t.bind(r,439710,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-d11.json",439710],fb48a04d:[()=&gt;r.e("10960").then(r.bind(r,308656)),"@site/versioned_docs/version-next/refs/onboarding/config/types/identity/aws/v1alpha1/aws.mdx",308656],fb579644:[()=&gt;r.e("70338").then(r.bind(r,437311)),"@site/versioned_docs/version-1.10.x/operations/users/configuring-ldap.mdx",437311],fb5f9cf4:[()=&gt;r.e("90019").then(r.t.bind(r,251962,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-6-x-reference-operators-9ae.json",251962],fb653ddc:[()=&gt;r.e("39589").then(r.bind(r,266007)),"@site/versioned_docs/version-1.7.x/refs/audit/v1/audit.mdx",266007],fb6fe5d9:[()=&gt;Promise.all([r.e("86212"),r.e("9374")]).then(r.bind(r,407171)),"@site/versioned_docs/version-1.9.x/design-guides/ha-dr-mp/dr-managementplane.mdx",407171],fba258d8:[()=&gt;r.e("63892").then(r.t.bind(r,336670,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-refs-tsb-profile-v-2-yaml-8e2.json",336670],fba2d6c8:[()=&gt;r.e("921").then(r.bind(r,660509)),"@site/versioned_docs/version-1.7.x/setup/workload-onboarding/guides/onboarding.mdx",660509],fbe2338b:[()=&gt;r.e("96742").then(r.bind(r,813467)),"@site/versioned_docs/version-1.11.x/refs/tsb/rbac/v2/security_access_bindings.mdx",813467],fc0daf52:[()=&gt;r.e("28598").then(r.bind(r,255925)),"@site/versioned_docs/version-next/howto/rate-limiting/tier1-gateway.mdx",255925],fc155b85:[()=&gt;r.e("49593").then(r.bind(r,952956)),"@site/versioned_docs/version-1.10.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs.mdx",952956],fc255917:[()=&gt;r.e("42741").then(r.bind(r,940559)),"@site/versioned_docs/version-1.9.x/setup/remote-registry.mdx",940559],fc2eb075:[()=&gt;r.e("69204").then(r.bind(r,595161)),"@site/versioned_docs/version-1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service.mdx",595161],fc38f28b:[()=&gt;Promise.all([r.e("86212"),r.e("81556")]).then(r.bind(r,433633)),"@site/versioned_docs/version-1.11.x/setup/self-managed/toc.mdx",433633],fc7de41d:[()=&gt;r.e("12592").then(r.t.bind(r,210077,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-b71.json",210077],fc90a4d1:[()=&gt;r.e("70110").then(r.bind(r,264142)),"@site/versioned_docs/version-1.11.x/howto/rate-limiting/service-to-service.mdx",264142],fcb5fcb8:[()=&gt;r.e("24639").then(r.bind(r,769533)),"@site/versioned_docs/version-1.6.x/refs/tsb/traffic/v2/traffic_service.mdx",769533],fcbdb5ed:[()=&gt;r.e("45876").then(r.t.bind(r,119850,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-8-x-howto-gitops-5cb.json",119850],fccbc3fa:[()=&gt;r.e("11932").then(r.bind(r,902303)),"@site/versioned_docs/version-1.6.x/howto/rate-limiting/ingress-gateway.mdx",902303],fcd3f5f4:[()=&gt;r.e("25696").then(r.t.bind(r,549977,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-refs-tsb-application-v-2-yaml-efa.json",549977],fceb3b84:[()=&gt;r.e("71648").then(r.bind(r,519221)),"@site/versioned_docs/version-1.11.x/refs/onboarding/config/types/config/v1alpha1/transport_security.mdx",519221],fcefb69a:[()=&gt;Promise.all([r.e("86212"),r.e("57989")]).then(r.bind(r,167065)),"@site/versioned_docs/version-1.9.x/design-guides/app-onboarding/cross-cluster.mdx",167065],fcf5a04f:[()=&gt;r.e("9262").then(r.bind(r,893597)),"@site/versioned_docs/version-1.8.x/howto/gitops/argo-rollouts.mdx",893597],fcf87732:[()=&gt;r.e("80502").then(r.bind(r,799850)),"@site/versioned_docs/version-1.11.x/operations/postgresql/backup-and-restore.mdx",799850],fcfc58fc:[()=&gt;r.e("60225").then(r.bind(r,191031)),"@site/versioned_docs/version-1.9.x/refs/onboarding/config/agent/v1alpha1/agent_configuration.mdx",191031],fd002e3b:[()=&gt;r.e("32008").then(r.t.bind(r,930612,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-10-x-operations-users-76e.json",930612],fd06d4e2:[()=&gt;r.e("90369").then(r.bind(r,274042)),"@site/versioned_docs/version-1.12.x/refs/iam/v2/oauth_service.mdx",274042],fd430aeb:[()=&gt;r.e("60880").then(r.t.bind(r,40186,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-category-working-with-tetrate-customer-support-699.json",40186],fd4e2390:[()=&gt;r.e("3039").then(r.bind(r,682377)),"@site/versioned_docs/version-1.8.x/reference/cli/reference/tctl.md",682377],fd86b1cb:[()=&gt;r.e("73488").then(r.bind(r,163807)),"@site/versioned_docs/version-1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms.mdx",163807],fd8b3ce6:[()=&gt;r.e("50383").then(r.bind(r,750889)),"@site/versioned_docs/version-1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount.md",750889],fd958da3:[()=&gt;r.e("11463").then(r.t.bind(r,916841,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-refs-tsb-segmentation-v-1-yaml-785.json",916841],fd9dee61:[()=&gt;r.e("50196").then(r.bind(r,855019)),"@site/versioned_docs/version-1.9.x/concepts/terminology.mdx",855019],fdab66b5:[()=&gt;r.e("3922").then(r.bind(r,941604)),"@site/versioned_docs/version-1.6.x/refs/tsb/traffic/v2/service_route.mdx",941604],fdabb9b3:[()=&gt;r.e("81995").then(r.t.bind(r,87924,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-refs-tsb-application-v-2-grpc-28d.json",87924],fdbc5142:[()=&gt;r.e("41505").then(r.bind(r,748832)),"@site/versioned_docs/version-1.10.x/setup/remote-registry.mdx",748832],fdf3f60b:[()=&gt;r.e("15306").then(r.bind(r,748336)),"@site/versioned_docs/version-1.7.x/refs/tsb/application/v2/api.mdx",748336],fe01494d:[()=&gt;r.e("89644").then(r.bind(r,751127)),"@site/versioned_docs/version-1.10.x/reference/cli/reference/workload-entry-annotations.md",751127],fe0442cd:[()=&gt;r.e("8495").then(r.t.bind(r,470267,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-9-x-quickstart-bdc.json",470267],fe14559c:[()=&gt;r.e("73645").then(r.t.bind(r,136546,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-next-reference-yaml-api-16c.json",136546],fe59c1d7:[()=&gt;r.e("85980").then(r.bind(r,18157)),"@site/versioned_docs/version-1.12.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding.mdx",18157],fea306f7:[()=&gt;r.e("30531").then(r.bind(r,588570)),"@site/versioned_docs/version-1.9.x/operations/telemetry/telemetry-architecture.mdx",588570],fea4b0e1:[()=&gt;r.e("17422").then(r.t.bind(r,910560,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-11-x-reference-cli-reference-334.json",910560],feb2b80c:[()=&gt;r.e("19462").then(r.t.bind(r,978441,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-iam-v-2-grpc-4f8.json",978441],feb3c5a7:[()=&gt;r.e("71658").then(r.bind(r,979177)),"@site/versioned_docs/version-1.11.x/howto/wasm/wasm-proxy.mdx",979177],fec0e412:[()=&gt;r.e("45287").then(r.bind(r,267436)),"@site/versioned_docs/version-1.11.x/refs/tsb/profile/v2/profile.mdx",267436],fec135ab:[()=&gt;Promise.all([r.e("86212"),r.e("16189")]).then(r.bind(r,940708)),"@site/versioned_docs/version-1.12.x/setup/upgrades/gateway-upgrade.mdx",940708],fec73a2a:[()=&gt;r.e("81657").then(r.bind(r,586763)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt.mdx",586763],fece4fb2:[()=&gt;r.e("60318").then(r.bind(r,776013)),"@site/versioned_docs/version-next/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service.mdx",776013],fed3e6b1:[()=&gt;r.e("94153").then(r.t.bind(r,124579,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-1-7-x-refs-tsb-auth-v-2-yaml-e09.json",124579],ff143e6a:[()=&gt;r.e("32591").then(r.bind(r,992896)),"@site/versioned_docs/version-1.10.x/refs/tsb/rbac/v2/policy_service.mdx",992896],ff3c48e2:[()=&gt;r.e("95091").then(r.bind(r,638841)),"@site/versioned_docs/version-1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace.md",638841],ff469bf3:[()=&gt;r.e("20198").then(r.bind(r,927326)),"@site/versioned_docs/version-1.10.x/refs/tsb/v2/tenant_setting.mdx",927326],ff6af7ca:[()=&gt;r.e("59552").then(r.t.bind(r,573689,19)),"@generated/docusaurus-plugin-content-docs/default/p/service-bridge-refs-tsb-v-2-grpc-576.json",573689],ff6e3512:[()=&gt;r.e("98447").then(r.bind(r,488991)),"@site/versioned_docs/version-1.8.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration.mdx",488991],ffdfc10f:[()=&gt;r.e("52490").then(r.bind(r,620113)),"@site/versioned_docs/version-next/setup/helm/managementplane.mdx",620113],ffe0f6ee:[()=&gt;r.e("84534").then(r.bind(r,83990)),"@site/versioned_docs/version-1.10.x/setup/helm/dataplane.mdx",83990]};function c(e){let{error:t,retry:r,pastDelay:n}=e;return t?(0,s.jsxs)("div",{style:{textAlign:"center",color:"#fff",backgroundColor:"#fa383e",borderColor:"#fa383e",borderStyle:"solid",borderRadius:"0.25rem",borderWidth:"1px",boxSizing:"border-box",display:"block",padding:"1rem",flex:"0 0 50%",marginLeft:"25%",marginRight:"25%",marginTop:"5rem",maxWidth:"50%",width:"100%"},children:[(0,s.jsx)("p",{children:String(t)}),(0,s.jsx)("div",{children:(0,s.jsx)("button",{type:"button",onClick:r,children:"Retry"})})]}):n?(0,s.jsx)("div",{style:{display:"flex",justifyContent:"center",alignItems:"center",height:"100vh"},children:(0,s.jsx)("svg",{id:"loader",style:{width:128,height:110,position:"absolute",top:"calc(100vh - 64%)"},viewBox:"0 0 45 45",xmlns:"http://www.w3.org/2000/svg",stroke:"#61dafb",children:(0,s.jsxs)("g",{fill:"none",fillRule:"evenodd",transform:"translate(1 1)",strokeWidth:"2",children:[(0,s.jsxs)("circle",{cx:"22",cy:"22",r:"6",strokeOpacity:"0",children:[(0,s.jsx)("animate",{attributeName:"r",begin:"1.5s",dur:"3s",values:"6;22",calcMode:"linear",repeatCount:"indefinite"}),(0,s.jsx)("animate",{attributeName:"stroke-opacity",begin:"1.5s",dur:"3s",values:"1;0",calcMode:"linear",repeatCount:"indefinite"}),(0,s.jsx)("animate",{attributeName:"stroke-width",begin:"1.5s",dur:"3s",values:"2;0",calcMode:"linear",repeatCount:"indefinite"})]}),(0,s.jsxs)("circle",{cx:"22",cy:"22",r:"6",strokeOpacity:"0",children:[(0,s.jsx)("animate",{attributeName:"r",begin:"3s",dur:"3s",values:"6;22",calcMode:"linear",repeatCount:"indefinite"}),(0,s.jsx)("animate",{attributeName:"stroke-opacity",begin:"3s",dur:"3s",values:"1;0",calcMode:"linear",repeatCount:"indefinite"}),(0,s.jsx)("animate",{attributeName:"stroke-width",begin:"3s",dur:"3s",values:"2;0",calcMode:"linear",repeatCount:"indefinite"})]}),(0,s.jsx)("circle",{cx:"22",cy:"22",r:"8",children:(0,s.jsx)("animate",{attributeName:"r",begin:"0s",dur:"1.5s",values:"6;1;2;3;4;5;6",calcMode:"linear",repeatCount:"indefinite"})})]})})}):null}var p=r("840316"),d=r("427373");function u(e,t){if("*"===e)return i()({loading:c,loader:()=&gt;r.e("55205").then(r.bind(r,410234)),modules:["@theme/NotFound"],webpack:()=&gt;[410234],render(e,t){let r=e.default;return(0,s.jsx)(d.z,{value:{plugin:{name:"native",id:"default"}},children:(0,s.jsx)(r,{...t})})}});let n=a[`${e}-${t}`],u={},l=[],m=[];return Object.entries((0,p.Z)(n)).forEach(e=&gt;{let[t,r]=e,s=o[r];s&amp;&amp;(u[t]=s[0],l.push(s[1]),m.push(s[2]))}),i().Map({loading:c,loader:u,modules:l,webpack:()=&gt;m,render(t,r){let i=JSON.parse(JSON.stringify(n));Object.entries(t).forEach(t=&gt;{let[r,s]=t,n=s.default;if(!n)throw Error(`The page component at ${e} doesn't have a default export. This makes it impossible to render anything. Consider default-exporting a React component.`);("object"==typeof n||"function"==typeof n)&amp;&amp;Object.keys(s).filter(e=&gt;"default"!==e).forEach(e=&gt;{n[e]=s[e]});let a=i,o=r.split(".");o.slice(0,-1).forEach(e=&gt;{a=a[e]}),a[o[o.length-1]]=n});let a=i.__comp;delete i.__comp;let o=i.__context;delete i.__context;let c=i.__props;return delete i.__props,(0,s.jsx)(d.z,{value:o,children:(0,s.jsx)(a,{...i,...c,...r})})}})}let l=[{path:"/search",component:u("/search","543"),exact:!0},{path:"/service-bridge/1.10.x/rest",component:u("/service-bridge/1.10.x/rest","f92"),exact:!0},{path:"/service-bridge/1.11.x/rest",component:u("/service-bridge/1.11.x/rest","c4e"),exact:!0},{path:"/service-bridge/1.6.x/rest",component:u("/service-bridge/1.6.x/rest","0a5"),exact:!0},{path:"/service-bridge/1.7.x/rest",component:u("/service-bridge/1.7.x/rest","908"),exact:!0},{path:"/service-bridge/1.8.x/rest",component:u("/service-bridge/1.8.x/rest","6e6"),exact:!0},{path:"/service-bridge/1.9.x/rest",component:u("/service-bridge/1.9.x/rest","3be"),exact:!0},{path:"/service-bridge/next/rest",component:u("/service-bridge/next/rest","20e"),exact:!0},{path:"/service-bridge/rest",component:u("/service-bridge/rest","6a0"),exact:!0},{path:"/service-bridge",component:u("/service-bridge","d46"),routes:[{path:"/service-bridge/1.10.x",component:u("/service-bridge/1.10.x","1d4"),routes:[{path:"/service-bridge/1.10.x/tags",component:u("/service-bridge/1.10.x/tags","fd2"),exact:!0},{path:"/service-bridge/1.10.x/tags/featured",component:u("/service-bridge/1.10.x/tags/featured","101"),exact:!0},{path:"/service-bridge/1.10.x/tags/tsb-concepts",component:u("/service-bridge/1.10.x/tags/tsb-concepts","b67"),exact:!0},{path:"/service-bridge/1.10.x/tags/tsb-quickstart",component:u("/service-bridge/1.10.x/tags/tsb-quickstart","79c"),exact:!0},{path:"/service-bridge/1.10.x",component:u("/service-bridge/1.10.x","1c5"),routes:[{path:"/service-bridge/1.10.x/",component:u("/service-bridge/1.10.x/","fa1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.10.x/category/working-with-tetrate-customer-support","40f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/",component:u("/service-bridge/1.10.x/cheatsheet/","cd7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.10.x/cheatsheet/sheets/gateways-management","7c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.10.x/cheatsheet/sheets/kubectl","cec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.10.x/cheatsheet/sheets/security-management","f68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.10.x/cheatsheet/sheets/tctl","7c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.10.x/cheatsheet/sheets/traffic-management","962"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.10.x/cheatsheet/sheets/tsb-concepts","9dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.10.x/cheatsheet/sheets/tsb-quickstart","c73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.10.x/cheatsheet/sheets/tsb-terminology","bed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/",component:u("/service-bridge/1.10.x/concepts/","003"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/architecture",component:u("/service-bridge/1.10.x/concepts/architecture","285"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/configuration-dataflow",component:u("/service-bridge/1.10.x/concepts/configuration-dataflow","e04"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/configuration-inheritance",component:u("/service-bridge/1.10.x/concepts/configuration-inheritance","3be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/glossary",component:u("/service-bridge/1.10.x/concepts/glossary","f5c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/observability",component:u("/service-bridge/1.10.x/concepts/observability","7e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/operators/",component:u("/service-bridge/1.10.x/concepts/operators/","fda"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/operators/control-plane",component:u("/service-bridge/1.10.x/concepts/operators/control-plane","532"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/operators/data-plane",component:u("/service-bridge/1.10.x/concepts/operators/data-plane","bc3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/operators/management-plane",component:u("/service-bridge/1.10.x/concepts/operators/management-plane","337"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/security",component:u("/service-bridge/1.10.x/concepts/security","501"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/service-mesh",component:u("/service-bridge/1.10.x/concepts/service-mesh","9e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/terminology",component:u("/service-bridge/1.10.x/concepts/terminology","297"),exact:!0},{path:"/service-bridge/1.10.x/concepts/traffic-management",component:u("/service-bridge/1.10.x/concepts/traffic-management","0e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/concepts/tsb-and-istio",component:u("/service-bridge/1.10.x/concepts/tsb-and-istio","0d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/",component:u("/service-bridge/1.10.x/design-guides/","e02"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/","9bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/cross-cluster","492"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/deploy-service","8de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/gateway-security","bdd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/high-availability",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/high-availability","a4b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/introduction",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/introduction","f47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/monitor",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/monitor","0a6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/prepare",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/prepare","cf4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/promote-service",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/promote-service","186"),exact:!0},{path:"/service-bridge/1.10.x/design-guides/app-onboarding/security",component:u("/service-bridge/1.10.x/design-guides/app-onboarding/security","734"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-dr-mp/",component:u("/service-bridge/1.10.x/design-guides/ha-dr-mp/","641"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-dr-mp/dr-managementplane",component:u("/service-bridge/1.10.x/design-guides/ha-dr-mp/dr-managementplane","021"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-dr-mp/ha-managementplane",component:u("/service-bridge/1.10.x/design-guides/ha-dr-mp/ha-managementplane","f9f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/1.10.x/design-guides/ha-dr-mp/introduction","19f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/1.10.x/design-guides/ha-dr-mp/scenarios","2c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/","04a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/cluster-failover","1e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/demo-1","b10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/demo-2","4c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/edge-failover","193"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/introduction",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/introduction","be4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/design-guides/ha-multicluster/operations",component:u("/service-bridge/1.10.x/design-guides/ha-multicluster/operations","9b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto",component:u("/service-bridge/1.10.x/howto","3e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/authorization/",component:u("/service-bridge/1.10.x/howto/authorization/","8f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.10.x/howto/authorization/ingress-gateway","4e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/authorization/sidecar",component:u("/service-bridge/1.10.x/howto/authorization/sidecar","d24"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.10.x/howto/authorization/tier1-gateway","e12"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/authorization/tls-verification",component:u("/service-bridge/1.10.x/howto/authorization/tls-verification","935"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway",component:u("/service-bridge/1.10.x/howto/gateway","224"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/app-ingress",component:u("/service-bridge/1.10.x/howto/gateway/app-ingress","4b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.10.x/howto/gateway/application-gateway-with-openapi-annotations","506"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.10.x/howto/gateway/configure-and-route-nonhttp-traffic","61b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/configure-oidc",component:u("/service-bridge/1.10.x/howto/gateway/configure-oidc","17e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.10.x/howto/gateway/distributed-ingress","c29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.10.x/howto/gateway/end-user-auth-keycloak","4a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/host-based-egress-access-control",component:u("/service-bridge/1.10.x/howto/gateway/host-based-egress-access-control","cb7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/1.10.x/howto/gateway/https-with-proxy-protocol","2ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-failover-priority",component:u("/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-failover-priority","047"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","50a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","8c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-shifting","b3f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.10.x/howto/gateway/service-identity-propagation","2af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/shared-ingress",component:u("/service-bridge/1.10.x/howto/gateway/shared-ingress","f14"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.10.x/howto/gateway/subset-based-routing-using-igw-and-service-route","8ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/unified-gateway",component:u("/service-bridge/1.10.x/howto/gateway/unified-gateway","148"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gateway/unified-gateway-upgrade",component:u("/service-bridge/1.10.x/howto/gateway/unified-gateway-upgrade","a19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gitops",component:u("/service-bridge/1.10.x/howto/gitops","786"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.10.x/howto/gitops/argo-rollouts","e1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gitops/flagger",component:u("/service-bridge/1.10.x/howto/gitops/flagger","595"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gitops/flux",component:u("/service-bridge/1.10.x/howto/gitops/flux","706"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/gitops/gitops",component:u("/service-bridge/1.10.x/howto/gitops/gitops","228"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.10.x/howto/hpa-using-skywalking","c21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/network-policies",component:u("/service-bridge/1.10.x/howto/network-policies","b80"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/promql-using-skywalking",component:u("/service-bridge/1.10.x/howto/promql-using-skywalking","dbf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/",component:u("/service-bridge/1.10.x/howto/rate-limiting/","7cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.10.x/howto/rate-limiting/external-rate-limiting","c9a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.10.x/howto/rate-limiting/ingress-gateway","382"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.10.x/howto/rate-limiting/internal-rate-limiting","f70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.10.x/howto/rate-limiting/service-to-service","6c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.10.x/howto/rate-limiting/tier1-gateway","6c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.10.x/howto/rate-limiting/tls-validation","9b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/security-domains",component:u("/service-bridge/1.10.x/howto/security-domains","86a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/service-accounts",component:u("/service-bridge/1.10.x/howto/service-accounts","cf4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic",component:u("/service-bridge/1.10.x/howto/traffic","600"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/canary-releases",component:u("/service-bridge/1.10.x/howto/traffic/canary-releases","099"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.10.x/howto/traffic/configure-multi-port-service-route","641"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/gateway-mtls",component:u("/service-bridge/1.10.x/howto/traffic/gateway-mtls","65a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/load-balance",component:u("/service-bridge/1.10.x/howto/traffic/load-balance","828"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.10.x/howto/traffic/migrating-VM-monoliths","daa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.10.x/howto/traffic/splitting-service-traffic-between-k8s-vms","0c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/waf",component:u("/service-bridge/1.10.x/howto/waf","c6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/wasm",component:u("/service-bridge/1.10.x/howto/wasm","3c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.10.x/howto/wasm/wasm-extension","0ac"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.10.x/howto/wasm/wasm-overview","d9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/wasm/wasm-proxy",component:u("/service-bridge/1.10.x/howto/wasm/wasm-proxy","a5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/howto/wasm/wasm-try",component:u("/service-bridge/1.10.x/howto/wasm/wasm-try","852"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/knowledge-base",component:u("/service-bridge/1.10.x/knowledge-base","057"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/knowledge-base/faq",component:u("/service-bridge/1.10.x/knowledge-base/faq","900"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/knowledge-base/gitops",component:u("/service-bridge/1.10.x/knowledge-base/gitops","410"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations",component:u("/service-bridge/1.10.x/operations","feb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/configuration-promotion",component:u("/service-bridge/1.10.x/operations/configuration-promotion","4da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/configure-log-levels",component:u("/service-bridge/1.10.x/operations/configure-log-levels","9d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/elasticsearch",component:u("/service-bridge/1.10.x/operations/elasticsearch","051"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.10.x/operations/elasticsearch/elasticsearch-role","0c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.10.x/operations/elasticsearch/wipe-elastic","e0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features",component:u("/service-bridge/1.10.x/operations/features","5a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.10.x/operations/features/configure-cluster-external-addresses","db5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/configure-gitops",component:u("/service-bridge/1.10.x/operations/features/configure-gitops","69e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/deletion-protection",component:u("/service-bridge/1.10.x/operations/features/deletion-protection","83b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.10.x/operations/features/edge-dns-resolution","013"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/enable-config-protection",component:u("/service-bridge/1.10.x/operations/features/enable-config-protection","249"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.10.x/operations/features/gateway-deletion-webhook","4f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/internal-wasm-extensions",component:u("/service-bridge/1.10.x/operations/features/internal-wasm-extensions","d86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/istio-cni",component:u("/service-bridge/1.10.x/operations/features/istio-cni","f51"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/label-annotation",component:u("/service-bridge/1.10.x/operations/features/label-annotation","fd4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/streaming-log",component:u("/service-bridge/1.10.x/operations/features/streaming-log","04b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.10.x/operations/features/tier1-in-app-cluster","1d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/1.10.x/operations/features/tls-origin-multi-cluster","2c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/graceful-connection-drain",component:u("/service-bridge/1.10.x/operations/graceful-connection-drain","e88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/kube-customization",component:u("/service-bridge/1.10.x/operations/kube-customization","c2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/lower-istio-resources",component:u("/service-bridge/1.10.x/operations/lower-istio-resources","d38"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/migrate-organization",component:u("/service-bridge/1.10.x/operations/migrate-organization","6fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/multiple-iam-keys",component:u("/service-bridge/1.10.x/operations/multiple-iam-keys","89e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/postgresql",component:u("/service-bridge/1.10.x/operations/postgresql","177"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/postgresql/auditlog-retention",component:u("/service-bridge/1.10.x/operations/postgresql/auditlog-retention","3fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/postgresql/azure-credentials",component:u("/service-bridge/1.10.x/operations/postgresql/azure-credentials","d68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/postgresql/backup-and-restore",component:u("/service-bridge/1.10.x/operations/postgresql/backup-and-restore","c3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/postgresql/managing-kubegres",component:u("/service-bridge/1.10.x/operations/postgresql/managing-kubegres","36b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry",component:u("/service-bridge/1.10.x/operations/telemetry","f2e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.10.x/operations/telemetry/alerting-guidelines","83b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.10.x/operations/telemetry/distributed-tracing","2e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.10.x/operations/telemetry/key-metrics","7dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/new-relic",component:u("/service-bridge/1.10.x/operations/telemetry/new-relic","d71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.10.x/operations/telemetry/red-metrics","ab5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.10.x/operations/telemetry/telemetry-architecture","2f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users",component:u("/service-bridge/1.10.x/operations/users","1f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/admin-password",component:u("/service-bridge/1.10.x/operations/users/admin-password","cea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/configuring-ldap",component:u("/service-bridge/1.10.x/operations/users/configuring-ldap","7d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/new-user-local-idp",component:u("/service-bridge/1.10.x/operations/users/new-user-local-idp","b0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/oidc-azure",component:u("/service-bridge/1.10.x/operations/users/oidc-azure","424"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/tsb-fqns",component:u("/service-bridge/1.10.x/operations/users/tsb-fqns","03e"),exact:!0},{path:"/service-bridge/1.10.x/operations/users/user-synchronization",component:u("/service-bridge/1.10.x/operations/users/user-synchronization","af4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/users/users-roles-and-permissions",component:u("/service-bridge/1.10.x/operations/users/users-roles-and-permissions","6c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/vault",component:u("/service-bridge/1.10.x/operations/vault","9c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/vault/elasticsearch",component:u("/service-bridge/1.10.x/operations/vault/elasticsearch","cbe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/vault/istiod-ca",component:u("/service-bridge/1.10.x/operations/vault/istiod-ca","54b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/operations/vault/postgresql",component:u("/service-bridge/1.10.x/operations/vault/postgresql","3fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart",component:u("/service-bridge/1.10.x/quickstart","d5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/apps",component:u("/service-bridge/1.10.x/quickstart/apps","55e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/config-groups",component:u("/service-bridge/1.10.x/quickstart/config-groups","bd8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.10.x/quickstart/deploy-sample-app","174"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/ingress-gateway",component:u("/service-bridge/1.10.x/quickstart/ingress-gateway","3a7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/introduction",component:u("/service-bridge/1.10.x/quickstart/introduction","c8a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/observability",component:u("/service-bridge/1.10.x/quickstart/observability","195"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/permissions",component:u("/service-bridge/1.10.x/quickstart/permissions","11c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/security",component:u("/service-bridge/1.10.x/quickstart/security","345"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/tenant",component:u("/service-bridge/1.10.x/quickstart/tenant","f53"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/traffic-shifting",component:u("/service-bridge/1.10.x/quickstart/traffic-shifting","248"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/quickstart/workspace",component:u("/service-bridge/1.10.x/quickstart/workspace","665"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference",component:u("/service-bridge/1.10.x/reference","ba6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli",component:u("/service-bridge/1.10.x/reference/cli","97b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/guide/index",component:u("/service-bridge/1.10.x/reference/cli/guide/index","c61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/guide/toc",component:u("/service-bridge/1.10.x/reference/cli/guide/toc","821"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference",component:u("/service-bridge/1.10.x/reference/cli/reference","4d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/apply",component:u("/service-bridge/1.10.x/reference/cli/reference/apply","b7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/collect",component:u("/service-bridge/1.10.x/reference/cli/reference/collect","535"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/completion",component:u("/service-bridge/1.10.x/reference/cli/reference/completion","c35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/config",component:u("/service-bridge/1.10.x/reference/cli/reference/config","a03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/delete",component:u("/service-bridge/1.10.x/reference/cli/reference/delete","06b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/edit",component:u("/service-bridge/1.10.x/reference/cli/reference/edit","4c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/experimental",component:u("/service-bridge/1.10.x/reference/cli/reference/experimental","dc2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/get",component:u("/service-bridge/1.10.x/reference/cli/reference/get","e86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/index",component:u("/service-bridge/1.10.x/reference/cli/reference/index","679"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/install",component:u("/service-bridge/1.10.x/reference/cli/reference/install","e50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/login",component:u("/service-bridge/1.10.x/reference/cli/reference/login","d25"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/status",component:u("/service-bridge/1.10.x/reference/cli/reference/status","7c0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/ui",component:u("/service-bridge/1.10.x/reference/cli/reference/ui","043"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/validate",component:u("/service-bridge/1.10.x/reference/cli/reference/validate","f4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/version",component:u("/service-bridge/1.10.x/reference/cli/reference/version","fc6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/whoami",component:u("/service-bridge/1.10.x/reference/cli/reference/whoami","0f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.10.x/reference/cli/reference/workload-entry-annotations","311"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/grpc-api",component:u("/service-bridge/1.10.x/reference/grpc-api","389"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/grpc-api/guide",component:u("/service-bridge/1.10.x/reference/grpc-api/guide","701"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/grpc-api/reference",component:u("/service-bridge/1.10.x/reference/grpc-api/reference","8c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api",component:u("/service-bridge/1.10.x/reference/k8s-api","2c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/guide",component:u("/service-bridge/1.10.x/reference/k8s-api/guide","fa5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen","4db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","1d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","1d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","2b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","bf6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","4f8"),exact:!0},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","fee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","38b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","535"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","b86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","34a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","083"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","b68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","ebc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","a3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","add"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","9e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","43d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","edb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","95a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/operators",component:u("/service-bridge/1.10.x/reference/operators","f64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/rest-api/guide",component:u("/service-bridge/1.10.x/reference/rest-api/guide","0d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/samples",component:u("/service-bridge/1.10.x/reference/samples","e76"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/samples/httpbin",component:u("/service-bridge/1.10.x/reference/samples/httpbin","c69"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/samples/opa",component:u("/service-bridge/1.10.x/reference/samples/opa","74a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/samples/sleep-service",component:u("/service-bridge/1.10.x/reference/samples/sleep-service","125"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/workload-onboarding",component:u("/service-bridge/1.10.x/reference/workload-onboarding","219"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.10.x/reference/workload-onboarding/onboarding-agent","b9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.10.x/reference/workload-onboarding/onboarding-authorization","393"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.10.x/reference/workload-onboarding/onboarding-runtime","2c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/yaml-api",component:u("/service-bridge/1.10.x/reference/yaml-api","b4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/yaml-api/guide",component:u("/service-bridge/1.10.x/reference/yaml-api/guide","ae5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/reference/yaml-api/reference",component:u("/service-bridge/1.10.x/reference/yaml-api/reference","273"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/audit/v1/audit",component:u("/service-bridge/1.10.x/refs/audit/v1/audit","4cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/audit/v1/grpc",component:u("/service-bridge/1.10.x/refs/audit/v1/grpc","d17"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/iam/v2/grpc",component:u("/service-bridge/1.10.x/refs/iam/v2/grpc","f86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.10.x/refs/iam/v2/oauth_service","f1e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.10.x/refs/iam/v2/oidc_service","6bc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install",component:u("/service-bridge/1.10.x/refs/install","0b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install/common/common_config",component:u("/service-bridge/1.10.x/refs/install/common/common_config","9b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.10.x/refs/install/controlplane/v1alpha1/spec","d97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.10.x/refs/install/dataplane/v1alpha1/spec","dad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.10.x/refs/install/kubernetes/k8s","c8f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.10.x/refs/install/managementplane/v1alpha1/spec","b50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","da4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","5aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.10.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","a98"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.10.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","73b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.10.x/refs/onboarding/config/authorization/v1alpha1/policy","17a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","508"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/workload_configuration","de9"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.10.x/refs/onboarding/config/runtime/v1alpha1/registration","236"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/config/v1alpha1/transport_security","954"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/condition","cbe"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","2b7"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","e9f"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","e3e"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/identity/v1alpha1/identity","2cd"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","eb1"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/registration","b00"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","f69"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","441"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","0f1"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","2cb"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","06f"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/plane/generator/v1alpha1/version",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/plane/generator/v1alpha1/version","8ac"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token",component:u("/service-bridge/1.10.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","656"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/install/v1alpha1/spec",component:u("/service-bridge/1.10.x/refs/onboarding/private/install/v1alpha1/spec","d94"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","7e5"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","c15"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service","22d"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/protocol/session/v1alpha1/session_service",component:u("/service-bridge/1.10.x/refs/onboarding/private/protocol/session/v1alpha1/session_service","e8d"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/config/v1alpha1/transport_security","b15"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2","cdf"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts","655"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","911"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/discovery/v1alpha1/discovery",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/discovery/v1alpha1/discovery","6ea"),exact:!0},{path:"/service-bridge/1.10.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration",component:u("/service-bridge/1.10.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration","9fc"),exact:!0},{path:"/service-bridge/1.10.x/refs/private/iam/v1/iam",component:u("/service-bridge/1.10.x/refs/private/iam/v1/iam","d03"),exact:!0},{path:"/service-bridge/1.10.x/refs/test/v1/echo",component:u("/service-bridge/1.10.x/refs/test/v1/echo","58e"),exact:!0},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/api","2cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/application","769"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/application_service","32c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/grpc","7ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/openapi_extensions","8c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/application/v2/yaml","700"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.10.x/refs/tsb/auth/v2/auth","e42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/auth/v2/yaml","7da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/extension/v2/grpc","90f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_extension","c9e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_service","507"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/extension/v2/yaml","6e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/auth","bba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/eastwest_gateway","fb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/egress_gateway","bd5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway","0b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_common","0a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_group","bb1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_service","6ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/grpc","315"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/ingress_gateway","992"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/istio_gateway_direct","541"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/tier1_gateway","22e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/gateway/v2/yaml","189"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/istiointernal/v2/grpc","61a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_internal_group","8a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","420"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istiointernal_service","282"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/istiointernal/v2/yaml","19f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/grpc","29d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric","081"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric_service","d41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source","99a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source_service","8b6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/yaml","b3c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/profile/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/profile/v2/grpc","2d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/profile/v2/profile",component:u("/service-bridge/1.10.x/refs/tsb/profile/v2/profile","dd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/profile/v2/profile_service",component:u("/service-bridge/1.10.x/refs/tsb/profile/v2/profile_service","94d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/profile/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/profile/v2/yaml","f7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.10.x/refs/tsb/q/v2/approvals_service","403"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/q/v2/grpc","144"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.10.x/refs/tsb/q/v2/permissions_service","cc7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/access_bindings","a48"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/api_access_bindings","7d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/application_access_bindings","38f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/binding","a6b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/gateway_access_bindings","c70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/grpc","b7b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/istio_internal_access_bindings","841"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/organization_access_bindings","f11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/permissions","fa0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/policy_service","f1f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/role","2f9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/role_service","82f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/security_access_bindings","68b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/tenant_access_bindings","06a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/traffic_access_bindings","0a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/workspace_access_bindings","06b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/rbac/v2/yaml","27c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/registry/v2/grpc","281"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.10.x/refs/tsb/registry/v2/lookup_service","34c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.10.x/refs/tsb/registry/v2/registration_service","f76"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.10.x/refs/tsb/registry/v2/service","6ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/registry/v2/yaml","8ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/grpc","eba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/istio_security_direct","6de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/security_group","41f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/security_service","faa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/security_setting","397"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/service_security_setting","8fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/waf_settings","026"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/security/v2/yaml","e28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/grpc","4f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/istio_traffic_direct","08e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/service_route","0bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_traffic_setting",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/service_traffic_setting","c19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_group","6ac"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_service","845"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_setting","506"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/traffic/v2/yaml","87f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.10.x/refs/tsb/types/v2/types","185"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/types/v2/yaml","585"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.10.x/refs/tsb/v2/cluster","c08"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/cluster_service","7fa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.10.x/refs/tsb/v2/grpc","945"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/info",component:u("/service-bridge/1.10.x/refs/tsb/v2/info","d62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/organization",component:u("/service-bridge/1.10.x/refs/tsb/v2/organization","5d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/organization_service","4ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.10.x/refs/tsb/v2/organization_setting","0ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/status",component:u("/service-bridge/1.10.x/refs/tsb/v2/status","35d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/status_service","546"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/team",component:u("/service-bridge/1.10.x/refs/tsb/v2/team","7f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/team_service","c0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.10.x/refs/tsb/v2/tenant","8ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/tenant_service","618"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.10.x/refs/tsb/v2/tenant_setting","bda"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.10.x/refs/tsb/v2/workspace","cc7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.10.x/refs/tsb/v2/workspace_service","7c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.10.x/refs/tsb/v2/workspace_setting","f84"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.10.x/refs/tsb/v2/yaml","57a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/release-notes",component:u("/service-bridge/1.10.x/release-notes","d38"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/release-notes-announcements/",component:u("/service-bridge/1.10.x/release-notes-announcements/","0db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.10.x/release-notes-announcements/feature-status","e19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.10.x/release-notes-announcements/support-policy","7aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup",component:u("/service-bridge/1.10.x/setup","73f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/aws",component:u("/service-bridge/1.10.x/setup/aws","da9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/aws/container-marketplace",component:u("/service-bridge/1.10.x/setup/aws/container-marketplace","86d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/aws/vpc",component:u("/service-bridge/1.10.x/setup/aws/vpc","0c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/certificate",component:u("/service-bridge/1.10.x/setup/certificate","b03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/certificate/automated-certificate-management",component:u("/service-bridge/1.10.x/setup/certificate/automated-certificate-management","694"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.10.x/setup/certificate/certificate-requirements","50d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.10.x/setup/certificate/certificate-setup","5e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/components",component:u("/service-bridge/1.10.x/setup/components","a70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/fips",component:u("/service-bridge/1.10.x/setup/fips","a9f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/firewall-information",component:u("/service-bridge/1.10.x/setup/firewall-information","05d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/",component:u("/service-bridge/1.10.x/setup/helm/","bd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/controlplane",component:u("/service-bridge/1.10.x/setup/helm/controlplane","e5d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/dataplane",component:u("/service-bridge/1.10.x/setup/helm/dataplane","b65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/helm",component:u("/service-bridge/1.10.x/setup/helm/helm","ddf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/managementplane",component:u("/service-bridge/1.10.x/setup/helm/managementplane","cf0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/uninstallation",component:u("/service-bridge/1.10.x/setup/helm/uninstallation","919"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/helm/upgrade",component:u("/service-bridge/1.10.x/setup/helm/upgrade","173"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/isolation-boundaries",component:u("/service-bridge/1.10.x/setup/isolation-boundaries","698"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/isolation-boundaries-installation",component:u("/service-bridge/1.10.x/setup/isolation-boundaries-installation","4db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.10.x/setup/migrate-tctl-to-helm","860"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/remote-registry",component:u("/service-bridge/1.10.x/setup/remote-registry","68d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/requirements-and-download",component:u("/service-bridge/1.10.x/setup/requirements-and-download","360"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/resource-planning",component:u("/service-bridge/1.10.x/setup/resource-planning","4c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/security-context",component:u("/service-bridge/1.10.x/setup/security-context","066"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/",component:u("/service-bridge/1.10.x/setup/self-managed/","892"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.10.x/setup/self-managed/demo-installation","290"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.10.x/setup/self-managed/management-plane-installation","b4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.10.x/setup/self-managed/onboarding-clusters","861"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.10.x/setup/self-managed/uninstallation","94a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/self-managed/upgrade",component:u("/service-bridge/1.10.x/setup/self-managed/upgrade","3a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/tctl-connect",component:u("/service-bridge/1.10.x/setup/tctl-connect","d76"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrade-best-practices",component:u("/service-bridge/1.10.x/setup/upgrade-best-practices","ec3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrades",component:u("/service-bridge/1.10.x/setup/upgrades","29e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.10.x/setup/upgrades/cni-upgrade","11b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.10.x/setup/upgrades/gateway-upgrade","52b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.10.x/setup/upgrades/non-revisioned-to-revisioned","131"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.10.x/setup/upgrades/revisioned-to-revisioned","e99"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding","1e7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/","974"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/ecs-workloads","0e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/managing","d9d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/on-premise-workloads","313"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/onboarding","c85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/overview","aba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/setup","a70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.10.x/setup/workload-onboarding/guides/troubleshooting","ee2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.10.x/setup/workload-onboarding/onboarding-vms","38a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart","7e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/","2e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","63e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","b7b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","6c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","083"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","e47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","405"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/","1b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","50e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","50d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/","db8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","321"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","d57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","a43"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting",component:u("/service-bridge/1.10.x/troubleshooting","0ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.10.x/troubleshooting/cluster-onboarding","c9d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/configuration-status",component:u("/service-bridge/1.10.x/troubleshooting/configuration-status","67a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.10.x/troubleshooting/gateway-troubleshooting","3d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.10.x/troubleshooting/identify-underperforming-services","188"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.10.x/troubleshooting/Maximum-header-size-exceed","3c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.10.x/troubleshooting/Multiple-Transfer-encoding-chunked","bdc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/proxy-tools",component:u("/service-bridge/1.10.x/troubleshooting/proxy-tools","6f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.10.x/troubleshooting/troubleshooting","a66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.10.x/troubleshooting/tsb-ui-metrics","c51"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.10.x/workingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.10.x/workingwithsupport/workingWithTetrateSupport","026"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/1.11.x",component:u("/service-bridge/1.11.x","b3f"),routes:[{path:"/service-bridge/1.11.x/tags",component:u("/service-bridge/1.11.x/tags","07d"),exact:!0},{path:"/service-bridge/1.11.x/tags/featured",component:u("/service-bridge/1.11.x/tags/featured","9bb"),exact:!0},{path:"/service-bridge/1.11.x/tags/tsb-concepts",component:u("/service-bridge/1.11.x/tags/tsb-concepts","d45"),exact:!0},{path:"/service-bridge/1.11.x/tags/tsb-quickstart",component:u("/service-bridge/1.11.x/tags/tsb-quickstart","409"),exact:!0},{path:"/service-bridge/1.11.x",component:u("/service-bridge/1.11.x","b6c"),routes:[{path:"/service-bridge/1.11.x/",component:u("/service-bridge/1.11.x/","2f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.11.x/category/working-with-tetrate-customer-support","f65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/",component:u("/service-bridge/1.11.x/cheatsheet/","0da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.11.x/cheatsheet/sheets/gateways-management","73f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.11.x/cheatsheet/sheets/kubectl","e05"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.11.x/cheatsheet/sheets/security-management","1d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.11.x/cheatsheet/sheets/tctl","a0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.11.x/cheatsheet/sheets/traffic-management","886"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.11.x/cheatsheet/sheets/tsb-concepts","ccb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.11.x/cheatsheet/sheets/tsb-quickstart","957"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.11.x/cheatsheet/sheets/tsb-terminology","79d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/",component:u("/service-bridge/1.11.x/concepts/","ec2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/architecture",component:u("/service-bridge/1.11.x/concepts/architecture","810"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/configuration-dataflow",component:u("/service-bridge/1.11.x/concepts/configuration-dataflow","494"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/configuration-inheritance",component:u("/service-bridge/1.11.x/concepts/configuration-inheritance","5a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/glossary",component:u("/service-bridge/1.11.x/concepts/glossary","c9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/observability",component:u("/service-bridge/1.11.x/concepts/observability","3ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/operators/",component:u("/service-bridge/1.11.x/concepts/operators/","146"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/operators/control-plane",component:u("/service-bridge/1.11.x/concepts/operators/control-plane","86b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/operators/data-plane",component:u("/service-bridge/1.11.x/concepts/operators/data-plane","e0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/operators/management-plane",component:u("/service-bridge/1.11.x/concepts/operators/management-plane","cca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/security",component:u("/service-bridge/1.11.x/concepts/security","4c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/service-mesh",component:u("/service-bridge/1.11.x/concepts/service-mesh","3f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/terminology",component:u("/service-bridge/1.11.x/concepts/terminology","22e"),exact:!0},{path:"/service-bridge/1.11.x/concepts/traffic-management",component:u("/service-bridge/1.11.x/concepts/traffic-management","4db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/concepts/tsb-and-istio",component:u("/service-bridge/1.11.x/concepts/tsb-and-istio","2cc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/",component:u("/service-bridge/1.11.x/design-guides/","5b9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/","3d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/cross-cluster","b4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/deploy-service","651"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/gateway-security","268"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/high-availability",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/high-availability","5c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/introduction",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/introduction","ed2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/monitor",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/monitor","b56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/prepare",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/prepare","7cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/promote-service",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/promote-service","b06"),exact:!0},{path:"/service-bridge/1.11.x/design-guides/app-onboarding/security",component:u("/service-bridge/1.11.x/design-guides/app-onboarding/security","8e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-dr-mp/",component:u("/service-bridge/1.11.x/design-guides/ha-dr-mp/","c73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-dr-mp/dr-managementplane",component:u("/service-bridge/1.11.x/design-guides/ha-dr-mp/dr-managementplane","110"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-dr-mp/ha-managementplane",component:u("/service-bridge/1.11.x/design-guides/ha-dr-mp/ha-managementplane","577"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/1.11.x/design-guides/ha-dr-mp/introduction","fc6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/1.11.x/design-guides/ha-dr-mp/scenarios","146"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/","895"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/cluster-failover","00a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/demo-1","320"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/demo-2","e5e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/edge-failover","0ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/introduction",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/introduction","897"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/design-guides/ha-multicluster/operations",component:u("/service-bridge/1.11.x/design-guides/ha-multicluster/operations","246"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto",component:u("/service-bridge/1.11.x/howto","017"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/authorization/",component:u("/service-bridge/1.11.x/howto/authorization/","d69"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.11.x/howto/authorization/ingress-gateway","855"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/authorization/sidecar",component:u("/service-bridge/1.11.x/howto/authorization/sidecar","135"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.11.x/howto/authorization/tier1-gateway","4e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/authorization/tls-verification",component:u("/service-bridge/1.11.x/howto/authorization/tls-verification","8ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway",component:u("/service-bridge/1.11.x/howto/gateway","f78"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/app-ingress",component:u("/service-bridge/1.11.x/howto/gateway/app-ingress","d61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.11.x/howto/gateway/application-gateway-with-openapi-annotations","9dc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.11.x/howto/gateway/configure-and-route-nonhttp-traffic","c2a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/configure-oidc",component:u("/service-bridge/1.11.x/howto/gateway/configure-oidc","aa0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.11.x/howto/gateway/distributed-ingress","84c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.11.x/howto/gateway/end-user-auth-keycloak","539"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/host-based-egress-access-control",component:u("/service-bridge/1.11.x/howto/gateway/host-based-egress-access-control","af4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/1.11.x/howto/gateway/https-with-proxy-protocol","7a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-failover-priority",component:u("/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-failover-priority","1de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","7c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","f5b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-shifting","6e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.11.x/howto/gateway/service-identity-propagation","c90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/shared-ingress",component:u("/service-bridge/1.11.x/howto/gateway/shared-ingress","ee0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.11.x/howto/gateway/subset-based-routing-using-igw-and-service-route","c11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/unified-gateway",component:u("/service-bridge/1.11.x/howto/gateway/unified-gateway","a68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gateway/unified-gateway-upgrade",component:u("/service-bridge/1.11.x/howto/gateway/unified-gateway-upgrade","8fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops",component:u("/service-bridge/1.11.x/howto/gitops","0d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.11.x/howto/gitops/argo-rollouts","e41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops/clusterrole",component:u("/service-bridge/1.11.x/howto/gitops/clusterrole","3ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops/flagger",component:u("/service-bridge/1.11.x/howto/gitops/flagger","954"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops/flux",component:u("/service-bridge/1.11.x/howto/gitops/flux","0c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/gitops/gitops",component:u("/service-bridge/1.11.x/howto/gitops/gitops","ce6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.11.x/howto/hpa-using-skywalking","dc5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/network-policies",component:u("/service-bridge/1.11.x/howto/network-policies","d21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/promql-using-skywalking",component:u("/service-bridge/1.11.x/howto/promql-using-skywalking","02a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/",component:u("/service-bridge/1.11.x/howto/rate-limiting/","ac1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.11.x/howto/rate-limiting/external-rate-limiting","edd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.11.x/howto/rate-limiting/ingress-gateway","2a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.11.x/howto/rate-limiting/internal-rate-limiting","01b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.11.x/howto/rate-limiting/service-to-service","eb3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.11.x/howto/rate-limiting/tier1-gateway","c61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.11.x/howto/rate-limiting/tls-validation","bf7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/security-domains",component:u("/service-bridge/1.11.x/howto/security-domains","aa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/service-accounts",component:u("/service-bridge/1.11.x/howto/service-accounts","9c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic",component:u("/service-bridge/1.11.x/howto/traffic","9c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/canary-releases",component:u("/service-bridge/1.11.x/howto/traffic/canary-releases","911"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.11.x/howto/traffic/configure-multi-port-service-route","d20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/gateway-mtls",component:u("/service-bridge/1.11.x/howto/traffic/gateway-mtls","839"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/load-balance",component:u("/service-bridge/1.11.x/howto/traffic/load-balance","ab9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.11.x/howto/traffic/migrating-VM-monoliths","7f9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.11.x/howto/traffic/splitting-service-traffic-between-k8s-vms","19c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/waf",component:u("/service-bridge/1.11.x/howto/waf","4e9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/wasm",component:u("/service-bridge/1.11.x/howto/wasm","4e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.11.x/howto/wasm/wasm-extension","919"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.11.x/howto/wasm/wasm-overview","782"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/wasm/wasm-proxy",component:u("/service-bridge/1.11.x/howto/wasm/wasm-proxy","c6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/howto/wasm/wasm-try",component:u("/service-bridge/1.11.x/howto/wasm/wasm-try","627"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/knowledge-base",component:u("/service-bridge/1.11.x/knowledge-base","755"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/knowledge-base/faq",component:u("/service-bridge/1.11.x/knowledge-base/faq","039"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/knowledge-base/gitops",component:u("/service-bridge/1.11.x/knowledge-base/gitops","4ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations",component:u("/service-bridge/1.11.x/operations","43e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/configuration-promotion",component:u("/service-bridge/1.11.x/operations/configuration-promotion","ade"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/configure-log-levels",component:u("/service-bridge/1.11.x/operations/configure-log-levels","b42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/elasticsearch",component:u("/service-bridge/1.11.x/operations/elasticsearch","c4d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.11.x/operations/elasticsearch/elasticsearch-role","fb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.11.x/operations/elasticsearch/wipe-elastic","a0e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features",component:u("/service-bridge/1.11.x/operations/features","a15"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.11.x/operations/features/configure-cluster-external-addresses","e2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/configure-gitops",component:u("/service-bridge/1.11.x/operations/features/configure-gitops","827"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/deletion-protection",component:u("/service-bridge/1.11.x/operations/features/deletion-protection","5b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.11.x/operations/features/edge-dns-resolution","83b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/enable-config-protection",component:u("/service-bridge/1.11.x/operations/features/enable-config-protection","6f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.11.x/operations/features/gateway-deletion-webhook","6a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/internal-wasm-extensions",component:u("/service-bridge/1.11.x/operations/features/internal-wasm-extensions","b35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/istio-cni",component:u("/service-bridge/1.11.x/operations/features/istio-cni","534"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/label-annotation",component:u("/service-bridge/1.11.x/operations/features/label-annotation","d11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/streaming-log",component:u("/service-bridge/1.11.x/operations/features/streaming-log","a9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.11.x/operations/features/tier1-in-app-cluster","d7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/1.11.x/operations/features/tls-origin-multi-cluster","0dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/graceful-connection-drain",component:u("/service-bridge/1.11.x/operations/graceful-connection-drain","848"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/kube-customization",component:u("/service-bridge/1.11.x/operations/kube-customization","5e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/lower-istio-resources",component:u("/service-bridge/1.11.x/operations/lower-istio-resources","3b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/migrate-organization",component:u("/service-bridge/1.11.x/operations/migrate-organization","f98"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/multiple-iam-keys",component:u("/service-bridge/1.11.x/operations/multiple-iam-keys","5e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/postgresql",component:u("/service-bridge/1.11.x/operations/postgresql","217"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/postgresql/auditlog-retention",component:u("/service-bridge/1.11.x/operations/postgresql/auditlog-retention","8d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/postgresql/azure-credentials",component:u("/service-bridge/1.11.x/operations/postgresql/azure-credentials","18b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/postgresql/backup-and-restore",component:u("/service-bridge/1.11.x/operations/postgresql/backup-and-restore","6f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/postgresql/managing-kubegres",component:u("/service-bridge/1.11.x/operations/postgresql/managing-kubegres","21a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry",component:u("/service-bridge/1.11.x/operations/telemetry","5ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.11.x/operations/telemetry/alerting-guidelines","aee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.11.x/operations/telemetry/distributed-tracing","356"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.11.x/operations/telemetry/key-metrics","24b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/new-relic",component:u("/service-bridge/1.11.x/operations/telemetry/new-relic","5a7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.11.x/operations/telemetry/red-metrics","1ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.11.x/operations/telemetry/telemetry-architecture","1ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users",component:u("/service-bridge/1.11.x/operations/users","b1c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/admin-password",component:u("/service-bridge/1.11.x/operations/users/admin-password","006"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/configuring-ldap",component:u("/service-bridge/1.11.x/operations/users/configuring-ldap","087"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/new-user-local-idp",component:u("/service-bridge/1.11.x/operations/users/new-user-local-idp","9bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/oidc-azure",component:u("/service-bridge/1.11.x/operations/users/oidc-azure","a74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/tsb-fqns",component:u("/service-bridge/1.11.x/operations/users/tsb-fqns","41a"),exact:!0},{path:"/service-bridge/1.11.x/operations/users/user-synchronization",component:u("/service-bridge/1.11.x/operations/users/user-synchronization","b07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/users/users-roles-and-permissions",component:u("/service-bridge/1.11.x/operations/users/users-roles-and-permissions","5cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/vault",component:u("/service-bridge/1.11.x/operations/vault","89e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/vault/elasticsearch",component:u("/service-bridge/1.11.x/operations/vault/elasticsearch","1b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/vault/istiod-ca",component:u("/service-bridge/1.11.x/operations/vault/istiod-ca","82f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/operations/vault/postgresql",component:u("/service-bridge/1.11.x/operations/vault/postgresql","daa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart",component:u("/service-bridge/1.11.x/quickstart","502"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/apps",component:u("/service-bridge/1.11.x/quickstart/apps","9d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/config-groups",component:u("/service-bridge/1.11.x/quickstart/config-groups","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.11.x/quickstart/deploy-sample-app","4bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/ingress-gateway",component:u("/service-bridge/1.11.x/quickstart/ingress-gateway","b68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/introduction",component:u("/service-bridge/1.11.x/quickstart/introduction","c44"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/observability",component:u("/service-bridge/1.11.x/quickstart/observability","9fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/permissions",component:u("/service-bridge/1.11.x/quickstart/permissions","c07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/security",component:u("/service-bridge/1.11.x/quickstart/security","696"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/tenant",component:u("/service-bridge/1.11.x/quickstart/tenant","241"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/traffic-shifting",component:u("/service-bridge/1.11.x/quickstart/traffic-shifting","fdd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/quickstart/workspace",component:u("/service-bridge/1.11.x/quickstart/workspace","c9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference",component:u("/service-bridge/1.11.x/reference","d5c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli",component:u("/service-bridge/1.11.x/reference/cli","d7b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/guide/index",component:u("/service-bridge/1.11.x/reference/cli/guide/index","0cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/guide/toc",component:u("/service-bridge/1.11.x/reference/cli/guide/toc","e49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference",component:u("/service-bridge/1.11.x/reference/cli/reference","f6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/apply",component:u("/service-bridge/1.11.x/reference/cli/reference/apply","2ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/audit",component:u("/service-bridge/1.11.x/reference/cli/reference/audit","854"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/collect",component:u("/service-bridge/1.11.x/reference/cli/reference/collect","56e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/completion",component:u("/service-bridge/1.11.x/reference/cli/reference/completion","177"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/config",component:u("/service-bridge/1.11.x/reference/cli/reference/config","3da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/debug",component:u("/service-bridge/1.11.x/reference/cli/reference/debug","937"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/delete",component:u("/service-bridge/1.11.x/reference/cli/reference/delete","d7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/edit",component:u("/service-bridge/1.11.x/reference/cli/reference/edit","55f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/experimental",component:u("/service-bridge/1.11.x/reference/cli/reference/experimental","edf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/get",component:u("/service-bridge/1.11.x/reference/cli/reference/get","289"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/index",component:u("/service-bridge/1.11.x/reference/cli/reference/index","da0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/install",component:u("/service-bridge/1.11.x/reference/cli/reference/install","598"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/login",component:u("/service-bridge/1.11.x/reference/cli/reference/login","958"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/service-account",component:u("/service-bridge/1.11.x/reference/cli/reference/service-account","02b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/status",component:u("/service-bridge/1.11.x/reference/cli/reference/status","e81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/ui",component:u("/service-bridge/1.11.x/reference/cli/reference/ui","993"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/validate",component:u("/service-bridge/1.11.x/reference/cli/reference/validate","b17"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/version",component:u("/service-bridge/1.11.x/reference/cli/reference/version","aa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/whoami",component:u("/service-bridge/1.11.x/reference/cli/reference/whoami","ee4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.11.x/reference/cli/reference/workload-entry-annotations","97b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/grpc-api",component:u("/service-bridge/1.11.x/reference/grpc-api","800"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/grpc-api/guide",component:u("/service-bridge/1.11.x/reference/grpc-api/guide","23a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/grpc-api/reference",component:u("/service-bridge/1.11.x/reference/grpc-api/reference","932"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api",component:u("/service-bridge/1.11.x/reference/k8s-api","b9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/guide",component:u("/service-bridge/1.11.x/reference/k8s-api/guide","8e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen","48c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","065"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","979"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","163"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","d7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","b86"),exact:!0},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","335"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","c61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","70e"),exact:!0},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","150"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","5a6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","a01"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","5a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","a42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","296"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","768"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","e39"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","952"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","c65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","268"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","49a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","e90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","8d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/operators",component:u("/service-bridge/1.11.x/reference/operators","025"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/rest-api/guide",component:u("/service-bridge/1.11.x/reference/rest-api/guide","561"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/samples",component:u("/service-bridge/1.11.x/reference/samples","7fa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/samples/httpbin",component:u("/service-bridge/1.11.x/reference/samples/httpbin","358"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/samples/opa",component:u("/service-bridge/1.11.x/reference/samples/opa","5e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/samples/sleep-service",component:u("/service-bridge/1.11.x/reference/samples/sleep-service","a1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/workload-onboarding",component:u("/service-bridge/1.11.x/reference/workload-onboarding","637"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.11.x/reference/workload-onboarding/onboarding-agent","1b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.11.x/reference/workload-onboarding/onboarding-authorization","206"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.11.x/reference/workload-onboarding/onboarding-runtime","849"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/yaml-api",component:u("/service-bridge/1.11.x/reference/yaml-api","8d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/yaml-api/guide",component:u("/service-bridge/1.11.x/reference/yaml-api/guide","4ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/reference/yaml-api/reference",component:u("/service-bridge/1.11.x/reference/yaml-api/reference","611"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/audit/v1/audit",component:u("/service-bridge/1.11.x/refs/audit/v1/audit","18f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/audit/v1/grpc",component:u("/service-bridge/1.11.x/refs/audit/v1/grpc","138"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/iam/v2/grpc",component:u("/service-bridge/1.11.x/refs/iam/v2/grpc","4ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.11.x/refs/iam/v2/oauth_service","1da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.11.x/refs/iam/v2/oidc_service","911"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install",component:u("/service-bridge/1.11.x/refs/install","0e9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install/common/common_config",component:u("/service-bridge/1.11.x/refs/install/common/common_config","0eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.11.x/refs/install/controlplane/v1alpha1/spec","6fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.11.x/refs/install/dataplane/v1alpha1/spec","845"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.11.x/refs/install/kubernetes/k8s","57d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.11.x/refs/install/managementplane/v1alpha1/spec","452"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","e5c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","ad2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.11.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","f4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.11.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","31b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.11.x/refs/onboarding/config/authorization/v1alpha1/policy","69d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","ef6"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/workload_configuration","fae"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.11.x/refs/onboarding/config/runtime/v1alpha1/registration","319"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/config/v1alpha1/transport_security","6b8"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/condition","a61"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","6eb"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","a1a"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","7bc"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/identity/v1alpha1/identity","d71"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","7a6"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/registration","09d"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","a48"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","57f"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","755"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","353"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","4c5"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/plane/generator/v1alpha1/version",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/plane/generator/v1alpha1/version","076"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token",component:u("/service-bridge/1.11.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","aaa"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/install/v1alpha1/spec",component:u("/service-bridge/1.11.x/refs/onboarding/private/install/v1alpha1/spec","2d4"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","f07"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","7bb"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service","c51"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/protocol/session/v1alpha1/session_service",component:u("/service-bridge/1.11.x/refs/onboarding/private/protocol/session/v1alpha1/session_service","4da"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/config/v1alpha1/transport_security","4c2"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2","531"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts","999"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","116"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/discovery/v1alpha1/discovery",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/discovery/v1alpha1/discovery","651"),exact:!0},{path:"/service-bridge/1.11.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration",component:u("/service-bridge/1.11.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration","f37"),exact:!0},{path:"/service-bridge/1.11.x/refs/private/iam/v1/iam",component:u("/service-bridge/1.11.x/refs/private/iam/v1/iam","2d1"),exact:!0},{path:"/service-bridge/1.11.x/refs/test/v1/echo",component:u("/service-bridge/1.11.x/refs/test/v1/echo","d8f"),exact:!0},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/api","9a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/application","fe0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/application_service","f61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/grpc","9cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/openapi_extensions","df3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/application/v2/yaml","a01"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.11.x/refs/tsb/auth/v2/auth","bee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/auth/v2/yaml","182"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/dashboard/v1/dashboard_service",component:u("/service-bridge/1.11.x/refs/tsb/dashboard/v1/dashboard_service","421"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/dashboard/v1/grpc",component:u("/service-bridge/1.11.x/refs/tsb/dashboard/v1/grpc","761"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/diagnostic_service",component:u("/service-bridge/1.11.x/refs/tsb/diagnostic/v2/diagnostic_service","e54"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/diagnostic/v2/grpc","ed5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/extension/v2/grpc","df7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_extension","ce9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_service","31b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/extension/v2/yaml","991"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/auth","b7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/eastwest_gateway","aed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/egress_gateway","9e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway","751"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_common","86f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_group","9f9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_service","878"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/grpc","e21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/ingress_gateway","ec0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/istio_gateway_direct","f43"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/tier1_gateway","9a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/gateway/v2/yaml","662"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/istiointernal/v2/grpc","f43"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_internal_group","dc6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","e9e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istiointernal_service","f86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/istiointernal/v2/yaml","f14"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/grpc","d97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric","684"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric_service","021"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source","c11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source_service","4d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/yaml","106"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/profile/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/profile/v2/grpc","6a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/profile/v2/profile",component:u("/service-bridge/1.11.x/refs/tsb/profile/v2/profile","d49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/profile/v2/profile_service",component:u("/service-bridge/1.11.x/refs/tsb/profile/v2/profile_service","fe7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/profile/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/profile/v2/yaml","a25"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.11.x/refs/tsb/q/v2/approvals_service","c62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/q/v2/grpc","e97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.11.x/refs/tsb/q/v2/permissions_service","2a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/access_bindings","ed4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/api_access_bindings","83e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/application_access_bindings","b23"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/binding","aeb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/gateway_access_bindings","61d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/grpc","dbf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/istio_internal_access_bindings","5e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/organization_access_bindings","d56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/permissions","59a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/policy_service","9c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/role","d3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/role_service","53c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/security_access_bindings","147"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/tenant_access_bindings","23c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/traffic_access_bindings","717"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/workspace_access_bindings","232"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/rbac/v2/yaml","dde"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/registry/v2/grpc","422"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.11.x/refs/tsb/registry/v2/lookup_service","652"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.11.x/refs/tsb/registry/v2/registration_service","a6a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.11.x/refs/tsb/registry/v2/service","a17"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/registry/v2/yaml","832"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/grpc","7ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/istio_security_direct","e22"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/security_group","4cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/security_service","570"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/security_setting","2bc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/service_security_setting","a6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/waf_settings","053"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/security/v2/yaml","201"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/grpc",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/grpc","dbb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/membership",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/membership","b47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/policy",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/policy","9cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/rules",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/rules","86a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/service",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/service","2d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/segmentation/v1/yaml",component:u("/service-bridge/1.11.x/refs/tsb/segmentation/v1/yaml","a5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/grpc","385"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/istio_traffic_direct","8b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/service_route","15f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_traffic_setting",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/service_traffic_setting","60b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_group","fb9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_service","512"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_setting","c50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/traffic/v2/yaml","8ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.11.x/refs/tsb/types/v2/types","726"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/types/v2/yaml","6f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.11.x/refs/tsb/v2/cluster","f91"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/cluster_service","b2c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.11.x/refs/tsb/v2/grpc","0bc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/info",component:u("/service-bridge/1.11.x/refs/tsb/v2/info","f07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/organization",component:u("/service-bridge/1.11.x/refs/tsb/v2/organization","662"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/organization_service","ffb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.11.x/refs/tsb/v2/organization_setting","35c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/status",component:u("/service-bridge/1.11.x/refs/tsb/v2/status","b8b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/status_service","be6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/team",component:u("/service-bridge/1.11.x/refs/tsb/v2/team","61e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/team_service","6b9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.11.x/refs/tsb/v2/tenant","393"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/tenant_service","8a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.11.x/refs/tsb/v2/tenant_setting","835"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.11.x/refs/tsb/v2/workspace","085"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.11.x/refs/tsb/v2/workspace_service","be8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.11.x/refs/tsb/v2/workspace_setting","738"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.11.x/refs/tsb/v2/yaml","a7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/release-notes",component:u("/service-bridge/1.11.x/release-notes","e72"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/release-notes-announcements",component:u("/service-bridge/1.11.x/release-notes-announcements","801"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/release-notes-announcements/announcement",component:u("/service-bridge/1.11.x/release-notes-announcements/announcement","5da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.11.x/release-notes-announcements/feature-status","9bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.11.x/release-notes-announcements/support-policy","a36"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup",component:u("/service-bridge/1.11.x/setup","38d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/aws",component:u("/service-bridge/1.11.x/setup/aws","3f8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/aws/container-marketplace",component:u("/service-bridge/1.11.x/setup/aws/container-marketplace","761"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/aws/vpc",component:u("/service-bridge/1.11.x/setup/aws/vpc","92d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/certificate",component:u("/service-bridge/1.11.x/setup/certificate","0e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/certificate/automated-certificate-management",component:u("/service-bridge/1.11.x/setup/certificate/automated-certificate-management","57d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.11.x/setup/certificate/certificate-requirements","cb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.11.x/setup/certificate/certificate-setup","f1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/components",component:u("/service-bridge/1.11.x/setup/components","a5c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/fips",component:u("/service-bridge/1.11.x/setup/fips","6aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/firewall-information",component:u("/service-bridge/1.11.x/setup/firewall-information","e8d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/",component:u("/service-bridge/1.11.x/setup/helm/","a8c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/controlplane",component:u("/service-bridge/1.11.x/setup/helm/controlplane","ca2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/dataplane",component:u("/service-bridge/1.11.x/setup/helm/dataplane","603"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/helm",component:u("/service-bridge/1.11.x/setup/helm/helm","a7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/managementplane",component:u("/service-bridge/1.11.x/setup/helm/managementplane","982"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/uninstallation",component:u("/service-bridge/1.11.x/setup/helm/uninstallation","b1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/helm/upgrade",component:u("/service-bridge/1.11.x/setup/helm/upgrade","c54"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/isolation-boundaries",component:u("/service-bridge/1.11.x/setup/isolation-boundaries","bb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/isolation-boundaries-installation",component:u("/service-bridge/1.11.x/setup/isolation-boundaries-installation","235"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.11.x/setup/migrate-tctl-to-helm","d64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/remote-registry",component:u("/service-bridge/1.11.x/setup/remote-registry","bba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/requirements-and-download",component:u("/service-bridge/1.11.x/setup/requirements-and-download","9c0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/resource-planning",component:u("/service-bridge/1.11.x/setup/resource-planning","39b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/security-context",component:u("/service-bridge/1.11.x/setup/security-context","d0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/",component:u("/service-bridge/1.11.x/setup/self-managed/","b2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.11.x/setup/self-managed/demo-installation","0a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.11.x/setup/self-managed/management-plane-installation","31a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.11.x/setup/self-managed/onboarding-clusters","00a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.11.x/setup/self-managed/uninstallation","737"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/self-managed/upgrade",component:u("/service-bridge/1.11.x/setup/self-managed/upgrade","b24"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/tctl-connect",component:u("/service-bridge/1.11.x/setup/tctl-connect","0b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrade-best-practices",component:u("/service-bridge/1.11.x/setup/upgrade-best-practices","ce6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrades",component:u("/service-bridge/1.11.x/setup/upgrades","d86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.11.x/setup/upgrades/cni-upgrade","c35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.11.x/setup/upgrades/gateway-upgrade","bb9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.11.x/setup/upgrades/non-revisioned-to-revisioned","839"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.11.x/setup/upgrades/revisioned-to-revisioned","adc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding","a36"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/","3d7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/ecs-workloads","fd4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/managing","c93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/on-premise-workloads","bfc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/onboarding","678"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/overview","151"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/setup","4f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.11.x/setup/workload-onboarding/guides/troubleshooting","5de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.11.x/setup/workload-onboarding/onboarding-vms","c4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart","cb7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/","976"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","fcf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","e56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","117"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","0b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","7bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","556"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/","77e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","0c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","e2b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/","e58"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","698"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","573"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","e3e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting",component:u("/service-bridge/1.11.x/troubleshooting","ada"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.11.x/troubleshooting/cluster-onboarding","25d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/configuration-status",component:u("/service-bridge/1.11.x/troubleshooting/configuration-status","1f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.11.x/troubleshooting/gateway-troubleshooting","14b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.11.x/troubleshooting/identify-underperforming-services","09a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.11.x/troubleshooting/Maximum-header-size-exceed","355"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.11.x/troubleshooting/Multiple-Transfer-encoding-chunked","264"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/proxy-tools",component:u("/service-bridge/1.11.x/troubleshooting/proxy-tools","309"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.11.x/troubleshooting/troubleshooting","68d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.11.x/troubleshooting/tsb-ui-metrics","27a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.11.x/workingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.11.x/workingwithsupport/workingWithTetrateSupport","8cd"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/1.6.x",component:u("/service-bridge/1.6.x","1fb"),routes:[{path:"/service-bridge/1.6.x/tags",component:u("/service-bridge/1.6.x/tags","a1c"),exact:!0},{path:"/service-bridge/1.6.x/tags/featured",component:u("/service-bridge/1.6.x/tags/featured","a02"),exact:!0},{path:"/service-bridge/1.6.x/tags/tsb-concepts",component:u("/service-bridge/1.6.x/tags/tsb-concepts","dfc"),exact:!0},{path:"/service-bridge/1.6.x/tags/tsb-quickstart",component:u("/service-bridge/1.6.x/tags/tsb-quickstart","3e0"),exact:!0},{path:"/service-bridge/1.6.x",component:u("/service-bridge/1.6.x","e30"),routes:[{path:"/service-bridge/1.6.x/",component:u("/service-bridge/1.6.x/","2fa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.6.x/category/working-with-tetrate-customer-support","6d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/",component:u("/service-bridge/1.6.x/cheatsheet/","96c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.6.x/cheatsheet/sheets/gateways-management","f74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.6.x/cheatsheet/sheets/kubectl","c48"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.6.x/cheatsheet/sheets/security-management","8a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.6.x/cheatsheet/sheets/tctl","a69"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.6.x/cheatsheet/sheets/traffic-management","2e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.6.x/cheatsheet/sheets/tsb-concepts","cd7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.6.x/cheatsheet/sheets/tsb-quickstart","6c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.6.x/cheatsheet/sheets/tsb-terminology","bd8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/",component:u("/service-bridge/1.6.x/concepts/","75e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/architecture",component:u("/service-bridge/1.6.x/concepts/architecture","095"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/configuration-dataflow",component:u("/service-bridge/1.6.x/concepts/configuration-dataflow","ce9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/observability",component:u("/service-bridge/1.6.x/concepts/observability","d47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/operators/",component:u("/service-bridge/1.6.x/concepts/operators/","915"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/operators/control-plane",component:u("/service-bridge/1.6.x/concepts/operators/control-plane","67f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/operators/data-plane",component:u("/service-bridge/1.6.x/concepts/operators/data-plane","2ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/operators/management-plane",component:u("/service-bridge/1.6.x/concepts/operators/management-plane","a0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/security",component:u("/service-bridge/1.6.x/concepts/security","7d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/service-mesh",component:u("/service-bridge/1.6.x/concepts/service-mesh","f32"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/terminology",component:u("/service-bridge/1.6.x/concepts/terminology","fae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/concepts/traffic-management",component:u("/service-bridge/1.6.x/concepts/traffic-management","aa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/design-guides/dr-mp",component:u("/service-bridge/1.6.x/design-guides/dr-mp","bd9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/design-guides/dr-mp/dr-managementplane",component:u("/service-bridge/1.6.x/design-guides/dr-mp/dr-managementplane","973"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto",component:u("/service-bridge/1.6.x/howto","31f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/authorization/",component:u("/service-bridge/1.6.x/howto/authorization/","3c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.6.x/howto/authorization/ingress-gateway","118"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/authorization/sidecar",component:u("/service-bridge/1.6.x/howto/authorization/sidecar","aa3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.6.x/howto/authorization/tier1-gateway","2fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/authorization/tls-verification",component:u("/service-bridge/1.6.x/howto/authorization/tls-verification","239"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway",component:u("/service-bridge/1.6.x/howto/gateway","16d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/app-ingress",component:u("/service-bridge/1.6.x/howto/gateway/app-ingress","723"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.6.x/howto/gateway/application-gateway-with-openapi-annotations","a45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.6.x/howto/gateway/configure-and-route-nonhttp-traffic","a55"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.6.x/howto/gateway/distributed-ingress","565"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/egress-gateways",component:u("/service-bridge/1.6.x/howto/gateway/egress-gateways","b86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.6.x/howto/gateway/end-user-auth-keycloak","cfe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","a92"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","ac8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-shifting","c5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.6.x/howto/gateway/service-identity-propagation","1fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.6.x/howto/gateway/subset-based-routing-using-igw-and-service-route","ab9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gitops",component:u("/service-bridge/1.6.x/howto/gitops","1a6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.6.x/howto/gitops/argo-rollouts","810"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gitops/flux",component:u("/service-bridge/1.6.x/howto/gitops/flux","b8f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/gitops/gitops",component:u("/service-bridge/1.6.x/howto/gitops/gitops","742"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.6.x/howto/hpa-using-skywalking","c8d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/",component:u("/service-bridge/1.6.x/howto/rate-limiting/","314"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.6.x/howto/rate-limiting/external-rate-limiting","026"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.6.x/howto/rate-limiting/ingress-gateway","5ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.6.x/howto/rate-limiting/internal-rate-limiting","25c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.6.x/howto/rate-limiting/service-to-service","df9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.6.x/howto/rate-limiting/tier1-gateway","a74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.6.x/howto/rate-limiting/tls-validation","fda"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/security-domains",component:u("/service-bridge/1.6.x/howto/security-domains","642"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/service-accounts",component:u("/service-bridge/1.6.x/howto/service-accounts","0f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic",component:u("/service-bridge/1.6.x/howto/traffic","053"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/canary-releases",component:u("/service-bridge/1.6.x/howto/traffic/canary-releases","85d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.6.x/howto/traffic/configure-multi-port-service-route","dbc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/external-site-https",component:u("/service-bridge/1.6.x/howto/traffic/external-site-https","b06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/load-balance",component:u("/service-bridge/1.6.x/howto/traffic/load-balance","e86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.6.x/howto/traffic/migrating-VM-monoliths","60d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms","d3c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/waf",component:u("/service-bridge/1.6.x/howto/waf","c38"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/wasm",component:u("/service-bridge/1.6.x/howto/wasm","3dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.6.x/howto/wasm/wasm-extension","cfe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.6.x/howto/wasm/wasm-overview","2b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/howto/wasm/wasm-try",component:u("/service-bridge/1.6.x/howto/wasm/wasm-try","f68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/knowledge-base",component:u("/service-bridge/1.6.x/knowledge-base","0e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/knowledge-base/faq",component:u("/service-bridge/1.6.x/knowledge-base/faq","63a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/knowledge-base/gitops",component:u("/service-bridge/1.6.x/knowledge-base/gitops","f9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations",component:u("/service-bridge/1.6.x/operations","f7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/configuration-promotion",component:u("/service-bridge/1.6.x/operations/configuration-promotion","45a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/configure-log-levels",component:u("/service-bridge/1.6.x/operations/configure-log-levels","e16"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/elasticsearch",component:u("/service-bridge/1.6.x/operations/elasticsearch","28e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.6.x/operations/elasticsearch/elasticsearch-role","b62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.6.x/operations/elasticsearch/wipe-elastic","b56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features",component:u("/service-bridge/1.6.x/operations/features","6ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.6.x/operations/features/configure-cluster-external-addresses","4c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/configure-gitops",component:u("/service-bridge/1.6.x/operations/features/configure-gitops","07d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/eastwest-routing",component:u("/service-bridge/1.6.x/operations/features/eastwest-routing","c7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.6.x/operations/features/edge-dns-resolution","bd5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/enable-config-protection",component:u("/service-bridge/1.6.x/operations/features/enable-config-protection","e65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.6.x/operations/features/gateway-deletion-webhook","7fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/istio-cni",component:u("/service-bridge/1.6.x/operations/features/istio-cni","bed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/streaming-log",component:u("/service-bridge/1.6.x/operations/features/streaming-log","d61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.6.x/operations/features/tier1-in-app-cluster","d37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/graceful-connection-drain",component:u("/service-bridge/1.6.x/operations/graceful-connection-drain","cf1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/kube-customization",component:u("/service-bridge/1.6.x/operations/kube-customization","158"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/lower-istio-resources",component:u("/service-bridge/1.6.x/operations/lower-istio-resources","75d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/migrate-organization",component:u("/service-bridge/1.6.x/operations/migrate-organization","8db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/multiple-iam-keys",component:u("/service-bridge/1.6.x/operations/multiple-iam-keys","7c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/postgresql",component:u("/service-bridge/1.6.x/operations/postgresql","388"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry",component:u("/service-bridge/1.6.x/operations/telemetry","96b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.6.x/operations/telemetry/alerting-guidelines","de2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.6.x/operations/telemetry/distributed-tracing","a46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.6.x/operations/telemetry/key-metrics","e6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.6.x/operations/telemetry/red-metrics","5c0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.6.x/operations/telemetry/telemetry-architecture","ec2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users",component:u("/service-bridge/1.6.x/operations/users","941"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users/admin-password",component:u("/service-bridge/1.6.x/operations/users/admin-password","b7d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users/configuring-ldap",component:u("/service-bridge/1.6.x/operations/users/configuring-ldap","9ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users/oidc-azure",component:u("/service-bridge/1.6.x/operations/users/oidc-azure","a2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users/roles-and-permissions",component:u("/service-bridge/1.6.x/operations/users/roles-and-permissions","019"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/users/user-synchronization",component:u("/service-bridge/1.6.x/operations/users/user-synchronization","354"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/vault",component:u("/service-bridge/1.6.x/operations/vault","749"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/vault/elasticsearch",component:u("/service-bridge/1.6.x/operations/vault/elasticsearch","095"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/vault/istiod-ca",component:u("/service-bridge/1.6.x/operations/vault/istiod-ca","844"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/vault/postgresql",component:u("/service-bridge/1.6.x/operations/vault/postgresql","cd9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/operations/xcp-to-edge-jwt-authentication",component:u("/service-bridge/1.6.x/operations/xcp-to-edge-jwt-authentication","d41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart",component:u("/service-bridge/1.6.x/quickstart","df3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/apps",component:u("/service-bridge/1.6.x/quickstart/apps","a4a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/config-groups",component:u("/service-bridge/1.6.x/quickstart/config-groups","57a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.6.x/quickstart/deploy-sample-app","c49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/ingress-gateway",component:u("/service-bridge/1.6.x/quickstart/ingress-gateway","a85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/introduction",component:u("/service-bridge/1.6.x/quickstart/introduction","968"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/observability",component:u("/service-bridge/1.6.x/quickstart/observability","ada"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/permissions",component:u("/service-bridge/1.6.x/quickstart/permissions","9c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/security",component:u("/service-bridge/1.6.x/quickstart/security","7be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/tenant",component:u("/service-bridge/1.6.x/quickstart/tenant","e8c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/traffic-shifting",component:u("/service-bridge/1.6.x/quickstart/traffic-shifting","ff5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/quickstart/workspace",component:u("/service-bridge/1.6.x/quickstart/workspace","112"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference",component:u("/service-bridge/1.6.x/reference","f9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli",component:u("/service-bridge/1.6.x/reference/cli","9d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/guide/index",component:u("/service-bridge/1.6.x/reference/cli/guide/index","1f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/guide/toc",component:u("/service-bridge/1.6.x/reference/cli/guide/toc","a3e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference",component:u("/service-bridge/1.6.x/reference/cli/reference","b87"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/apply",component:u("/service-bridge/1.6.x/reference/cli/reference/apply","b44"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/collect",component:u("/service-bridge/1.6.x/reference/cli/reference/collect","d02"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/completion",component:u("/service-bridge/1.6.x/reference/cli/reference/completion","d5c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/config",component:u("/service-bridge/1.6.x/reference/cli/reference/config","78e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/delete",component:u("/service-bridge/1.6.x/reference/cli/reference/delete","90b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/edit",component:u("/service-bridge/1.6.x/reference/cli/reference/edit","ec1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/experimental",component:u("/service-bridge/1.6.x/reference/cli/reference/experimental","dc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/get",component:u("/service-bridge/1.6.x/reference/cli/reference/get","a19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/index",component:u("/service-bridge/1.6.x/reference/cli/reference/index","f1e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/install",component:u("/service-bridge/1.6.x/reference/cli/reference/install","f78"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/login",component:u("/service-bridge/1.6.x/reference/cli/reference/login","e8c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/ui",component:u("/service-bridge/1.6.x/reference/cli/reference/ui","7ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/validate",component:u("/service-bridge/1.6.x/reference/cli/reference/validate","022"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/version",component:u("/service-bridge/1.6.x/reference/cli/reference/version","364"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.6.x/reference/cli/reference/workload-entry-annotations","c30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/grpc-api",component:u("/service-bridge/1.6.x/reference/grpc-api","2ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/grpc-api/guide",component:u("/service-bridge/1.6.x/reference/grpc-api/guide","22b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/grpc-api/reference",component:u("/service-bridge/1.6.x/reference/grpc-api/reference","ae1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/k8s-api",component:u("/service-bridge/1.6.x/reference/k8s-api","06c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/k8s-api/guide",component:u("/service-bridge/1.6.x/reference/k8s-api/guide","57e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","78d"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","481"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","139"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","5e1"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","d21"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","853"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","eb5"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","1d2"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","964"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","064"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","0b4"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","12c"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","d3b"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","07c"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","8b9"),exact:!0},{path:"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","226"),exact:!0},{path:"/service-bridge/1.6.x/reference/operators",component:u("/service-bridge/1.6.x/reference/operators","793"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/rest-api/guide",component:u("/service-bridge/1.6.x/reference/rest-api/guide","09b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/samples",component:u("/service-bridge/1.6.x/reference/samples","018"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/samples/httpbin",component:u("/service-bridge/1.6.x/reference/samples/httpbin","fd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/samples/opa",component:u("/service-bridge/1.6.x/reference/samples/opa","23f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/samples/sleep-service",component:u("/service-bridge/1.6.x/reference/samples/sleep-service","615"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/workload-onboarding",component:u("/service-bridge/1.6.x/reference/workload-onboarding","e4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.6.x/reference/workload-onboarding/onboarding-agent","389"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.6.x/reference/workload-onboarding/onboarding-authorization","008"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.6.x/reference/workload-onboarding/onboarding-runtime","de4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/yaml-api",component:u("/service-bridge/1.6.x/reference/yaml-api","28e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/yaml-api/guide",component:u("/service-bridge/1.6.x/reference/yaml-api/guide","8fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/reference/yaml-api/reference",component:u("/service-bridge/1.6.x/reference/yaml-api/reference","256"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/audit/v1/audit",component:u("/service-bridge/1.6.x/refs/audit/v1/audit","252"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/audit/v1/grpc",component:u("/service-bridge/1.6.x/refs/audit/v1/grpc","954"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/iam/v2/grpc",component:u("/service-bridge/1.6.x/refs/iam/v2/grpc","874"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.6.x/refs/iam/v2/oauth_service","72c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.6.x/refs/iam/v2/oidc_service","684"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install",component:u("/service-bridge/1.6.x/refs/install","490"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install/common/common_config",component:u("/service-bridge/1.6.x/refs/install/common/common_config","39d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.6.x/refs/install/controlplane/v1alpha1/spec","23f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.6.x/refs/install/dataplane/v1alpha1/spec","beb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.6.x/refs/install/kubernetes/k8s","4be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.6.x/refs/install/managementplane/v1alpha1/spec","9c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/istio.io/api/operator/v1alpha1/operator",component:u("/service-bridge/1.6.x/refs/istio.io/api/operator/v1alpha1/operator","36a"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","7df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","0f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.6.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","171"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.6.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","b1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.6.x/refs/onboarding/config/authorization/v1alpha1/policy","ba5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","275"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/workload_configuration","48c"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.6.x/refs/onboarding/config/runtime/v1alpha1/registration","29e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/config/v1alpha1/transport_security","7b3"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/condition","0cd"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","27c"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","7fd"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","466"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/identity/v1alpha1/identity","30e"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","7a9"),exact:!0},{path:"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/registration","197"),exact:!0},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/api","098"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/application","59d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/application_service","c4b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/grpc","e37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/openapi_extensions","d81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/application/v2/yaml","43e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.6.x/refs/tsb/auth/v2/auth","a20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/auth/v2/yaml","94b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/extension/v2/grpc","d80"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_extension","df1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_service","04a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/extension/v2/yaml","6b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/auth","af8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/eastwest_gateway","76e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/egress_gateway","ffe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_group","58e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_service","99d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/grpc","e87"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/ingress_gateway","1d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/istio_gateway_direct","a26"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/tier1_gateway","fb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/gateway/v2/yaml","c14"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/istiointernal/v2/grpc","4d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_internal_group","961"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","fc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istiointernal_service","13c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/istiointernal/v2/yaml","c61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/grpc","026"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric","905"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric_service","54d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source","f42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source_service","c3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/yaml","905"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.6.x/refs/tsb/q/v2/approvals_service","d55"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/q/v2/grpc","521"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.6.x/refs/tsb/q/v2/permissions_service","34c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/access_bindings","0db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/api_access_bindings","7e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/application_access_bindings","efb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/binding","f9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/gateway_access_bindings","a42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/grpc","505"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/istio_internal_access_bindings","b47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/organization_access_bindings","1c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/permissions","d1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/policy_service","445"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/role","1e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/role_service","cc4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/security_access_bindings","af2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/tenant_access_bindings","7fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/traffic_access_bindings","e87"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/workspace_access_bindings","e14"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/rbac/v2/yaml","c9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/registry/v2/grpc","3b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.6.x/refs/tsb/registry/v2/lookup_service","7fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.6.x/refs/tsb/registry/v2/registration_service","7a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.6.x/refs/tsb/registry/v2/service","109"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/registry/v2/yaml","2c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/grpc","3d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/istio_security_direct","4df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/security_group","bf4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/security_service","f9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/security_setting","464"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/service_security_setting","861"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/waf_settings","397"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/security/v2/yaml","958"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/grpc","218"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/istio_traffic_direct","ddb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/service_route","6ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_group","889"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_service","a00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_setting","37a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/traffic/v2/yaml","273"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.6.x/refs/tsb/types/v2/types","a22"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/types/v2/yaml","34f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.6.x/refs/tsb/v2/cluster","27e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/cluster_service","9b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.6.x/refs/tsb/v2/grpc","e10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/info",component:u("/service-bridge/1.6.x/refs/tsb/v2/info","a25"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/organization",component:u("/service-bridge/1.6.x/refs/tsb/v2/organization","afa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/organization_service","669"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.6.x/refs/tsb/v2/organization_setting","508"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/status",component:u("/service-bridge/1.6.x/refs/tsb/v2/status","48e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/status_service","135"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/team",component:u("/service-bridge/1.6.x/refs/tsb/v2/team","7ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/team_service","d1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.6.x/refs/tsb/v2/tenant","4d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/tenant_service","7bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.6.x/refs/tsb/v2/tenant_setting","6b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.6.x/refs/tsb/v2/workspace","002"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.6.x/refs/tsb/v2/workspace_service","fe4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.6.x/refs/tsb/v2/workspace_setting","883"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.6.x/refs/tsb/v2/yaml","79e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/release-notes",component:u("/service-bridge/1.6.x/release-notes","0af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/release-notes-announcements/",component:u("/service-bridge/1.6.x/release-notes-announcements/","d37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.6.x/release-notes-announcements/feature-status","15f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.6.x/release-notes-announcements/support-policy","527"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup",component:u("/service-bridge/1.6.x/setup","93c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/aws",component:u("/service-bridge/1.6.x/setup/aws","bdd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/aws/container-marketplace",component:u("/service-bridge/1.6.x/setup/aws/container-marketplace","a1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/aws/vpc",component:u("/service-bridge/1.6.x/setup/aws/vpc","b62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/certificate",component:u("/service-bridge/1.6.x/setup/certificate","8ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.6.x/setup/certificate/certificate-requirements","719"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.6.x/setup/certificate/certificate-setup","a36"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/components",component:u("/service-bridge/1.6.x/setup/components","883"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/firewall-information",component:u("/service-bridge/1.6.x/setup/firewall-information","46c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/",component:u("/service-bridge/1.6.x/setup/helm/","c6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/controlplane",component:u("/service-bridge/1.6.x/setup/helm/controlplane","dad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/dataplane",component:u("/service-bridge/1.6.x/setup/helm/dataplane","0a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/helm",component:u("/service-bridge/1.6.x/setup/helm/helm","4b9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/managementplane",component:u("/service-bridge/1.6.x/setup/helm/managementplane","8c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/uninstallation",component:u("/service-bridge/1.6.x/setup/helm/uninstallation","301"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/helm/upgrade",component:u("/service-bridge/1.6.x/setup/helm/upgrade","552"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/isolation-boundaries",component:u("/service-bridge/1.6.x/setup/isolation-boundaries","601"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.6.x/setup/migrate-tctl-to-helm","588"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/remote-registry",component:u("/service-bridge/1.6.x/setup/remote-registry","027"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/requirements-and-download",component:u("/service-bridge/1.6.x/setup/requirements-and-download","bc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/resource-planning",component:u("/service-bridge/1.6.x/setup/resource-planning","fba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/",component:u("/service-bridge/1.6.x/setup/self-managed/","5dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.6.x/setup/self-managed/demo-installation","69c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.6.x/setup/self-managed/management-plane-installation","bfb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.6.x/setup/self-managed/onboarding-clusters","b4b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.6.x/setup/self-managed/uninstallation","4dc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/upgrade",component:u("/service-bridge/1.6.x/setup/self-managed/upgrade","9fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/self-managed/zipkin-cleanup",component:u("/service-bridge/1.6.x/setup/self-managed/zipkin-cleanup","c58"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/tctl-connect",component:u("/service-bridge/1.6.x/setup/tctl-connect","b46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/upgrades",component:u("/service-bridge/1.6.x/setup/upgrades","a7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.6.x/setup/upgrades/cni-upgrade","e3a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.6.x/setup/upgrades/gateway-upgrade","a0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.6.x/setup/upgrades/non-revisioned-to-revisioned","1de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.6.x/setup/upgrades/revisioned-to-revisioned","607"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding","6de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/","fa1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/ecs-workloads","d35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/managing","c72"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/on-premise-workloads","e0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/onboarding","283"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/overview","cf9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/setup","44d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.6.x/setup/workload-onboarding/guides/troubleshooting","cc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.6.x/setup/workload-onboarding/onboarding-vms","7b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart","356"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/","3fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","533"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","3e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","1d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","ba2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","71c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","ad7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/","60b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","f02"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","d01"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/","f44"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","104"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","fc6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","db3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting",component:u("/service-bridge/1.6.x/troubleshooting","748"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.6.x/troubleshooting/cluster-onboarding","996"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/configuration-status",component:u("/service-bridge/1.6.x/troubleshooting/configuration-status","fde"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/debug-container",component:u("/service-bridge/1.6.x/troubleshooting/debug-container","b15"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.6.x/troubleshooting/gateway-troubleshooting","3fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.6.x/troubleshooting/identify-underperforming-services","5fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.6.x/troubleshooting/Maximum-header-size-exceed","333"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.6.x/troubleshooting/Multiple-Transfer-encoding-chunked","f67"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.6.x/troubleshooting/troubleshooting","671"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.6.x/troubleshooting/tsb-ui-metrics","bc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.6.x/wokingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.6.x/wokingwithsupport/workingWithTetrateSupport","7d5"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/1.7.x",component:u("/service-bridge/1.7.x","2fa"),routes:[{path:"/service-bridge/1.7.x/tags",component:u("/service-bridge/1.7.x/tags","b64"),exact:!0},{path:"/service-bridge/1.7.x/tags/featured",component:u("/service-bridge/1.7.x/tags/featured","165"),exact:!0},{path:"/service-bridge/1.7.x/tags/tsb-concepts",component:u("/service-bridge/1.7.x/tags/tsb-concepts","54e"),exact:!0},{path:"/service-bridge/1.7.x/tags/tsb-quickstart",component:u("/service-bridge/1.7.x/tags/tsb-quickstart","b6d"),exact:!0},{path:"/service-bridge/1.7.x",component:u("/service-bridge/1.7.x","e6b"),routes:[{path:"/service-bridge/1.7.x/",component:u("/service-bridge/1.7.x/","543"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.7.x/category/working-with-tetrate-customer-support","5d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/",component:u("/service-bridge/1.7.x/cheatsheet/","69e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.7.x/cheatsheet/sheets/gateways-management","7cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.7.x/cheatsheet/sheets/kubectl","77c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.7.x/cheatsheet/sheets/security-management","7c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.7.x/cheatsheet/sheets/tctl","c0e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.7.x/cheatsheet/sheets/traffic-management","1fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.7.x/cheatsheet/sheets/tsb-concepts","88b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.7.x/cheatsheet/sheets/tsb-quickstart","075"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.7.x/cheatsheet/sheets/tsb-terminology","c16"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/",component:u("/service-bridge/1.7.x/concepts/","f12"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/architecture",component:u("/service-bridge/1.7.x/concepts/architecture","e13"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/configuration-dataflow",component:u("/service-bridge/1.7.x/concepts/configuration-dataflow","912"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/glossary",component:u("/service-bridge/1.7.x/concepts/glossary","d74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/observability",component:u("/service-bridge/1.7.x/concepts/observability","965"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/operators/",component:u("/service-bridge/1.7.x/concepts/operators/","998"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/operators/control-plane",component:u("/service-bridge/1.7.x/concepts/operators/control-plane","de7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/operators/data-plane",component:u("/service-bridge/1.7.x/concepts/operators/data-plane","062"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/operators/management-plane",component:u("/service-bridge/1.7.x/concepts/operators/management-plane","0aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/security",component:u("/service-bridge/1.7.x/concepts/security","a41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/service-mesh",component:u("/service-bridge/1.7.x/concepts/service-mesh","f8f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/concepts/terminology",component:u("/service-bridge/1.7.x/concepts/terminology","8b5"),exact:!0},{path:"/service-bridge/1.7.x/concepts/traffic-management",component:u("/service-bridge/1.7.x/concepts/traffic-management","f8c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/",component:u("/service-bridge/1.7.x/design-guides/","71f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/","85d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/cross-cluster","e1e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/deploy-service","8d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/gateway-security","939"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/high-availability",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/high-availability","fc2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/introduction",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/introduction","69a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/monitor",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/monitor","5ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/prepare",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/prepare","969"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/promote-service",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/promote-service","913"),exact:!0},{path:"/service-bridge/1.7.x/design-guides/app-onboarding/security",component:u("/service-bridge/1.7.x/design-guides/app-onboarding/security","f64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-dr-mp/",component:u("/service-bridge/1.7.x/design-guides/ha-dr-mp/","3ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-dr-mp/dr-managementplane",component:u("/service-bridge/1.7.x/design-guides/ha-dr-mp/dr-managementplane","d58"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-dr-mp/ha-managementplane",component:u("/service-bridge/1.7.x/design-guides/ha-dr-mp/ha-managementplane","581"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/1.7.x/design-guides/ha-dr-mp/introduction","59c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/1.7.x/design-guides/ha-dr-mp/scenarios","b6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/","3f8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/cluster-failover","96b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/demo-1","7de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/demo-2","c90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/edge-failover","0c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/introduction",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/introduction","ef5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/design-guides/ha-multicluster/operations",component:u("/service-bridge/1.7.x/design-guides/ha-multicluster/operations","6f3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto",component:u("/service-bridge/1.7.x/howto","928"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/authorization/",component:u("/service-bridge/1.7.x/howto/authorization/","046"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.7.x/howto/authorization/ingress-gateway","672"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/authorization/sidecar",component:u("/service-bridge/1.7.x/howto/authorization/sidecar","eb5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.7.x/howto/authorization/tier1-gateway","5a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/authorization/tls-verification",component:u("/service-bridge/1.7.x/howto/authorization/tls-verification","e8b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway",component:u("/service-bridge/1.7.x/howto/gateway","b93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/app-ingress",component:u("/service-bridge/1.7.x/howto/gateway/app-ingress","591"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.7.x/howto/gateway/application-gateway-with-openapi-annotations","2bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.7.x/howto/gateway/configure-and-route-nonhttp-traffic","212"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.7.x/howto/gateway/distributed-ingress","204"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/egress-gateways",component:u("/service-bridge/1.7.x/howto/gateway/egress-gateways","ee9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.7.x/howto/gateway/end-user-auth-keycloak","078"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/1.7.x/howto/gateway/https-with-proxy-protocol","2ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","d84"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","b06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-shifting","129"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.7.x/howto/gateway/service-identity-propagation","2f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/shared-ingress",component:u("/service-bridge/1.7.x/howto/gateway/shared-ingress","665"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.7.x/howto/gateway/subset-based-routing-using-igw-and-service-route","21a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gateway/unified-gateway",component:u("/service-bridge/1.7.x/howto/gateway/unified-gateway","907"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gitops",component:u("/service-bridge/1.7.x/howto/gitops","e90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.7.x/howto/gitops/argo-rollouts","604"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gitops/flux",component:u("/service-bridge/1.7.x/howto/gitops/flux","9f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/gitops/gitops",component:u("/service-bridge/1.7.x/howto/gitops/gitops","7a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.7.x/howto/hpa-using-skywalking","f85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/network-policies",component:u("/service-bridge/1.7.x/howto/network-policies","552"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/promql-using-skywalking",component:u("/service-bridge/1.7.x/howto/promql-using-skywalking","26d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/",component:u("/service-bridge/1.7.x/howto/rate-limiting/","f4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.7.x/howto/rate-limiting/external-rate-limiting","885"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.7.x/howto/rate-limiting/ingress-gateway","29d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.7.x/howto/rate-limiting/internal-rate-limiting","145"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.7.x/howto/rate-limiting/service-to-service","9f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.7.x/howto/rate-limiting/tier1-gateway","06f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.7.x/howto/rate-limiting/tls-validation","a65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/security-domains",component:u("/service-bridge/1.7.x/howto/security-domains","8ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/service-accounts",component:u("/service-bridge/1.7.x/howto/service-accounts","b97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic",component:u("/service-bridge/1.7.x/howto/traffic","8c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/canary-releases",component:u("/service-bridge/1.7.x/howto/traffic/canary-releases","4ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.7.x/howto/traffic/configure-multi-port-service-route","a19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/external-site-https",component:u("/service-bridge/1.7.x/howto/traffic/external-site-https","894"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/load-balance",component:u("/service-bridge/1.7.x/howto/traffic/load-balance","23a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.7.x/howto/traffic/migrating-VM-monoliths","c7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms","331"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/waf",component:u("/service-bridge/1.7.x/howto/waf","455"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/wasm",component:u("/service-bridge/1.7.x/howto/wasm","368"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.7.x/howto/wasm/wasm-extension","b16"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.7.x/howto/wasm/wasm-overview","e6e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/wasm/wasm-proxy",component:u("/service-bridge/1.7.x/howto/wasm/wasm-proxy","6fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/howto/wasm/wasm-try",component:u("/service-bridge/1.7.x/howto/wasm/wasm-try","de0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/knowledge-base",component:u("/service-bridge/1.7.x/knowledge-base","651"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/knowledge-base/faq",component:u("/service-bridge/1.7.x/knowledge-base/faq","857"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/knowledge-base/gitops",component:u("/service-bridge/1.7.x/knowledge-base/gitops","15c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations",component:u("/service-bridge/1.7.x/operations","d84"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/configuration-promotion",component:u("/service-bridge/1.7.x/operations/configuration-promotion","78a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/configure-log-levels",component:u("/service-bridge/1.7.x/operations/configure-log-levels","0a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/elasticsearch",component:u("/service-bridge/1.7.x/operations/elasticsearch","c7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.7.x/operations/elasticsearch/elasticsearch-role","516"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.7.x/operations/elasticsearch/wipe-elastic","03c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features",component:u("/service-bridge/1.7.x/operations/features","ceb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.7.x/operations/features/configure-cluster-external-addresses","456"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/configure-gitops",component:u("/service-bridge/1.7.x/operations/features/configure-gitops","b18"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/deletion-protection",component:u("/service-bridge/1.7.x/operations/features/deletion-protection","df3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.7.x/operations/features/edge-dns-resolution","bba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/enable-config-protection",component:u("/service-bridge/1.7.x/operations/features/enable-config-protection","77a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.7.x/operations/features/gateway-deletion-webhook","922"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/internal-wasm-extensions",component:u("/service-bridge/1.7.x/operations/features/internal-wasm-extensions","042"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/istio-cni",component:u("/service-bridge/1.7.x/operations/features/istio-cni","720"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/label-annotation",component:u("/service-bridge/1.7.x/operations/features/label-annotation","783"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/streaming-log",component:u("/service-bridge/1.7.x/operations/features/streaming-log","44c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.7.x/operations/features/tier1-in-app-cluster","8ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/graceful-connection-drain",component:u("/service-bridge/1.7.x/operations/graceful-connection-drain","46f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/kube-customization",component:u("/service-bridge/1.7.x/operations/kube-customization","017"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/lower-istio-resources",component:u("/service-bridge/1.7.x/operations/lower-istio-resources","ac4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/migrate-organization",component:u("/service-bridge/1.7.x/operations/migrate-organization","f80"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/multiple-iam-keys",component:u("/service-bridge/1.7.x/operations/multiple-iam-keys","63c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/postgresql",component:u("/service-bridge/1.7.x/operations/postgresql","c10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry",component:u("/service-bridge/1.7.x/operations/telemetry","a7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.7.x/operations/telemetry/alerting-guidelines","592"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.7.x/operations/telemetry/distributed-tracing","5d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.7.x/operations/telemetry/key-metrics","b4b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/new-relic",component:u("/service-bridge/1.7.x/operations/telemetry/new-relic","151"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.7.x/operations/telemetry/red-metrics","0e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.7.x/operations/telemetry/telemetry-architecture","7b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users",component:u("/service-bridge/1.7.x/operations/users","63f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users/admin-password",component:u("/service-bridge/1.7.x/operations/users/admin-password","5aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users/configuring-ldap",component:u("/service-bridge/1.7.x/operations/users/configuring-ldap","ef0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users/oidc-azure",component:u("/service-bridge/1.7.x/operations/users/oidc-azure","f64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users/roles-and-permissions",component:u("/service-bridge/1.7.x/operations/users/roles-and-permissions","49d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/users/user-synchronization",component:u("/service-bridge/1.7.x/operations/users/user-synchronization","2b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/vault",component:u("/service-bridge/1.7.x/operations/vault","416"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/vault/elasticsearch",component:u("/service-bridge/1.7.x/operations/vault/elasticsearch","0b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/vault/istiod-ca",component:u("/service-bridge/1.7.x/operations/vault/istiod-ca","d30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/operations/vault/postgresql",component:u("/service-bridge/1.7.x/operations/vault/postgresql","eb7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart",component:u("/service-bridge/1.7.x/quickstart","404"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/apps",component:u("/service-bridge/1.7.x/quickstart/apps","382"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/config-groups",component:u("/service-bridge/1.7.x/quickstart/config-groups","e14"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.7.x/quickstart/deploy-sample-app","89e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/ingress-gateway",component:u("/service-bridge/1.7.x/quickstart/ingress-gateway","a00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/introduction",component:u("/service-bridge/1.7.x/quickstart/introduction","515"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/observability",component:u("/service-bridge/1.7.x/quickstart/observability","9b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/permissions",component:u("/service-bridge/1.7.x/quickstart/permissions","0ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/security",component:u("/service-bridge/1.7.x/quickstart/security","34d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/tenant",component:u("/service-bridge/1.7.x/quickstart/tenant","534"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/traffic-shifting",component:u("/service-bridge/1.7.x/quickstart/traffic-shifting","bee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/quickstart/workspace",component:u("/service-bridge/1.7.x/quickstart/workspace","033"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference",component:u("/service-bridge/1.7.x/reference","c70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli",component:u("/service-bridge/1.7.x/reference/cli","ed6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/guide/index",component:u("/service-bridge/1.7.x/reference/cli/guide/index","033"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/guide/toc",component:u("/service-bridge/1.7.x/reference/cli/guide/toc","3f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference",component:u("/service-bridge/1.7.x/reference/cli/reference","b21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/apply",component:u("/service-bridge/1.7.x/reference/cli/reference/apply","cca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/collect",component:u("/service-bridge/1.7.x/reference/cli/reference/collect","312"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/completion",component:u("/service-bridge/1.7.x/reference/cli/reference/completion","042"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/config",component:u("/service-bridge/1.7.x/reference/cli/reference/config","1e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/delete",component:u("/service-bridge/1.7.x/reference/cli/reference/delete","d66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/edit",component:u("/service-bridge/1.7.x/reference/cli/reference/edit","c93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/experimental",component:u("/service-bridge/1.7.x/reference/cli/reference/experimental","6ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/get",component:u("/service-bridge/1.7.x/reference/cli/reference/get","f97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/index",component:u("/service-bridge/1.7.x/reference/cli/reference/index","b77"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/install",component:u("/service-bridge/1.7.x/reference/cli/reference/install","b33"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/login",component:u("/service-bridge/1.7.x/reference/cli/reference/login","78b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/ui",component:u("/service-bridge/1.7.x/reference/cli/reference/ui","9ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/validate",component:u("/service-bridge/1.7.x/reference/cli/reference/validate","3c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/version",component:u("/service-bridge/1.7.x/reference/cli/reference/version","d71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/whoami",component:u("/service-bridge/1.7.x/reference/cli/reference/whoami","e06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.7.x/reference/cli/reference/workload-entry-annotations","047"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/grpc-api",component:u("/service-bridge/1.7.x/reference/grpc-api","3b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/grpc-api/guide",component:u("/service-bridge/1.7.x/reference/grpc-api/guide","bdb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/grpc-api/reference",component:u("/service-bridge/1.7.x/reference/grpc-api/reference","46e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api",component:u("/service-bridge/1.7.x/reference/k8s-api","432"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/guide",component:u("/service-bridge/1.7.x/reference/k8s-api/guide","012"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen","b6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","e7d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","6bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","884"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","cc2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","ea4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","d20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","1a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","d1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","dcb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","2de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","e27"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","d1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","843"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","5dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","624"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","8f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","497"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/operators",component:u("/service-bridge/1.7.x/reference/operators","871"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/rest-api/guide",component:u("/service-bridge/1.7.x/reference/rest-api/guide","b0b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/samples",component:u("/service-bridge/1.7.x/reference/samples","529"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/samples/httpbin",component:u("/service-bridge/1.7.x/reference/samples/httpbin","a73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/samples/opa",component:u("/service-bridge/1.7.x/reference/samples/opa","e65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/samples/sleep-service",component:u("/service-bridge/1.7.x/reference/samples/sleep-service","053"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/workload-onboarding",component:u("/service-bridge/1.7.x/reference/workload-onboarding","713"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.7.x/reference/workload-onboarding/onboarding-agent","d19"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.7.x/reference/workload-onboarding/onboarding-authorization","089"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.7.x/reference/workload-onboarding/onboarding-runtime","a47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/yaml-api",component:u("/service-bridge/1.7.x/reference/yaml-api","a3b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/yaml-api/guide",component:u("/service-bridge/1.7.x/reference/yaml-api/guide","f85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/reference/yaml-api/reference",component:u("/service-bridge/1.7.x/reference/yaml-api/reference","111"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/audit/v1/audit",component:u("/service-bridge/1.7.x/refs/audit/v1/audit","80c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/audit/v1/grpc",component:u("/service-bridge/1.7.x/refs/audit/v1/grpc","7e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/iam/v2/grpc",component:u("/service-bridge/1.7.x/refs/iam/v2/grpc","869"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.7.x/refs/iam/v2/oauth_service","a33"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.7.x/refs/iam/v2/oidc_service","261"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install",component:u("/service-bridge/1.7.x/refs/install","4b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install/common/common_config",component:u("/service-bridge/1.7.x/refs/install/common/common_config","9b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.7.x/refs/install/controlplane/v1alpha1/spec","c48"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.7.x/refs/install/dataplane/v1alpha1/spec","a47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.7.x/refs/install/kubernetes/k8s","4b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.7.x/refs/install/managementplane/v1alpha1/spec","2b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/istio.io/api/operator/v1alpha1/operator",component:u("/service-bridge/1.7.x/refs/istio.io/api/operator/v1alpha1/operator","b5a"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","2be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","218"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.7.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","c45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.7.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","e03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.7.x/refs/onboarding/config/authorization/v1alpha1/policy","803"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","abf"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/workload_configuration","197"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.7.x/refs/onboarding/config/runtime/v1alpha1/registration","6b6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/config/v1alpha1/transport_security","5c0"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/condition","cf5"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","f16"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","cd2"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","cc1"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/identity/v1alpha1/identity","3f2"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","75a"),exact:!0},{path:"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/registration","3f5"),exact:!0},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/api","c72"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/application","85e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/application_service","e6a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/grpc","943"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/openapi_extensions","cd5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/application/v2/yaml","1c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.7.x/refs/tsb/auth/v2/auth","fc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/auth/v2/yaml","187"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/extension/v2/grpc","e80"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_extension","0f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_service","f06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/extension/v2/yaml","688"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/auth","928"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/eastwest_gateway","2df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/egress_gateway","5cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway","d4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_common","339"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_group","006"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_service","5d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/grpc","aa5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/ingress_gateway","4e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/istio_gateway_direct","89a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/tier1_gateway","d9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/gateway/v2/yaml","eb9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/istiointernal/v2/grpc","15c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_internal_group","858"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","f40"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istiointernal_service","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/istiointernal/v2/yaml","162"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/grpc","a1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric","26c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric_service","6db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source","2f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source_service","20a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/yaml","b10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.7.x/refs/tsb/q/v2/approvals_service","d24"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/q/v2/grpc","04c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.7.x/refs/tsb/q/v2/permissions_service","649"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/access_bindings","395"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/api_access_bindings","ace"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/application_access_bindings","56c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/binding","3f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/gateway_access_bindings","fbe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/grpc","c57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/istio_internal_access_bindings","945"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/organization_access_bindings","398"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/permissions","b64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/policy_service","50e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/role","93d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/role_service","aa1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/security_access_bindings","b9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/tenant_access_bindings","a3f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/traffic_access_bindings","c83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/workspace_access_bindings","560"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/rbac/v2/yaml","e23"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/registry/v2/grpc","e7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.7.x/refs/tsb/registry/v2/lookup_service","fd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.7.x/refs/tsb/registry/v2/registration_service","406"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.7.x/refs/tsb/registry/v2/service","e6e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/registry/v2/yaml","960"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/grpc","2ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/istio_security_direct","70b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/security_group","8c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/security_service","492"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/security_setting","422"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/service_security_setting","0d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/waf_settings","22b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/security/v2/yaml","a78"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/grpc","82c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/istio_traffic_direct","dbf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/service_route","cd2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_group","1ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_service","7f5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_setting","1a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/traffic/v2/yaml","8d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.7.x/refs/tsb/types/v2/types","a1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/types/v2/yaml","10c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.7.x/refs/tsb/v2/cluster","9f5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/cluster_service","e09"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.7.x/refs/tsb/v2/grpc","8c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/info",component:u("/service-bridge/1.7.x/refs/tsb/v2/info","f5b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/organization",component:u("/service-bridge/1.7.x/refs/tsb/v2/organization","95a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/organization_service","172"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.7.x/refs/tsb/v2/organization_setting","b6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/status",component:u("/service-bridge/1.7.x/refs/tsb/v2/status","3ac"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/status_service","831"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/team",component:u("/service-bridge/1.7.x/refs/tsb/v2/team","99e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/team_service","f29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.7.x/refs/tsb/v2/tenant","ef6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/tenant_service","6b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.7.x/refs/tsb/v2/tenant_setting","278"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.7.x/refs/tsb/v2/workspace","487"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.7.x/refs/tsb/v2/workspace_service","6b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.7.x/refs/tsb/v2/workspace_setting","06d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.7.x/refs/tsb/v2/yaml","83a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/release-notes",component:u("/service-bridge/1.7.x/release-notes","ebf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/release-notes-announcements/",component:u("/service-bridge/1.7.x/release-notes-announcements/","9c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.7.x/release-notes-announcements/feature-status","4ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.7.x/release-notes-announcements/support-policy","2e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup",component:u("/service-bridge/1.7.x/setup","e89"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/aws",component:u("/service-bridge/1.7.x/setup/aws","f50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/aws/container-marketplace",component:u("/service-bridge/1.7.x/setup/aws/container-marketplace","3af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/aws/vpc",component:u("/service-bridge/1.7.x/setup/aws/vpc","302"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/certificate",component:u("/service-bridge/1.7.x/setup/certificate","a71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/certificate/automated-certificate-management",component:u("/service-bridge/1.7.x/setup/certificate/automated-certificate-management","5af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.7.x/setup/certificate/certificate-requirements","39a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.7.x/setup/certificate/certificate-setup","a5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/components",component:u("/service-bridge/1.7.x/setup/components","992"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/firewall-information",component:u("/service-bridge/1.7.x/setup/firewall-information","303"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/",component:u("/service-bridge/1.7.x/setup/helm/","d29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/controlplane",component:u("/service-bridge/1.7.x/setup/helm/controlplane","d2a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/dataplane",component:u("/service-bridge/1.7.x/setup/helm/dataplane","1e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/helm",component:u("/service-bridge/1.7.x/setup/helm/helm","05a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/managementplane",component:u("/service-bridge/1.7.x/setup/helm/managementplane","b50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/uninstallation",component:u("/service-bridge/1.7.x/setup/helm/uninstallation","0f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/helm/upgrade",component:u("/service-bridge/1.7.x/setup/helm/upgrade","027"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/isolation-boundaries",component:u("/service-bridge/1.7.x/setup/isolation-boundaries","0eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.7.x/setup/migrate-tctl-to-helm","4d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/remote-registry",component:u("/service-bridge/1.7.x/setup/remote-registry","cca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/requirements-and-download",component:u("/service-bridge/1.7.x/setup/requirements-and-download","b0c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/resource-planning",component:u("/service-bridge/1.7.x/setup/resource-planning","d63"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/security-context",component:u("/service-bridge/1.7.x/setup/security-context","180"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/",component:u("/service-bridge/1.7.x/setup/self-managed/","40f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.7.x/setup/self-managed/demo-installation","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.7.x/setup/self-managed/management-plane-installation","dfc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.7.x/setup/self-managed/onboarding-clusters","9e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.7.x/setup/self-managed/uninstallation","920"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/self-managed/upgrade",component:u("/service-bridge/1.7.x/setup/self-managed/upgrade","7dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/tctl-connect",component:u("/service-bridge/1.7.x/setup/tctl-connect","1a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/upgrades",component:u("/service-bridge/1.7.x/setup/upgrades","31d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.7.x/setup/upgrades/cni-upgrade","b10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.7.x/setup/upgrades/gateway-upgrade","49a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.7.x/setup/upgrades/non-revisioned-to-revisioned","367"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.7.x/setup/upgrades/revisioned-to-revisioned","92b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding","6d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/","5aa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/ecs-workloads","61b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/managing","e4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/on-premise-workloads","2b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/onboarding","24f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/overview","c30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/setup","220"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.7.x/setup/workload-onboarding/guides/troubleshooting","04a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.7.x/setup/workload-onboarding/onboarding-vms","6d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart","3ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/","1d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","800"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","7d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","531"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","4c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","b9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","a31"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/","7d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","216"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","ed2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/","1ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","df1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","e0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","643"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting",component:u("/service-bridge/1.7.x/troubleshooting","740"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.7.x/troubleshooting/cluster-onboarding","61a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/configuration-status",component:u("/service-bridge/1.7.x/troubleshooting/configuration-status","b86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/debug-container",component:u("/service-bridge/1.7.x/troubleshooting/debug-container","6e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.7.x/troubleshooting/gateway-troubleshooting","5a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.7.x/troubleshooting/identify-underperforming-services","021"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.7.x/troubleshooting/Maximum-header-size-exceed","b16"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.7.x/troubleshooting/Multiple-Transfer-encoding-chunked","073"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.7.x/troubleshooting/troubleshooting","c6b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.7.x/troubleshooting/tsb-ui-metrics","10d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.7.x/wokingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.7.x/wokingwithsupport/workingWithTetrateSupport","187"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/1.8.x",component:u("/service-bridge/1.8.x","0ca"),routes:[{path:"/service-bridge/1.8.x/tags",component:u("/service-bridge/1.8.x/tags","41a"),exact:!0},{path:"/service-bridge/1.8.x/tags/featured",component:u("/service-bridge/1.8.x/tags/featured","296"),exact:!0},{path:"/service-bridge/1.8.x/tags/tsb-concepts",component:u("/service-bridge/1.8.x/tags/tsb-concepts","e7d"),exact:!0},{path:"/service-bridge/1.8.x/tags/tsb-quickstart",component:u("/service-bridge/1.8.x/tags/tsb-quickstart","07d"),exact:!0},{path:"/service-bridge/1.8.x",component:u("/service-bridge/1.8.x","ef4"),routes:[{path:"/service-bridge/1.8.x/",component:u("/service-bridge/1.8.x/","933"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.8.x/category/working-with-tetrate-customer-support","377"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/",component:u("/service-bridge/1.8.x/cheatsheet/","81a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.8.x/cheatsheet/sheets/gateways-management","421"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.8.x/cheatsheet/sheets/kubectl","129"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.8.x/cheatsheet/sheets/security-management","2f3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.8.x/cheatsheet/sheets/tctl","f7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.8.x/cheatsheet/sheets/traffic-management","fa4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.8.x/cheatsheet/sheets/tsb-concepts","6c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.8.x/cheatsheet/sheets/tsb-quickstart","371"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.8.x/cheatsheet/sheets/tsb-terminology","6da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/",component:u("/service-bridge/1.8.x/concepts/","4a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/architecture",component:u("/service-bridge/1.8.x/concepts/architecture","607"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/configuration-dataflow",component:u("/service-bridge/1.8.x/concepts/configuration-dataflow","04c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/glossary",component:u("/service-bridge/1.8.x/concepts/glossary","196"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/observability",component:u("/service-bridge/1.8.x/concepts/observability","852"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/operators/",component:u("/service-bridge/1.8.x/concepts/operators/","6b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/operators/control-plane",component:u("/service-bridge/1.8.x/concepts/operators/control-plane","81d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/operators/data-plane",component:u("/service-bridge/1.8.x/concepts/operators/data-plane","fc2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/operators/management-plane",component:u("/service-bridge/1.8.x/concepts/operators/management-plane","a4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/security",component:u("/service-bridge/1.8.x/concepts/security","27c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/service-mesh",component:u("/service-bridge/1.8.x/concepts/service-mesh","728"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/terminology",component:u("/service-bridge/1.8.x/concepts/terminology","b9b"),exact:!0},{path:"/service-bridge/1.8.x/concepts/traffic-management",component:u("/service-bridge/1.8.x/concepts/traffic-management","e36"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/concepts/tsb-and-istio",component:u("/service-bridge/1.8.x/concepts/tsb-and-istio","a56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/",component:u("/service-bridge/1.8.x/design-guides/","2f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/","ecf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/cross-cluster","253"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/deploy-service","917"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/gateway-security","e60"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/high-availability",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/high-availability","8bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/introduction",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/introduction","2ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/monitor",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/monitor","a6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/prepare",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/prepare","eab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/promote-service",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/promote-service","908"),exact:!0},{path:"/service-bridge/1.8.x/design-guides/app-onboarding/security",component:u("/service-bridge/1.8.x/design-guides/app-onboarding/security","1e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-dr-mp/",component:u("/service-bridge/1.8.x/design-guides/ha-dr-mp/","a8b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-dr-mp/dr-managementplane",component:u("/service-bridge/1.8.x/design-guides/ha-dr-mp/dr-managementplane","f54"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-dr-mp/ha-managementplane",component:u("/service-bridge/1.8.x/design-guides/ha-dr-mp/ha-managementplane","dbf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/1.8.x/design-guides/ha-dr-mp/introduction","194"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/1.8.x/design-guides/ha-dr-mp/scenarios","6a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/","2d7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/cluster-failover","464"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/demo-1","2e7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/demo-2","23c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/edge-failover","7ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/introduction",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/introduction","e0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/design-guides/ha-multicluster/operations",component:u("/service-bridge/1.8.x/design-guides/ha-multicluster/operations","dfb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto",component:u("/service-bridge/1.8.x/howto","5a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/authorization/",component:u("/service-bridge/1.8.x/howto/authorization/","a78"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.8.x/howto/authorization/ingress-gateway","ce3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/authorization/sidecar",component:u("/service-bridge/1.8.x/howto/authorization/sidecar","bc3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.8.x/howto/authorization/tier1-gateway","dcc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/authorization/tls-verification",component:u("/service-bridge/1.8.x/howto/authorization/tls-verification","820"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway",component:u("/service-bridge/1.8.x/howto/gateway","a1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/app-ingress",component:u("/service-bridge/1.8.x/howto/gateway/app-ingress","401"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.8.x/howto/gateway/application-gateway-with-openapi-annotations","fce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.8.x/howto/gateway/configure-and-route-nonhttp-traffic","6e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/configure-oidc",component:u("/service-bridge/1.8.x/howto/gateway/configure-oidc","2d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.8.x/howto/gateway/distributed-ingress","622"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/egress-gateways",component:u("/service-bridge/1.8.x/howto/gateway/egress-gateways","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.8.x/howto/gateway/end-user-auth-keycloak","706"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/1.8.x/howto/gateway/https-with-proxy-protocol","5e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","76f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","d68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-shifting","79d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.8.x/howto/gateway/service-identity-propagation","be8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/shared-ingress",component:u("/service-bridge/1.8.x/howto/gateway/shared-ingress","c6b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.8.x/howto/gateway/subset-based-routing-using-igw-and-service-route","639"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gateway/unified-gateway",component:u("/service-bridge/1.8.x/howto/gateway/unified-gateway","23d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gitops",component:u("/service-bridge/1.8.x/howto/gitops","26f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.8.x/howto/gitops/argo-rollouts","31e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gitops/flux",component:u("/service-bridge/1.8.x/howto/gitops/flux","f00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/gitops/gitops",component:u("/service-bridge/1.8.x/howto/gitops/gitops","a45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.8.x/howto/hpa-using-skywalking","34f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/network-policies",component:u("/service-bridge/1.8.x/howto/network-policies","2d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/promql-using-skywalking",component:u("/service-bridge/1.8.x/howto/promql-using-skywalking","8fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/",component:u("/service-bridge/1.8.x/howto/rate-limiting/","02b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.8.x/howto/rate-limiting/external-rate-limiting","d69"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.8.x/howto/rate-limiting/ingress-gateway","faa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.8.x/howto/rate-limiting/internal-rate-limiting","b88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.8.x/howto/rate-limiting/service-to-service","744"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.8.x/howto/rate-limiting/tier1-gateway","216"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.8.x/howto/rate-limiting/tls-validation","11f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/security-domains",component:u("/service-bridge/1.8.x/howto/security-domains","65e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/service-accounts",component:u("/service-bridge/1.8.x/howto/service-accounts","ccd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic",component:u("/service-bridge/1.8.x/howto/traffic","ce5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/canary-releases",component:u("/service-bridge/1.8.x/howto/traffic/canary-releases","eae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.8.x/howto/traffic/configure-multi-port-service-route","d2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/external-site-https",component:u("/service-bridge/1.8.x/howto/traffic/external-site-https","792"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/load-balance",component:u("/service-bridge/1.8.x/howto/traffic/load-balance","a73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.8.x/howto/traffic/migrating-VM-monoliths","782"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.8.x/howto/traffic/splitting-service-traffic-between-k8s-vms","83b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/waf",component:u("/service-bridge/1.8.x/howto/waf","f3b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/wasm",component:u("/service-bridge/1.8.x/howto/wasm","ca8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.8.x/howto/wasm/wasm-extension","3c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.8.x/howto/wasm/wasm-overview","59a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/wasm/wasm-proxy",component:u("/service-bridge/1.8.x/howto/wasm/wasm-proxy","526"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/howto/wasm/wasm-try",component:u("/service-bridge/1.8.x/howto/wasm/wasm-try","d21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/knowledge-base",component:u("/service-bridge/1.8.x/knowledge-base","a81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/knowledge-base/faq",component:u("/service-bridge/1.8.x/knowledge-base/faq","4e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/knowledge-base/gitops",component:u("/service-bridge/1.8.x/knowledge-base/gitops","389"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations",component:u("/service-bridge/1.8.x/operations","0f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/configuration-promotion",component:u("/service-bridge/1.8.x/operations/configuration-promotion","c42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/configure-log-levels",component:u("/service-bridge/1.8.x/operations/configure-log-levels","f7c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/elasticsearch",component:u("/service-bridge/1.8.x/operations/elasticsearch","48f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.8.x/operations/elasticsearch/elasticsearch-role","436"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.8.x/operations/elasticsearch/wipe-elastic","fc1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features",component:u("/service-bridge/1.8.x/operations/features","f37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.8.x/operations/features/configure-cluster-external-addresses","49f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/configure-gitops",component:u("/service-bridge/1.8.x/operations/features/configure-gitops","db8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/deletion-protection",component:u("/service-bridge/1.8.x/operations/features/deletion-protection","a42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.8.x/operations/features/edge-dns-resolution","5ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/enable-config-protection",component:u("/service-bridge/1.8.x/operations/features/enable-config-protection","ec5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.8.x/operations/features/gateway-deletion-webhook","eaf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/internal-wasm-extensions",component:u("/service-bridge/1.8.x/operations/features/internal-wasm-extensions","65e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/istio-cni",component:u("/service-bridge/1.8.x/operations/features/istio-cni","de8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/label-annotation",component:u("/service-bridge/1.8.x/operations/features/label-annotation","4ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/streaming-log",component:u("/service-bridge/1.8.x/operations/features/streaming-log","77d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.8.x/operations/features/tier1-in-app-cluster","b7d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/1.8.x/operations/features/tls-origin-multi-cluster","fd1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/graceful-connection-drain",component:u("/service-bridge/1.8.x/operations/graceful-connection-drain","3e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/kube-customization",component:u("/service-bridge/1.8.x/operations/kube-customization","2b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/lower-istio-resources",component:u("/service-bridge/1.8.x/operations/lower-istio-resources","fb6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/migrate-organization",component:u("/service-bridge/1.8.x/operations/migrate-organization","584"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/multiple-iam-keys",component:u("/service-bridge/1.8.x/operations/multiple-iam-keys","d37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/postgresql",component:u("/service-bridge/1.8.x/operations/postgresql","ca8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/postgresql/azure-credentials",component:u("/service-bridge/1.8.x/operations/postgresql/azure-credentials","36f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/postgresql/backup-and-restore",component:u("/service-bridge/1.8.x/operations/postgresql/backup-and-restore","6e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry",component:u("/service-bridge/1.8.x/operations/telemetry","936"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.8.x/operations/telemetry/alerting-guidelines","d1c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.8.x/operations/telemetry/distributed-tracing","924"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.8.x/operations/telemetry/key-metrics","e57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/new-relic",component:u("/service-bridge/1.8.x/operations/telemetry/new-relic","7fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.8.x/operations/telemetry/red-metrics","393"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.8.x/operations/telemetry/telemetry-architecture","130"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users",component:u("/service-bridge/1.8.x/operations/users","f85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users/admin-password",component:u("/service-bridge/1.8.x/operations/users/admin-password","690"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users/configuring-ldap",component:u("/service-bridge/1.8.x/operations/users/configuring-ldap","e50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users/oidc-azure",component:u("/service-bridge/1.8.x/operations/users/oidc-azure","de0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users/roles-and-permissions",component:u("/service-bridge/1.8.x/operations/users/roles-and-permissions","edb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/users/user-synchronization",component:u("/service-bridge/1.8.x/operations/users/user-synchronization","96b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/vault",component:u("/service-bridge/1.8.x/operations/vault","da5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/vault/elasticsearch",component:u("/service-bridge/1.8.x/operations/vault/elasticsearch","028"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/vault/istiod-ca",component:u("/service-bridge/1.8.x/operations/vault/istiod-ca","877"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/operations/vault/postgresql",component:u("/service-bridge/1.8.x/operations/vault/postgresql","b7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart",component:u("/service-bridge/1.8.x/quickstart","7d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/apps",component:u("/service-bridge/1.8.x/quickstart/apps","505"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/config-groups",component:u("/service-bridge/1.8.x/quickstart/config-groups","a9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.8.x/quickstart/deploy-sample-app","eac"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/ingress-gateway",component:u("/service-bridge/1.8.x/quickstart/ingress-gateway","30d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/introduction",component:u("/service-bridge/1.8.x/quickstart/introduction","4ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/observability",component:u("/service-bridge/1.8.x/quickstart/observability","0e7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/permissions",component:u("/service-bridge/1.8.x/quickstart/permissions","d64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/security",component:u("/service-bridge/1.8.x/quickstart/security","dbb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/tenant",component:u("/service-bridge/1.8.x/quickstart/tenant","1d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/traffic-shifting",component:u("/service-bridge/1.8.x/quickstart/traffic-shifting","a07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/quickstart/workspace",component:u("/service-bridge/1.8.x/quickstart/workspace","37f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference",component:u("/service-bridge/1.8.x/reference","fa7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli",component:u("/service-bridge/1.8.x/reference/cli","9cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/guide/index",component:u("/service-bridge/1.8.x/reference/cli/guide/index","eeb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/guide/toc",component:u("/service-bridge/1.8.x/reference/cli/guide/toc","83b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference",component:u("/service-bridge/1.8.x/reference/cli/reference","47b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/apply",component:u("/service-bridge/1.8.x/reference/cli/reference/apply","7e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/collect",component:u("/service-bridge/1.8.x/reference/cli/reference/collect","729"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/completion",component:u("/service-bridge/1.8.x/reference/cli/reference/completion","783"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/config",component:u("/service-bridge/1.8.x/reference/cli/reference/config","e24"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/delete",component:u("/service-bridge/1.8.x/reference/cli/reference/delete","448"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/edit",component:u("/service-bridge/1.8.x/reference/cli/reference/edit","969"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/experimental",component:u("/service-bridge/1.8.x/reference/cli/reference/experimental","23e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/get",component:u("/service-bridge/1.8.x/reference/cli/reference/get","181"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/index",component:u("/service-bridge/1.8.x/reference/cli/reference/index","924"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/install",component:u("/service-bridge/1.8.x/reference/cli/reference/install","bdf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/login",component:u("/service-bridge/1.8.x/reference/cli/reference/login","ada"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/ui",component:u("/service-bridge/1.8.x/reference/cli/reference/ui","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/validate",component:u("/service-bridge/1.8.x/reference/cli/reference/validate","214"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/version",component:u("/service-bridge/1.8.x/reference/cli/reference/version","209"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/whoami",component:u("/service-bridge/1.8.x/reference/cli/reference/whoami","ee0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.8.x/reference/cli/reference/workload-entry-annotations","55f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/grpc-api",component:u("/service-bridge/1.8.x/reference/grpc-api","0a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/grpc-api/guide",component:u("/service-bridge/1.8.x/reference/grpc-api/guide","4b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/grpc-api/reference",component:u("/service-bridge/1.8.x/reference/grpc-api/reference","b69"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api",component:u("/service-bridge/1.8.x/reference/k8s-api","e57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/guide",component:u("/service-bridge/1.8.x/reference/k8s-api/guide","284"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen","4d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","ef9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","237"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","4b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","357"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","b3a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","75d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","72e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","f40"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","ab7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","310"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","bd4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","f7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","2db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","28b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","d4a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","919"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","3a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/operators",component:u("/service-bridge/1.8.x/reference/operators","e13"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/rest-api/guide",component:u("/service-bridge/1.8.x/reference/rest-api/guide","550"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/samples",component:u("/service-bridge/1.8.x/reference/samples","212"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/samples/httpbin",component:u("/service-bridge/1.8.x/reference/samples/httpbin","2b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/samples/opa",component:u("/service-bridge/1.8.x/reference/samples/opa","74a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/samples/sleep-service",component:u("/service-bridge/1.8.x/reference/samples/sleep-service","0a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/workload-onboarding",component:u("/service-bridge/1.8.x/reference/workload-onboarding","258"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.8.x/reference/workload-onboarding/onboarding-agent","047"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.8.x/reference/workload-onboarding/onboarding-authorization","7b6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.8.x/reference/workload-onboarding/onboarding-runtime","da8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/yaml-api",component:u("/service-bridge/1.8.x/reference/yaml-api","259"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/yaml-api/guide",component:u("/service-bridge/1.8.x/reference/yaml-api/guide","36b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/reference/yaml-api/reference",component:u("/service-bridge/1.8.x/reference/yaml-api/reference","9cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/audit/v1/audit",component:u("/service-bridge/1.8.x/refs/audit/v1/audit","546"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/audit/v1/grpc",component:u("/service-bridge/1.8.x/refs/audit/v1/grpc","3cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/iam/v2/grpc",component:u("/service-bridge/1.8.x/refs/iam/v2/grpc","7ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.8.x/refs/iam/v2/oauth_service","27f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.8.x/refs/iam/v2/oidc_service","889"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install",component:u("/service-bridge/1.8.x/refs/install","176"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install/common/common_config",component:u("/service-bridge/1.8.x/refs/install/common/common_config","166"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.8.x/refs/install/controlplane/v1alpha1/spec","8d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.8.x/refs/install/dataplane/v1alpha1/spec","06e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.8.x/refs/install/kubernetes/k8s","fae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.8.x/refs/install/managementplane/v1alpha1/spec","3a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/istio.io/api/operator/v1alpha1/operator",component:u("/service-bridge/1.8.x/refs/istio.io/api/operator/v1alpha1/operator","ef2"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","97c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","936"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.8.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","497"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.8.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","ee0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.8.x/refs/onboarding/config/authorization/v1alpha1/policy","4f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","f86"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/workload_configuration","f87"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.8.x/refs/onboarding/config/runtime/v1alpha1/registration","a7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/config/v1alpha1/transport_security","651"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/condition","84a"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","0e9"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","874"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","f06"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/identity/v1alpha1/identity","291"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","a96"),exact:!0},{path:"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/registration","10e"),exact:!0},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/api","a2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/application","374"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/application_service","91c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/grpc","776"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/openapi_extensions","f7a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/application/v2/yaml","876"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.8.x/refs/tsb/auth/v2/auth","796"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/auth/v2/yaml","816"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/extension/v2/grpc","e81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_extension","390"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_service","fca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/extension/v2/yaml","781"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/auth","746"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/eastwest_gateway","f7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/egress_gateway","458"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway","0bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_common","42f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_group","c73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_service","f20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/grpc","355"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/ingress_gateway","dfb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/istio_gateway_direct","5a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/tier1_gateway","5cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/gateway/v2/yaml","b18"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/istiointernal/v2/grpc","25c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_internal_group","05a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","e09"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istiointernal_service","de1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/istiointernal/v2/yaml","ee6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/grpc","b25"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric","4bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric_service","2db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source","640"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source_service","663"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/yaml","b93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.8.x/refs/tsb/q/v2/approvals_service","253"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/q/v2/grpc","0ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.8.x/refs/tsb/q/v2/permissions_service","b09"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/access_bindings","f07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/api_access_bindings","aa0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/application_access_bindings","e2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/binding","a8a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/gateway_access_bindings","6df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/grpc","ce1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/istio_internal_access_bindings","53e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/organization_access_bindings","127"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/permissions","584"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/policy_service","174"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/role","748"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/role_service","178"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/security_access_bindings","666"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/tenant_access_bindings","47c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/traffic_access_bindings","3ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/workspace_access_bindings","19f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/rbac/v2/yaml","051"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/registry/v2/grpc","cba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.8.x/refs/tsb/registry/v2/lookup_service","dfd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.8.x/refs/tsb/registry/v2/registration_service","449"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.8.x/refs/tsb/registry/v2/service","ce4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/registry/v2/yaml","ba3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/grpc","674"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/istio_security_direct","20d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/security_group","34a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/security_service","c28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/security_setting","91f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/service_security_setting","b74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/waf_settings","8a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/security/v2/yaml","426"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/grpc","b4d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/istio_traffic_direct","201"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/service_route","cf3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_group","7de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_service","fb7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_setting","127"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/traffic/v2/yaml","5e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.8.x/refs/tsb/types/v2/types","20a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/types/v2/yaml","254"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.8.x/refs/tsb/v2/cluster","aba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/cluster_service","456"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.8.x/refs/tsb/v2/grpc","e84"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/info",component:u("/service-bridge/1.8.x/refs/tsb/v2/info","d9f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/organization",component:u("/service-bridge/1.8.x/refs/tsb/v2/organization","ad8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/organization_service","a2e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.8.x/refs/tsb/v2/organization_setting","4f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/status",component:u("/service-bridge/1.8.x/refs/tsb/v2/status","a4d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/status_service","eff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/team",component:u("/service-bridge/1.8.x/refs/tsb/v2/team","d64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/team_service","ad9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.8.x/refs/tsb/v2/tenant","776"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/tenant_service","a29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.8.x/refs/tsb/v2/tenant_setting","a62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.8.x/refs/tsb/v2/workspace","fc3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.8.x/refs/tsb/v2/workspace_service","185"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.8.x/refs/tsb/v2/workspace_setting","e91"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.8.x/refs/tsb/v2/yaml","9f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/release-notes",component:u("/service-bridge/1.8.x/release-notes","04b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/release-notes-announcements/",component:u("/service-bridge/1.8.x/release-notes-announcements/","3bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.8.x/release-notes-announcements/feature-status","4fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.8.x/release-notes-announcements/support-policy","62b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup",component:u("/service-bridge/1.8.x/setup","5cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/aws",component:u("/service-bridge/1.8.x/setup/aws","f0a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/aws/container-marketplace",component:u("/service-bridge/1.8.x/setup/aws/container-marketplace","d9d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/aws/vpc",component:u("/service-bridge/1.8.x/setup/aws/vpc","88f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/certificate",component:u("/service-bridge/1.8.x/setup/certificate","099"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/certificate/automated-certificate-management",component:u("/service-bridge/1.8.x/setup/certificate/automated-certificate-management","285"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.8.x/setup/certificate/certificate-requirements","bb1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.8.x/setup/certificate/certificate-setup","fa5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/components",component:u("/service-bridge/1.8.x/setup/components","406"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/firewall-information",component:u("/service-bridge/1.8.x/setup/firewall-information","610"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/",component:u("/service-bridge/1.8.x/setup/helm/","83a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/controlplane",component:u("/service-bridge/1.8.x/setup/helm/controlplane","392"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/dataplane",component:u("/service-bridge/1.8.x/setup/helm/dataplane","ff7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/helm",component:u("/service-bridge/1.8.x/setup/helm/helm","b05"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/managementplane",component:u("/service-bridge/1.8.x/setup/helm/managementplane","dc7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/uninstallation",component:u("/service-bridge/1.8.x/setup/helm/uninstallation","901"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/helm/upgrade",component:u("/service-bridge/1.8.x/setup/helm/upgrade","40d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/isolation-boundaries",component:u("/service-bridge/1.8.x/setup/isolation-boundaries","8da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/isolation-boundaries-installation",component:u("/service-bridge/1.8.x/setup/isolation-boundaries-installation","3cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.8.x/setup/migrate-tctl-to-helm","2fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/remote-registry",component:u("/service-bridge/1.8.x/setup/remote-registry","d60"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/requirements-and-download",component:u("/service-bridge/1.8.x/setup/requirements-and-download","2e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/resource-planning",component:u("/service-bridge/1.8.x/setup/resource-planning","3b2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/security-context",component:u("/service-bridge/1.8.x/setup/security-context","f3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/",component:u("/service-bridge/1.8.x/setup/self-managed/","258"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.8.x/setup/self-managed/demo-installation","be9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.8.x/setup/self-managed/management-plane-installation","0fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.8.x/setup/self-managed/onboarding-clusters","931"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.8.x/setup/self-managed/uninstallation","98e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/self-managed/upgrade",component:u("/service-bridge/1.8.x/setup/self-managed/upgrade","5b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/tctl-connect",component:u("/service-bridge/1.8.x/setup/tctl-connect","a07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrade-best-practices",component:u("/service-bridge/1.8.x/setup/upgrade-best-practices","f37"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrades",component:u("/service-bridge/1.8.x/setup/upgrades","112"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.8.x/setup/upgrades/cni-upgrade","708"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.8.x/setup/upgrades/gateway-upgrade","e08"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.8.x/setup/upgrades/non-revisioned-to-revisioned","0ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.8.x/setup/upgrades/revisioned-to-revisioned","138"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding","2c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/","863"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/ecs-workloads","ac8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/managing","270"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/on-premise-workloads","9a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/onboarding","fb2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/overview","933"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/setup","421"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.8.x/setup/workload-onboarding/guides/troubleshooting","b7b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.8.x/setup/workload-onboarding/onboarding-vms","e5e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart","de6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/","c92"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","7a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","748"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","b1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","ade"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","aea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","b6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/","fa1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","f4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","0e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/","39d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","b10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","78b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","2e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting",component:u("/service-bridge/1.8.x/troubleshooting","944"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.8.x/troubleshooting/cluster-onboarding","810"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/configuration-status",component:u("/service-bridge/1.8.x/troubleshooting/configuration-status","0db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/debug-container",component:u("/service-bridge/1.8.x/troubleshooting/debug-container","028"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.8.x/troubleshooting/gateway-troubleshooting","540"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.8.x/troubleshooting/identify-underperforming-services","e30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.8.x/troubleshooting/Maximum-header-size-exceed","8e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.8.x/troubleshooting/Multiple-Transfer-encoding-chunked","5b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.8.x/troubleshooting/troubleshooting","814"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.8.x/troubleshooting/tsb-ui-metrics","389"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.8.x/wokingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.8.x/wokingwithsupport/workingWithTetrateSupport","351"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/1.9.x",component:u("/service-bridge/1.9.x","01c"),routes:[{path:"/service-bridge/1.9.x/tags",component:u("/service-bridge/1.9.x/tags","97e"),exact:!0},{path:"/service-bridge/1.9.x/tags/featured",component:u("/service-bridge/1.9.x/tags/featured","80d"),exact:!0},{path:"/service-bridge/1.9.x/tags/tsb-concepts",component:u("/service-bridge/1.9.x/tags/tsb-concepts","997"),exact:!0},{path:"/service-bridge/1.9.x/tags/tsb-quickstart",component:u("/service-bridge/1.9.x/tags/tsb-quickstart","2e6"),exact:!0},{path:"/service-bridge/1.9.x",component:u("/service-bridge/1.9.x","8a5"),routes:[{path:"/service-bridge/1.9.x/",component:u("/service-bridge/1.9.x/","300"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/category/working-with-tetrate-customer-support",component:u("/service-bridge/1.9.x/category/working-with-tetrate-customer-support","3cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/",component:u("/service-bridge/1.9.x/cheatsheet/","966"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/gateways-management",component:u("/service-bridge/1.9.x/cheatsheet/sheets/gateways-management","642"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/kubectl",component:u("/service-bridge/1.9.x/cheatsheet/sheets/kubectl","5f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/security-management",component:u("/service-bridge/1.9.x/cheatsheet/sheets/security-management","cb2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/tctl",component:u("/service-bridge/1.9.x/cheatsheet/sheets/tctl","dca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/traffic-management",component:u("/service-bridge/1.9.x/cheatsheet/sheets/traffic-management","c38"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/1.9.x/cheatsheet/sheets/tsb-concepts","d6a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/1.9.x/cheatsheet/sheets/tsb-quickstart","82b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/1.9.x/cheatsheet/sheets/tsb-terminology","ffd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/",component:u("/service-bridge/1.9.x/concepts/","5be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/architecture",component:u("/service-bridge/1.9.x/concepts/architecture","ed9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/configuration-dataflow",component:u("/service-bridge/1.9.x/concepts/configuration-dataflow","681"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/glossary",component:u("/service-bridge/1.9.x/concepts/glossary","1ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/observability",component:u("/service-bridge/1.9.x/concepts/observability","fcc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/operators/",component:u("/service-bridge/1.9.x/concepts/operators/","1ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/operators/control-plane",component:u("/service-bridge/1.9.x/concepts/operators/control-plane","b27"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/operators/data-plane",component:u("/service-bridge/1.9.x/concepts/operators/data-plane","526"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/operators/management-plane",component:u("/service-bridge/1.9.x/concepts/operators/management-plane","af5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/security",component:u("/service-bridge/1.9.x/concepts/security","9a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/service-mesh",component:u("/service-bridge/1.9.x/concepts/service-mesh","c6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/terminology",component:u("/service-bridge/1.9.x/concepts/terminology","e25"),exact:!0},{path:"/service-bridge/1.9.x/concepts/traffic-management",component:u("/service-bridge/1.9.x/concepts/traffic-management","e3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/concepts/tsb-and-istio",component:u("/service-bridge/1.9.x/concepts/tsb-and-istio","d3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/",component:u("/service-bridge/1.9.x/design-guides/","ab6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/","aa8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/cross-cluster","b3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/deploy-service","197"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/gateway-security","381"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/high-availability",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/high-availability","a80"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/introduction",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/introduction","423"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/monitor",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/monitor","397"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/prepare",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/prepare","01d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/promote-service",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/promote-service","6a7"),exact:!0},{path:"/service-bridge/1.9.x/design-guides/app-onboarding/security",component:u("/service-bridge/1.9.x/design-guides/app-onboarding/security","ba2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-dr-mp/",component:u("/service-bridge/1.9.x/design-guides/ha-dr-mp/","8d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-dr-mp/dr-managementplane",component:u("/service-bridge/1.9.x/design-guides/ha-dr-mp/dr-managementplane","9ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-dr-mp/ha-managementplane",component:u("/service-bridge/1.9.x/design-guides/ha-dr-mp/ha-managementplane","60f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/1.9.x/design-guides/ha-dr-mp/introduction","06c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/1.9.x/design-guides/ha-dr-mp/scenarios","979"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/","26b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/cluster-failover","291"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/demo-1","20b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/demo-2","1ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/edge-failover","c86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/introduction",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/introduction","2be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/design-guides/ha-multicluster/operations",component:u("/service-bridge/1.9.x/design-guides/ha-multicluster/operations","5ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto",component:u("/service-bridge/1.9.x/howto","017"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/authorization/",component:u("/service-bridge/1.9.x/howto/authorization/","55b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/authorization/ingress-gateway",component:u("/service-bridge/1.9.x/howto/authorization/ingress-gateway","fed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/authorization/sidecar",component:u("/service-bridge/1.9.x/howto/authorization/sidecar","f57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/authorization/tier1-gateway",component:u("/service-bridge/1.9.x/howto/authorization/tier1-gateway","98c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/authorization/tls-verification",component:u("/service-bridge/1.9.x/howto/authorization/tls-verification","e9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway",component:u("/service-bridge/1.9.x/howto/gateway","f49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/app-ingress",component:u("/service-bridge/1.9.x/howto/gateway/app-ingress","43a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/1.9.x/howto/gateway/application-gateway-with-openapi-annotations","886"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/1.9.x/howto/gateway/configure-and-route-nonhttp-traffic","e51"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/configure-oidc",component:u("/service-bridge/1.9.x/howto/gateway/configure-oidc","983"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/distributed-ingress",component:u("/service-bridge/1.9.x/howto/gateway/distributed-ingress","86d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/egress-gateways",component:u("/service-bridge/1.9.x/howto/gateway/egress-gateways","697"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/1.9.x/howto/gateway/end-user-auth-keycloak","579"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/host-based-egress-access-control",component:u("/service-bridge/1.9.x/howto/gateway/host-based-egress-access-control","18f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/1.9.x/howto/gateway/https-with-proxy-protocol","3ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-failover-priority",component:u("/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-failover-priority","4b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","8b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","2d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-shifting","7ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/service-identity-propagation",component:u("/service-bridge/1.9.x/howto/gateway/service-identity-propagation","832"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/shared-ingress",component:u("/service-bridge/1.9.x/howto/gateway/shared-ingress","68e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/1.9.x/howto/gateway/subset-based-routing-using-igw-and-service-route","eed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/unified-gateway",component:u("/service-bridge/1.9.x/howto/gateway/unified-gateway","82b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gateway/unified-gateway-upgrade",component:u("/service-bridge/1.9.x/howto/gateway/unified-gateway-upgrade","48e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gitops",component:u("/service-bridge/1.9.x/howto/gitops","8b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gitops/argo-rollouts",component:u("/service-bridge/1.9.x/howto/gitops/argo-rollouts","f55"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gitops/flagger",component:u("/service-bridge/1.9.x/howto/gitops/flagger","e7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gitops/flux",component:u("/service-bridge/1.9.x/howto/gitops/flux","b00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/gitops/gitops",component:u("/service-bridge/1.9.x/howto/gitops/gitops","c03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/hpa-using-skywalking",component:u("/service-bridge/1.9.x/howto/hpa-using-skywalking","566"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/network-policies",component:u("/service-bridge/1.9.x/howto/network-policies","ab0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/promql-using-skywalking",component:u("/service-bridge/1.9.x/howto/promql-using-skywalking","a35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/",component:u("/service-bridge/1.9.x/howto/rate-limiting/","8a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/1.9.x/howto/rate-limiting/external-rate-limiting","1e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/1.9.x/howto/rate-limiting/ingress-gateway","481"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/1.9.x/howto/rate-limiting/internal-rate-limiting","d16"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/service-to-service",component:u("/service-bridge/1.9.x/howto/rate-limiting/service-to-service","d4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/1.9.x/howto/rate-limiting/tier1-gateway","b35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/rate-limiting/tls-validation",component:u("/service-bridge/1.9.x/howto/rate-limiting/tls-validation","3bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/security-domains",component:u("/service-bridge/1.9.x/howto/security-domains","08a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/service-accounts",component:u("/service-bridge/1.9.x/howto/service-accounts","4a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic",component:u("/service-bridge/1.9.x/howto/traffic","168"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/canary-releases",component:u("/service-bridge/1.9.x/howto/traffic/canary-releases","f51"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/1.9.x/howto/traffic/configure-multi-port-service-route","107"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/external-site-https",component:u("/service-bridge/1.9.x/howto/traffic/external-site-https","692"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/load-balance",component:u("/service-bridge/1.9.x/howto/traffic/load-balance","6c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/1.9.x/howto/traffic/migrating-VM-monoliths","d0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/1.9.x/howto/traffic/splitting-service-traffic-between-k8s-vms","6b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/waf",component:u("/service-bridge/1.9.x/howto/waf","b30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/wasm",component:u("/service-bridge/1.9.x/howto/wasm","bd3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/wasm/wasm-extension",component:u("/service-bridge/1.9.x/howto/wasm/wasm-extension","f0a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/wasm/wasm-overview",component:u("/service-bridge/1.9.x/howto/wasm/wasm-overview","a3e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/wasm/wasm-proxy",component:u("/service-bridge/1.9.x/howto/wasm/wasm-proxy","349"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/howto/wasm/wasm-try",component:u("/service-bridge/1.9.x/howto/wasm/wasm-try","65c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/knowledge-base",component:u("/service-bridge/1.9.x/knowledge-base","e1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/knowledge-base/faq",component:u("/service-bridge/1.9.x/knowledge-base/faq","405"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/knowledge-base/gitops",component:u("/service-bridge/1.9.x/knowledge-base/gitops","a06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations",component:u("/service-bridge/1.9.x/operations","423"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/configuration-promotion",component:u("/service-bridge/1.9.x/operations/configuration-promotion","aed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/configure-log-levels",component:u("/service-bridge/1.9.x/operations/configure-log-levels","b5b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/elasticsearch",component:u("/service-bridge/1.9.x/operations/elasticsearch","9eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/1.9.x/operations/elasticsearch/elasticsearch-role","f15"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/1.9.x/operations/elasticsearch/wipe-elastic","e25"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features",component:u("/service-bridge/1.9.x/operations/features","b71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/1.9.x/operations/features/configure-cluster-external-addresses","ad7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/configure-gitops",component:u("/service-bridge/1.9.x/operations/features/configure-gitops","659"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/deletion-protection",component:u("/service-bridge/1.9.x/operations/features/deletion-protection","755"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/edge-dns-resolution",component:u("/service-bridge/1.9.x/operations/features/edge-dns-resolution","4da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/enable-config-protection",component:u("/service-bridge/1.9.x/operations/features/enable-config-protection","088"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/gateway-deletion-webhook",component:u("/service-bridge/1.9.x/operations/features/gateway-deletion-webhook","4f8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/internal-wasm-extensions",component:u("/service-bridge/1.9.x/operations/features/internal-wasm-extensions","1fa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/istio-cni",component:u("/service-bridge/1.9.x/operations/features/istio-cni","e05"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/label-annotation",component:u("/service-bridge/1.9.x/operations/features/label-annotation","2b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/streaming-log",component:u("/service-bridge/1.9.x/operations/features/streaming-log","c41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/tier1-in-app-cluster",component:u("/service-bridge/1.9.x/operations/features/tier1-in-app-cluster","667"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/1.9.x/operations/features/tls-origin-multi-cluster","c91"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/graceful-connection-drain",component:u("/service-bridge/1.9.x/operations/graceful-connection-drain","31f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/kube-customization",component:u("/service-bridge/1.9.x/operations/kube-customization","9a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/lower-istio-resources",component:u("/service-bridge/1.9.x/operations/lower-istio-resources","a8f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/migrate-organization",component:u("/service-bridge/1.9.x/operations/migrate-organization","a22"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/multiple-iam-keys",component:u("/service-bridge/1.9.x/operations/multiple-iam-keys","39d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/postgresql",component:u("/service-bridge/1.9.x/operations/postgresql","b6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/postgresql/auditlog-retention",component:u("/service-bridge/1.9.x/operations/postgresql/auditlog-retention","6d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/postgresql/azure-credentials",component:u("/service-bridge/1.9.x/operations/postgresql/azure-credentials","1f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/postgresql/backup-and-restore",component:u("/service-bridge/1.9.x/operations/postgresql/backup-and-restore","28d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/postgresql/managing-kubegres",component:u("/service-bridge/1.9.x/operations/postgresql/managing-kubegres","fc7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry",component:u("/service-bridge/1.9.x/operations/telemetry","bad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/alerting-guidelines",component:u("/service-bridge/1.9.x/operations/telemetry/alerting-guidelines","e21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/distributed-tracing",component:u("/service-bridge/1.9.x/operations/telemetry/distributed-tracing","b31"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/key-metrics",component:u("/service-bridge/1.9.x/operations/telemetry/key-metrics","142"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/new-relic",component:u("/service-bridge/1.9.x/operations/telemetry/new-relic","f1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/red-metrics",component:u("/service-bridge/1.9.x/operations/telemetry/red-metrics","508"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/telemetry/telemetry-architecture",component:u("/service-bridge/1.9.x/operations/telemetry/telemetry-architecture","4e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users",component:u("/service-bridge/1.9.x/operations/users","715"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/admin-password",component:u("/service-bridge/1.9.x/operations/users/admin-password","5d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/configuring-ldap",component:u("/service-bridge/1.9.x/operations/users/configuring-ldap","65d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/new-user-local-idp",component:u("/service-bridge/1.9.x/operations/users/new-user-local-idp","4ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/oidc-azure",component:u("/service-bridge/1.9.x/operations/users/oidc-azure","f67"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/roles-and-permissions",component:u("/service-bridge/1.9.x/operations/users/roles-and-permissions","393"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/users/user-synchronization",component:u("/service-bridge/1.9.x/operations/users/user-synchronization","600"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/vault",component:u("/service-bridge/1.9.x/operations/vault","a0a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/vault/elasticsearch",component:u("/service-bridge/1.9.x/operations/vault/elasticsearch","456"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/vault/istiod-ca",component:u("/service-bridge/1.9.x/operations/vault/istiod-ca","483"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/operations/vault/postgresql",component:u("/service-bridge/1.9.x/operations/vault/postgresql","b34"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart",component:u("/service-bridge/1.9.x/quickstart","710"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/apps",component:u("/service-bridge/1.9.x/quickstart/apps","179"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/config-groups",component:u("/service-bridge/1.9.x/quickstart/config-groups","43b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/deploy-sample-app",component:u("/service-bridge/1.9.x/quickstart/deploy-sample-app","605"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/ingress-gateway",component:u("/service-bridge/1.9.x/quickstart/ingress-gateway","a63"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/introduction",component:u("/service-bridge/1.9.x/quickstart/introduction","684"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/observability",component:u("/service-bridge/1.9.x/quickstart/observability","696"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/permissions",component:u("/service-bridge/1.9.x/quickstart/permissions","b04"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/security",component:u("/service-bridge/1.9.x/quickstart/security","c29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/tenant",component:u("/service-bridge/1.9.x/quickstart/tenant","776"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/traffic-shifting",component:u("/service-bridge/1.9.x/quickstart/traffic-shifting","276"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/quickstart/workspace",component:u("/service-bridge/1.9.x/quickstart/workspace","71f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference",component:u("/service-bridge/1.9.x/reference","995"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli",component:u("/service-bridge/1.9.x/reference/cli","4ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/guide/index",component:u("/service-bridge/1.9.x/reference/cli/guide/index","6df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/guide/toc",component:u("/service-bridge/1.9.x/reference/cli/guide/toc","a2d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference",component:u("/service-bridge/1.9.x/reference/cli/reference","c97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/apply",component:u("/service-bridge/1.9.x/reference/cli/reference/apply","dde"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/collect",component:u("/service-bridge/1.9.x/reference/cli/reference/collect","c46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/completion",component:u("/service-bridge/1.9.x/reference/cli/reference/completion","d5d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/config",component:u("/service-bridge/1.9.x/reference/cli/reference/config","87e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/delete",component:u("/service-bridge/1.9.x/reference/cli/reference/delete","0eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/edit",component:u("/service-bridge/1.9.x/reference/cli/reference/edit","c91"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/experimental",component:u("/service-bridge/1.9.x/reference/cli/reference/experimental","549"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/get",component:u("/service-bridge/1.9.x/reference/cli/reference/get","1d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/index",component:u("/service-bridge/1.9.x/reference/cli/reference/index","44c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/install",component:u("/service-bridge/1.9.x/reference/cli/reference/install","8cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/login",component:u("/service-bridge/1.9.x/reference/cli/reference/login","0bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/ui",component:u("/service-bridge/1.9.x/reference/cli/reference/ui","0ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/validate",component:u("/service-bridge/1.9.x/reference/cli/reference/validate","e67"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/version",component:u("/service-bridge/1.9.x/reference/cli/reference/version","7eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/whoami",component:u("/service-bridge/1.9.x/reference/cli/reference/whoami","746"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/1.9.x/reference/cli/reference/workload-entry-annotations","fca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/grpc-api",component:u("/service-bridge/1.9.x/reference/grpc-api","088"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/grpc-api/guide",component:u("/service-bridge/1.9.x/reference/grpc-api/guide","74b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/grpc-api/reference",component:u("/service-bridge/1.9.x/reference/grpc-api/reference","141"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api",component:u("/service-bridge/1.9.x/reference/k8s-api","5e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/guide",component:u("/service-bridge/1.9.x/reference/k8s-api/guide","d90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen","499"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","867"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","65c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","ea6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","10f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","235"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","da5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","c70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","1ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","eed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","766"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","859"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","c6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","a92"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","2f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","b74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","dbb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","957"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/operators",component:u("/service-bridge/1.9.x/reference/operators","43a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/rest-api/guide",component:u("/service-bridge/1.9.x/reference/rest-api/guide","19d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/samples",component:u("/service-bridge/1.9.x/reference/samples","56f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/samples/httpbin",component:u("/service-bridge/1.9.x/reference/samples/httpbin","032"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/samples/opa",component:u("/service-bridge/1.9.x/reference/samples/opa","039"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/samples/sleep-service",component:u("/service-bridge/1.9.x/reference/samples/sleep-service","a46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/workload-onboarding",component:u("/service-bridge/1.9.x/reference/workload-onboarding","35e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/1.9.x/reference/workload-onboarding/onboarding-agent","6a2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/1.9.x/reference/workload-onboarding/onboarding-authorization","d87"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/1.9.x/reference/workload-onboarding/onboarding-runtime","185"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/yaml-api",component:u("/service-bridge/1.9.x/reference/yaml-api","865"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/yaml-api/guide",component:u("/service-bridge/1.9.x/reference/yaml-api/guide","bd9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/reference/yaml-api/reference",component:u("/service-bridge/1.9.x/reference/yaml-api/reference","8bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/audit/v1/audit",component:u("/service-bridge/1.9.x/refs/audit/v1/audit","227"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/audit/v1/grpc",component:u("/service-bridge/1.9.x/refs/audit/v1/grpc","3f3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/iam/v2/grpc",component:u("/service-bridge/1.9.x/refs/iam/v2/grpc","edf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/iam/v2/oauth_service",component:u("/service-bridge/1.9.x/refs/iam/v2/oauth_service","2e3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/iam/v2/oidc_service",component:u("/service-bridge/1.9.x/refs/iam/v2/oidc_service","ef3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install",component:u("/service-bridge/1.9.x/refs/install","08b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install/common/common_config",component:u("/service-bridge/1.9.x/refs/install/common/common_config","979"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/1.9.x/refs/install/controlplane/v1alpha1/spec","116"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/1.9.x/refs/install/dataplane/v1alpha1/spec","bbd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install/kubernetes/k8s",component:u("/service-bridge/1.9.x/refs/install/kubernetes/k8s","cab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/1.9.x/refs/install/managementplane/v1alpha1/spec","b31"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/istio.io/api/operator/v1alpha1/operator",component:u("/service-bridge/1.9.x/refs/istio.io/api/operator/v1alpha1/operator","f12"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/agent_configuration","d28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","404"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/1.9.x/refs/onboarding/config/authorization/aws/v1alpha1/aws","829"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/1.9.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","345"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/1.9.x/refs/onboarding/config/authorization/v1alpha1/policy","897"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/jwt_issuer","801"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/workload_configuration","f00"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/1.9.x/refs/onboarding/config/runtime/v1alpha1/registration","1fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/config/v1alpha1/transport_security","d28"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/condition","f3e"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name","ad0"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws","b48"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","636"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/identity/v1alpha1/identity","bfb"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo","38f"),exact:!0},{path:"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/registration","312"),exact:!0},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/api",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/api","83c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/application",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/application","aff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/application_service",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/application_service","ee5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/grpc","32b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/openapi_extensions","fac"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/application/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/application/v2/yaml","b7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/auth/v2/auth",component:u("/service-bridge/1.9.x/refs/tsb/auth/v2/auth","18a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/auth/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/auth/v2/yaml","fa7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/extension/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/extension/v2/grpc","2dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_extension","3e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_service","db9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/extension/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/extension/v2/yaml","2e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/auth",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/auth","7f8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/eastwest_gateway","f39"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/egress_gateway","f9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway","022"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_common","20b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_group","54d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_service","3f7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/grpc","5da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/ingress_gateway","f40"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/istio_gateway_direct","d74"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/tier1_gateway","397"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/gateway/v2/yaml","b29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/istiointernal/v2/grpc","811"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_internal_group","463"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct","616"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istiointernal_service","d73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/istiointernal/v2/yaml","426"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/grpc","887"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric","116"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric_service","8cc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source","22c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source_service","7d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/yaml","6e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/1.9.x/refs/tsb/q/v2/approvals_service","d83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/q/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/q/v2/grpc","152"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/1.9.x/refs/tsb/q/v2/permissions_service","f88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/access_bindings","eae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/api_access_bindings","101"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/application_access_bindings","2a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/binding",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/binding","745"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/gateway_access_bindings","653"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/grpc","b99"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/istio_internal_access_bindings","aaf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/organization_access_bindings","2af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/permissions","650"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/policy_service","1d6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/role",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/role","957"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/role_service","ed4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/security_access_bindings","bd1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/tenant_access_bindings","6af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/traffic_access_bindings","84b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/workspace_access_bindings","d8e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/rbac/v2/yaml","52f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/registry/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/registry/v2/grpc","fe5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/1.9.x/refs/tsb/registry/v2/lookup_service","c84"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/1.9.x/refs/tsb/registry/v2/registration_service","925"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/registry/v2/service",component:u("/service-bridge/1.9.x/refs/tsb/registry/v2/service","605"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/registry/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/registry/v2/yaml","486"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/grpc","c49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/istio_security_direct","bd1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/security_group",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/security_group","597"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/security_service",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/security_service","02f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/security_setting",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/security_setting","9a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/service_security_setting","2ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/waf_settings","6a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/security/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/security/v2/yaml","fe0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/grpc","800"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/istio_traffic_direct","b86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/service_route","f0b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_group","ea8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_service","f3f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_setting","c08"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/traffic/v2/yaml","83d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/types/v2/types",component:u("/service-bridge/1.9.x/refs/tsb/types/v2/types","1c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/types/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/types/v2/yaml","2c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/cluster",component:u("/service-bridge/1.9.x/refs/tsb/v2/cluster","9cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/cluster_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/cluster_service","28a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/grpc",component:u("/service-bridge/1.9.x/refs/tsb/v2/grpc","1e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/info",component:u("/service-bridge/1.9.x/refs/tsb/v2/info","c87"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/organization",component:u("/service-bridge/1.9.x/refs/tsb/v2/organization","70b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/organization_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/organization_service","178"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/organization_setting",component:u("/service-bridge/1.9.x/refs/tsb/v2/organization_setting","521"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/status",component:u("/service-bridge/1.9.x/refs/tsb/v2/status","369"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/status_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/status_service","77c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/team",component:u("/service-bridge/1.9.x/refs/tsb/v2/team","1f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/team_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/team_service","2e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/tenant",component:u("/service-bridge/1.9.x/refs/tsb/v2/tenant","3b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/tenant_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/tenant_service","051"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/tenant_setting",component:u("/service-bridge/1.9.x/refs/tsb/v2/tenant_setting","9ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/workspace",component:u("/service-bridge/1.9.x/refs/tsb/v2/workspace","414"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/workspace_service",component:u("/service-bridge/1.9.x/refs/tsb/v2/workspace_service","04c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/workspace_setting",component:u("/service-bridge/1.9.x/refs/tsb/v2/workspace_setting","d6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/refs/tsb/v2/yaml",component:u("/service-bridge/1.9.x/refs/tsb/v2/yaml","ac1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/release-notes",component:u("/service-bridge/1.9.x/release-notes","d83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/release-notes-announcements/",component:u("/service-bridge/1.9.x/release-notes-announcements/","a3d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/release-notes-announcements/feature-status",component:u("/service-bridge/1.9.x/release-notes-announcements/feature-status","7fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/release-notes-announcements/support-policy",component:u("/service-bridge/1.9.x/release-notes-announcements/support-policy","f12"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup",component:u("/service-bridge/1.9.x/setup","2d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/aws",component:u("/service-bridge/1.9.x/setup/aws","988"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/aws/container-marketplace",component:u("/service-bridge/1.9.x/setup/aws/container-marketplace","01c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/aws/vpc",component:u("/service-bridge/1.9.x/setup/aws/vpc","dd8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/certificate",component:u("/service-bridge/1.9.x/setup/certificate","129"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/certificate/automated-certificate-management",component:u("/service-bridge/1.9.x/setup/certificate/automated-certificate-management","dc8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/certificate/certificate-requirements",component:u("/service-bridge/1.9.x/setup/certificate/certificate-requirements","a10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/certificate/certificate-setup",component:u("/service-bridge/1.9.x/setup/certificate/certificate-setup","34d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/components",component:u("/service-bridge/1.9.x/setup/components","fa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/firewall-information",component:u("/service-bridge/1.9.x/setup/firewall-information","017"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/",component:u("/service-bridge/1.9.x/setup/helm/","492"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/controlplane",component:u("/service-bridge/1.9.x/setup/helm/controlplane","18c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/dataplane",component:u("/service-bridge/1.9.x/setup/helm/dataplane","ebe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/helm",component:u("/service-bridge/1.9.x/setup/helm/helm","ac9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/managementplane",component:u("/service-bridge/1.9.x/setup/helm/managementplane","82a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/uninstallation",component:u("/service-bridge/1.9.x/setup/helm/uninstallation","add"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/helm/upgrade",component:u("/service-bridge/1.9.x/setup/helm/upgrade","bc3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/isolation-boundaries",component:u("/service-bridge/1.9.x/setup/isolation-boundaries","dd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/isolation-boundaries-installation",component:u("/service-bridge/1.9.x/setup/isolation-boundaries-installation","5a1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/migrate-tctl-to-helm",component:u("/service-bridge/1.9.x/setup/migrate-tctl-to-helm","dec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/remote-registry",component:u("/service-bridge/1.9.x/setup/remote-registry","f8a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/requirements-and-download",component:u("/service-bridge/1.9.x/setup/requirements-and-download","0cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/resource-planning",component:u("/service-bridge/1.9.x/setup/resource-planning","f66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/security-context",component:u("/service-bridge/1.9.x/setup/security-context","a1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/",component:u("/service-bridge/1.9.x/setup/self-managed/","148"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/demo-installation",component:u("/service-bridge/1.9.x/setup/self-managed/demo-installation","4b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/management-plane-installation",component:u("/service-bridge/1.9.x/setup/self-managed/management-plane-installation","ab8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/onboarding-clusters",component:u("/service-bridge/1.9.x/setup/self-managed/onboarding-clusters","4fa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/uninstallation",component:u("/service-bridge/1.9.x/setup/self-managed/uninstallation","e71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/self-managed/upgrade",component:u("/service-bridge/1.9.x/setup/self-managed/upgrade","4fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/tctl-connect",component:u("/service-bridge/1.9.x/setup/tctl-connect","f2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrade-best-practices",component:u("/service-bridge/1.9.x/setup/upgrade-best-practices","5d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrades",component:u("/service-bridge/1.9.x/setup/upgrades","7d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrades/cni-upgrade",component:u("/service-bridge/1.9.x/setup/upgrades/cni-upgrade","d00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrades/gateway-upgrade",component:u("/service-bridge/1.9.x/setup/upgrades/gateway-upgrade","fd0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/1.9.x/setup/upgrades/non-revisioned-to-revisioned","a79"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/1.9.x/setup/upgrades/revisioned-to-revisioned","988"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding","847"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/","c11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/ecs-workloads","47e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/managing",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/managing","342"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/on-premise-workloads","bb4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/onboarding","20b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/overview",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/overview","7e9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/setup",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/setup","ae3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/1.9.x/setup/workload-onboarding/guides/troubleshooting","685"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/1.9.x/setup/workload-onboarding/onboarding-vms","cf0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart","0ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/","43c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","cb5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","abf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","132"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","e47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","0b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","7e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/","b6c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","1dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","35e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/","d52"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-vm","9a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","541"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm","ba2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting",component:u("/service-bridge/1.9.x/troubleshooting","389"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/cluster-onboarding",component:u("/service-bridge/1.9.x/troubleshooting/cluster-onboarding","027"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/configuration-status",component:u("/service-bridge/1.9.x/troubleshooting/configuration-status","8eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/debug-container",component:u("/service-bridge/1.9.x/troubleshooting/debug-container","119"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/1.9.x/troubleshooting/gateway-troubleshooting","f88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/identify-underperforming-services",component:u("/service-bridge/1.9.x/troubleshooting/identify-underperforming-services","f4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/1.9.x/troubleshooting/Maximum-header-size-exceed","8dc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/1.9.x/troubleshooting/Multiple-Transfer-encoding-chunked","51f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/troubleshooting",component:u("/service-bridge/1.9.x/troubleshooting/troubleshooting","401"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/1.9.x/troubleshooting/tsb-ui-metrics","33c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/1.9.x/workingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/1.9.x/workingwithsupport/workingWithTetrateSupport","598"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge/next",component:u("/service-bridge/next","4b5"),routes:[{path:"/service-bridge/next/tags",component:u("/service-bridge/next/tags","1b5"),exact:!0},{path:"/service-bridge/next/tags/featured",component:u("/service-bridge/next/tags/featured","9f8"),exact:!0},{path:"/service-bridge/next/tags/tsb-concepts",component:u("/service-bridge/next/tags/tsb-concepts","cd8"),exact:!0},{path:"/service-bridge/next/tags/tsb-quickstart",component:u("/service-bridge/next/tags/tsb-quickstart","fde"),exact:!0},{path:"/service-bridge/next",component:u("/service-bridge/next","bb3"),routes:[{path:"/service-bridge/next/",component:u("/service-bridge/next/","294"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/category/working-with-tetrate-customer-support",component:u("/service-bridge/next/category/working-with-tetrate-customer-support","d20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/",component:u("/service-bridge/next/cheatsheet/","6d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/gateways-management",component:u("/service-bridge/next/cheatsheet/sheets/gateways-management","ad0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/kubectl",component:u("/service-bridge/next/cheatsheet/sheets/kubectl","ef0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/security-management",component:u("/service-bridge/next/cheatsheet/sheets/security-management","25e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/tctl",component:u("/service-bridge/next/cheatsheet/sheets/tctl","0ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/traffic-management",component:u("/service-bridge/next/cheatsheet/sheets/traffic-management","f41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/next/cheatsheet/sheets/tsb-concepts","680"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/next/cheatsheet/sheets/tsb-quickstart","fe0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/next/cheatsheet/sheets/tsb-terminology","902"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/",component:u("/service-bridge/next/concepts/","4da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/architecture",component:u("/service-bridge/next/concepts/architecture","157"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/configuration-dataflow",component:u("/service-bridge/next/concepts/configuration-dataflow","b44"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/configuration-inheritance",component:u("/service-bridge/next/concepts/configuration-inheritance","4cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/glossary",component:u("/service-bridge/next/concepts/glossary","443"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/observability",component:u("/service-bridge/next/concepts/observability","d2d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/operators/",component:u("/service-bridge/next/concepts/operators/","70b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/operators/control-plane",component:u("/service-bridge/next/concepts/operators/control-plane","f4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/operators/management-plane",component:u("/service-bridge/next/concepts/operators/management-plane","fa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/security",component:u("/service-bridge/next/concepts/security","f6e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/service-mesh",component:u("/service-bridge/next/concepts/service-mesh","769"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/terminology",component:u("/service-bridge/next/concepts/terminology","bd6"),exact:!0},{path:"/service-bridge/next/concepts/traffic-management",component:u("/service-bridge/next/concepts/traffic-management","25b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/tsb-and-ambient",component:u("/service-bridge/next/concepts/tsb-and-ambient","059"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/concepts/tsb-and-istio",component:u("/service-bridge/next/concepts/tsb-and-istio","d48"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/",component:u("/service-bridge/next/design-guides/","f07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/",component:u("/service-bridge/next/design-guides/app-onboarding/","08a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/next/design-guides/app-onboarding/cross-cluster","eb5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/next/design-guides/app-onboarding/deploy-service","503"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/next/design-guides/app-onboarding/gateway-security","beb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/high-availability",component:u("/service-bridge/next/design-guides/app-onboarding/high-availability","39f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/introduction",component:u("/service-bridge/next/design-guides/app-onboarding/introduction","aa4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/monitor",component:u("/service-bridge/next/design-guides/app-onboarding/monitor","988"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/prepare",component:u("/service-bridge/next/design-guides/app-onboarding/prepare","2a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/app-onboarding/promote-service",component:u("/service-bridge/next/design-guides/app-onboarding/promote-service","b9c"),exact:!0},{path:"/service-bridge/next/design-guides/app-onboarding/security",component:u("/service-bridge/next/design-guides/app-onboarding/security","a91"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/",component:u("/service-bridge/next/design-guides/ha-dr-mp/","e3c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/active-standby/automated-synchronization",component:u("/service-bridge/next/design-guides/ha-dr-mp/active-standby/automated-synchronization","e34"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/active-standby/manual-backup-restore",component:u("/service-bridge/next/design-guides/ha-dr-mp/active-standby/manual-backup-restore","20d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/active-standby/troubleshoot",component:u("/service-bridge/next/design-guides/ha-dr-mp/active-standby/troubleshoot","2bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/before-you-begin",component:u("/service-bridge/next/design-guides/ha-dr-mp/before-you-begin","134"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/best-practices",component:u("/service-bridge/next/design-guides/ha-dr-mp/best-practices","0ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/next/design-guides/ha-dr-mp/introduction","adb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/manual/reinstall",component:u("/service-bridge/next/design-guides/ha-dr-mp/manual/reinstall","aea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/operating/monitor",component:u("/service-bridge/next/design-guides/ha-dr-mp/operating/monitor","3d7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/operating/troubleshoot",component:u("/service-bridge/next/design-guides/ha-dr-mp/operating/troubleshoot","e28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/next/design-guides/ha-dr-mp/scenarios","42e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/",component:u("/service-bridge/next/design-guides/ha-multicluster/","b90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/next/design-guides/ha-multicluster/cluster-failover","ed8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/next/design-guides/ha-multicluster/demo-1","694"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/next/design-guides/ha-multicluster/demo-2","541"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/next/design-guides/ha-multicluster/edge-failover","b3b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/introduction",component:u("/service-bridge/next/design-guides/ha-multicluster/introduction","370"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/design-guides/ha-multicluster/operations",component:u("/service-bridge/next/design-guides/ha-multicluster/operations","127"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto",component:u("/service-bridge/next/howto","f93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/authorization/",component:u("/service-bridge/next/howto/authorization/","65d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/authorization/ingress-gateway",component:u("/service-bridge/next/howto/authorization/ingress-gateway","9b9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/authorization/sidecar",component:u("/service-bridge/next/howto/authorization/sidecar","292"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/authorization/tier1-gateway",component:u("/service-bridge/next/howto/authorization/tier1-gateway","4bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/authorization/tls-verification",component:u("/service-bridge/next/howto/authorization/tls-verification","53e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway",component:u("/service-bridge/next/howto/gateway","d17"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/app-ingress",component:u("/service-bridge/next/howto/gateway/app-ingress","b76"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/next/howto/gateway/application-gateway-with-openapi-annotations","8d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/next/howto/gateway/configure-and-route-nonhttp-traffic","21e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/configure-oidc",component:u("/service-bridge/next/howto/gateway/configure-oidc","5bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/distributed-ingress",component:u("/service-bridge/next/howto/gateway/distributed-ingress","524"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/next/howto/gateway/end-user-auth-keycloak","914"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/host-based-egress-access-control",component:u("/service-bridge/next/howto/gateway/host-based-egress-access-control","444"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/next/howto/gateway/https-with-proxy-protocol","d02"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/multi-cluster-traffic-failover-priority",component:u("/service-bridge/next/howto/gateway/multi-cluster-traffic-failover-priority","4d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","df7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","fa7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/next/howto/gateway/multi-cluster-traffic-shifting","a33"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/oas-validation",component:u("/service-bridge/next/howto/gateway/oas-validation","55e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/service-identity-propagation",component:u("/service-bridge/next/howto/gateway/service-identity-propagation","c7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/shared-ingress",component:u("/service-bridge/next/howto/gateway/shared-ingress","d77"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/next/howto/gateway/subset-based-routing-using-igw-and-service-route","3ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/unfied-gateway-management-via-mp",component:u("/service-bridge/next/howto/gateway/unfied-gateway-management-via-mp","d1d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/unified-gateway",component:u("/service-bridge/next/howto/gateway/unified-gateway","d66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/unified-gateway-upgrade",component:u("/service-bridge/next/howto/gateway/unified-gateway-upgrade","b3b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gateway/weighted-distribution-and-fallback",component:u("/service-bridge/next/howto/gateway/weighted-distribution-and-fallback","5de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops",component:u("/service-bridge/next/howto/gitops","072"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops/argo-rollouts",component:u("/service-bridge/next/howto/gitops/argo-rollouts","ef7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops/clusterrole",component:u("/service-bridge/next/howto/gitops/clusterrole","d4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops/flagger",component:u("/service-bridge/next/howto/gitops/flagger","55d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops/flux",component:u("/service-bridge/next/howto/gitops/flux","612"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/gitops/gitops",component:u("/service-bridge/next/howto/gitops/gitops","170"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/hpa-using-oap",component:u("/service-bridge/next/howto/hpa-using-oap","e9a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/network-policies",component:u("/service-bridge/next/howto/network-policies","1bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/promql-using-oap",component:u("/service-bridge/next/howto/promql-using-oap","d28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/",component:u("/service-bridge/next/howto/rate-limiting/","74e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/next/howto/rate-limiting/external-rate-limiting","0fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/next/howto/rate-limiting/ingress-gateway","bfe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/next/howto/rate-limiting/internal-rate-limiting","a54"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/service-to-service",component:u("/service-bridge/next/howto/rate-limiting/service-to-service","0da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/next/howto/rate-limiting/tier1-gateway","1c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/rate-limiting/tls-validation",component:u("/service-bridge/next/howto/rate-limiting/tls-validation","1be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/security-domains",component:u("/service-bridge/next/howto/security-domains","70d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/service-accounts",component:u("/service-bridge/next/howto/service-accounts","150"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic",component:u("/service-bridge/next/howto/traffic","bd9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/canary-releases",component:u("/service-bridge/next/howto/traffic/canary-releases","5ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/next/howto/traffic/configure-multi-port-service-route","6b2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/gateway-mtls",component:u("/service-bridge/next/howto/traffic/gateway-mtls","d18"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/load-balance",component:u("/service-bridge/next/howto/traffic/load-balance","1bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/next/howto/traffic/migrating-VM-monoliths","c0c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/next/howto/traffic/splitting-service-traffic-between-k8s-vms","c66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/waf",component:u("/service-bridge/next/howto/waf","d5d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/wasm",component:u("/service-bridge/next/howto/wasm","5fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/wasm/wasm-extension",component:u("/service-bridge/next/howto/wasm/wasm-extension","79b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/wasm/wasm-overview",component:u("/service-bridge/next/howto/wasm/wasm-overview","e41"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/wasm/wasm-proxy",component:u("/service-bridge/next/howto/wasm/wasm-proxy","0dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/howto/wasm/wasm-try",component:u("/service-bridge/next/howto/wasm/wasm-try","1ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/knowledge-base",component:u("/service-bridge/next/knowledge-base","491"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/knowledge-base/faq",component:u("/service-bridge/next/knowledge-base/faq","167"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/knowledge-base/gitops",component:u("/service-bridge/next/knowledge-base/gitops","23e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations",component:u("/service-bridge/next/operations","e6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/configuration-promotion",component:u("/service-bridge/next/operations/configuration-promotion","24f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/configure-log-levels",component:u("/service-bridge/next/operations/configure-log-levels","011"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/elasticsearch",component:u("/service-bridge/next/operations/elasticsearch","ba4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/next/operations/elasticsearch/elasticsearch-role","ec8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/next/operations/elasticsearch/wipe-elastic","522"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features",component:u("/service-bridge/next/operations/features","839"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/next/operations/features/configure-cluster-external-addresses","8f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/configure-gitops",component:u("/service-bridge/next/operations/features/configure-gitops","107"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/deletion-protection",component:u("/service-bridge/next/operations/features/deletion-protection","7a7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/edge-dns-resolution",component:u("/service-bridge/next/operations/features/edge-dns-resolution","33f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/enable-config-protection",component:u("/service-bridge/next/operations/features/enable-config-protection","c34"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/gateway-deletion-webhook",component:u("/service-bridge/next/operations/features/gateway-deletion-webhook","db1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/internal-wasm-extensions",component:u("/service-bridge/next/operations/features/internal-wasm-extensions","70b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/istio-cni",component:u("/service-bridge/next/operations/features/istio-cni","6a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/label-annotation",component:u("/service-bridge/next/operations/features/label-annotation","f32"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/streaming-log",component:u("/service-bridge/next/operations/features/streaming-log","34c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/tier1-in-app-cluster",component:u("/service-bridge/next/operations/features/tier1-in-app-cluster","a7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/next/operations/features/tls-origin-multi-cluster","4ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/graceful-connection-drain",component:u("/service-bridge/next/operations/graceful-connection-drain","a75"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/kube-customization",component:u("/service-bridge/next/operations/kube-customization","f30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/lower-istio-resources",component:u("/service-bridge/next/operations/lower-istio-resources","fa2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/migrate-organization",component:u("/service-bridge/next/operations/migrate-organization","c6b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/multiple-iam-keys",component:u("/service-bridge/next/operations/multiple-iam-keys","627"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/postgresql",component:u("/service-bridge/next/operations/postgresql","7e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/postgresql/auditlog-retention",component:u("/service-bridge/next/operations/postgresql/auditlog-retention","5c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/postgresql/azure-credentials",component:u("/service-bridge/next/operations/postgresql/azure-credentials","5fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/postgresql/backup-and-restore",component:u("/service-bridge/next/operations/postgresql/backup-and-restore","28e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/postgresql/managing-kubegres",component:u("/service-bridge/next/operations/postgresql/managing-kubegres","73c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry",component:u("/service-bridge/next/operations/telemetry","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/alerting-guidelines",component:u("/service-bridge/next/operations/telemetry/alerting-guidelines","19d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/distributed-tracing",component:u("/service-bridge/next/operations/telemetry/distributed-tracing","d47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/key-metrics",component:u("/service-bridge/next/operations/telemetry/key-metrics","a0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/new-relic",component:u("/service-bridge/next/operations/telemetry/new-relic","9cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/red-metrics",component:u("/service-bridge/next/operations/telemetry/red-metrics","740"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/telemetry/telemetry-architecture",component:u("/service-bridge/next/operations/telemetry/telemetry-architecture","303"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users",component:u("/service-bridge/next/operations/users","f5a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/admin-password",component:u("/service-bridge/next/operations/users/admin-password","cfb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/configuring-ldap",component:u("/service-bridge/next/operations/users/configuring-ldap","dff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/new-user-local-idp",component:u("/service-bridge/next/operations/users/new-user-local-idp","0cc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/oidc-azure",component:u("/service-bridge/next/operations/users/oidc-azure","719"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/tsb-fqns",component:u("/service-bridge/next/operations/users/tsb-fqns","8da"),exact:!0},{path:"/service-bridge/next/operations/users/user-synchronization",component:u("/service-bridge/next/operations/users/user-synchronization","ce4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/users/users-roles-and-permissions",component:u("/service-bridge/next/operations/users/users-roles-and-permissions","e47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/vault",component:u("/service-bridge/next/operations/vault","507"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/vault/elasticsearch",component:u("/service-bridge/next/operations/vault/elasticsearch","e5a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/vault/istiod-ca",component:u("/service-bridge/next/operations/vault/istiod-ca","e0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/operations/vault/postgresql",component:u("/service-bridge/next/operations/vault/postgresql","d86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart",component:u("/service-bridge/next/quickstart","8ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/apps",component:u("/service-bridge/next/quickstart/apps","6b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/config-groups",component:u("/service-bridge/next/quickstart/config-groups","96f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/deploy-sample-app",component:u("/service-bridge/next/quickstart/deploy-sample-app","16b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/ingress-gateway",component:u("/service-bridge/next/quickstart/ingress-gateway","212"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/introduction",component:u("/service-bridge/next/quickstart/introduction","b44"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/observability",component:u("/service-bridge/next/quickstart/observability","de5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/permissions",component:u("/service-bridge/next/quickstart/permissions","5b2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/security",component:u("/service-bridge/next/quickstart/security","e54"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/tenant",component:u("/service-bridge/next/quickstart/tenant","e18"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/traffic-shifting",component:u("/service-bridge/next/quickstart/traffic-shifting","517"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/quickstart/workspace",component:u("/service-bridge/next/quickstart/workspace","4d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference",component:u("/service-bridge/next/reference","edc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli",component:u("/service-bridge/next/reference/cli","45b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/guide/index",component:u("/service-bridge/next/reference/cli/guide/index","a97"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/guide/toc",component:u("/service-bridge/next/reference/cli/guide/toc","c56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference",component:u("/service-bridge/next/reference/cli/reference","9ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/apply",component:u("/service-bridge/next/reference/cli/reference/apply","839"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/audit",component:u("/service-bridge/next/reference/cli/reference/audit","be8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/collect",component:u("/service-bridge/next/reference/cli/reference/collect","82f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/completion",component:u("/service-bridge/next/reference/cli/reference/completion","2d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/config",component:u("/service-bridge/next/reference/cli/reference/config","534"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/debug",component:u("/service-bridge/next/reference/cli/reference/debug","6ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/delete",component:u("/service-bridge/next/reference/cli/reference/delete","d46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/edit",component:u("/service-bridge/next/reference/cli/reference/edit","aad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/experimental",component:u("/service-bridge/next/reference/cli/reference/experimental","7d2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/get",component:u("/service-bridge/next/reference/cli/reference/get","297"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/index",component:u("/service-bridge/next/reference/cli/reference/index","6a8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/install",component:u("/service-bridge/next/reference/cli/reference/install","66d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/login",component:u("/service-bridge/next/reference/cli/reference/login","3db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/service-account",component:u("/service-bridge/next/reference/cli/reference/service-account","6b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/status",component:u("/service-bridge/next/reference/cli/reference/status","fd7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/ui",component:u("/service-bridge/next/reference/cli/reference/ui","3df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/validate",component:u("/service-bridge/next/reference/cli/reference/validate","6ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/version",component:u("/service-bridge/next/reference/cli/reference/version","5be"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/whoami",component:u("/service-bridge/next/reference/cli/reference/whoami","8bd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/next/reference/cli/reference/workload-entry-annotations","21f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/grpc-api",component:u("/service-bridge/next/reference/grpc-api","831"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/grpc-api/guide",component:u("/service-bridge/next/reference/grpc-api/guide","c90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/grpc-api/reference",component:u("/service-bridge/next/reference/grpc-api/reference","5a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api",component:u("/service-bridge/next/reference/k8s-api","d98"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/guide",component:u("/service-bridge/next/reference/k8s-api/guide","99e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen","e70"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","547"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","feb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","d31"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","bcc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","1a3"),exact:!0},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","02b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","315"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","f6b"),exact:!0},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","61d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","087"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","3b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","8d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","e52"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","8c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","6f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","e04"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","8fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","2c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","cb1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","042"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","4cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","67e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/operators",component:u("/service-bridge/next/reference/operators","c58"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/rest-api/guide",component:u("/service-bridge/next/reference/rest-api/guide","7ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/samples",component:u("/service-bridge/next/reference/samples","ee6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/samples/httpbin",component:u("/service-bridge/next/reference/samples/httpbin","2ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/samples/opa",component:u("/service-bridge/next/reference/samples/opa","108"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/samples/sleep-service",component:u("/service-bridge/next/reference/samples/sleep-service","6fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/workload-onboarding",component:u("/service-bridge/next/reference/workload-onboarding","04d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/next/reference/workload-onboarding/onboarding-agent","b45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/next/reference/workload-onboarding/onboarding-authorization","b1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/next/reference/workload-onboarding/onboarding-runtime","8e5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/yaml-api",component:u("/service-bridge/next/reference/yaml-api","7af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/yaml-api/guide",component:u("/service-bridge/next/reference/yaml-api/guide","afd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/reference/yaml-api/reference",component:u("/service-bridge/next/reference/yaml-api/reference","ee1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/audit/v1/audit",component:u("/service-bridge/next/refs/audit/v1/audit","c2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/audit/v1/grpc",component:u("/service-bridge/next/refs/audit/v1/grpc","464"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/iam/v2/grpc",component:u("/service-bridge/next/refs/iam/v2/grpc","10a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/iam/v2/oauth_service",component:u("/service-bridge/next/refs/iam/v2/oauth_service","e55"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/iam/v2/oidc_service",component:u("/service-bridge/next/refs/iam/v2/oidc_service","c9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install",component:u("/service-bridge/next/refs/install","a33"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/common/common_config",component:u("/service-bridge/next/refs/install/common/common_config","5f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/next/refs/install/controlplane/v1alpha1/spec","a15"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/controlplane/v1alpha1/status",component:u("/service-bridge/next/refs/install/controlplane/v1alpha1/status","953"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/next/refs/install/dataplane/v1alpha1/spec","8db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/kubernetes/k8s",component:u("/service-bridge/next/refs/install/kubernetes/k8s","60f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/next/refs/install/managementplane/v1alpha1/spec","3c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/install/managementplane/v1alpha1/status",component:u("/service-bridge/next/refs/install/managementplane/v1alpha1/status","500"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/next/refs/onboarding/config/agent/v1alpha1/agent_configuration","666"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/next/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","a08"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/next/refs/onboarding/config/authorization/aws/v1alpha1/aws","4e7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/next/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","784"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/next/refs/onboarding/config/authorization/v1alpha1/policy","c1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/next/refs/onboarding/config/install/v1alpha1/jwt_issuer","9de"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/next/refs/onboarding/config/install/v1alpha1/workload_configuration","4cb"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/next/refs/onboarding/config/runtime/v1alpha1/registration","ddd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/next/refs/onboarding/config/types/config/v1alpha1/transport_security","a62"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/condition","884"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/namespaced_name","8c9"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/next/refs/onboarding/config/types/identity/aws/v1alpha1/aws","4d1"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/next/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","409"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/next/refs/onboarding/config/types/identity/v1alpha1/identity","ae7"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/hostinfo","1d8"),exact:!0},{path:"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/registration","cb1"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin",component:u("/service-bridge/next/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","ede"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin",component:u("/service-bridge/next/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","15d"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service",component:u("/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","e43"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service",component:u("/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","a66"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration",component:u("/service-bridge/next/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","afd"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/plane/generator/v1alpha1/version",component:u("/service-bridge/next/refs/onboarding/private/component/plane/generator/v1alpha1/version","445"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token",component:u("/service-bridge/next/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","f8d"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/install/v1alpha1/spec",component:u("/service-bridge/next/refs/onboarding/private/install/v1alpha1/spec","4fb"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service",component:u("/service-bridge/next/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","eda"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service",component:u("/service-bridge/next/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","d75"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/protocol/registration/v1alpha1/registration_service",component:u("/service-bridge/next/refs/onboarding/private/protocol/registration/v1alpha1/registration_service","019"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/protocol/session/v1alpha1/session_service",component:u("/service-bridge/next/refs/onboarding/private/protocol/session/v1alpha1/session_service","605"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/config/v1alpha1/transport_security",component:u("/service-bridge/next/refs/onboarding/private/types/config/v1alpha1/transport_security","e41"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/ec2",component:u("/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/ec2","81f"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/sts",component:u("/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/sts","c62"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt",component:u("/service-bridge/next/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","a12"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/discovery/v1alpha1/discovery",component:u("/service-bridge/next/refs/onboarding/private/types/discovery/v1alpha1/discovery","05b"),exact:!0},{path:"/service-bridge/next/refs/onboarding/private/types/sidecar/v1alpha1/configuration",component:u("/service-bridge/next/refs/onboarding/private/types/sidecar/v1alpha1/configuration","35c"),exact:!0},{path:"/service-bridge/next/refs/private/iam/v1/iam",component:u("/service-bridge/next/refs/private/iam/v1/iam","87a"),exact:!0},{path:"/service-bridge/next/refs/test/v1/echo",component:u("/service-bridge/next/refs/test/v1/echo","cfc"),exact:!0},{path:"/service-bridge/next/refs/tsb/application/v2/api",component:u("/service-bridge/next/refs/tsb/application/v2/api","add"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/application/v2/application",component:u("/service-bridge/next/refs/tsb/application/v2/application","d56"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/application/v2/application_service",component:u("/service-bridge/next/refs/tsb/application/v2/application_service","5a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/application/v2/grpc",component:u("/service-bridge/next/refs/tsb/application/v2/grpc","b0a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/next/refs/tsb/application/v2/openapi_extensions","cf6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/application/v2/yaml",component:u("/service-bridge/next/refs/tsb/application/v2/yaml","fad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/auth/v2/auth",component:u("/service-bridge/next/refs/tsb/auth/v2/auth","d45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/auth/v2/yaml",component:u("/service-bridge/next/refs/tsb/auth/v2/yaml","4d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/dashboard/v1/dashboard_service",component:u("/service-bridge/next/refs/tsb/dashboard/v1/dashboard_service","4e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/dashboard/v1/grpc",component:u("/service-bridge/next/refs/tsb/dashboard/v1/grpc","629"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/diagnostic/v2/diagnostic_service",component:u("/service-bridge/next/refs/tsb/diagnostic/v2/diagnostic_service","db5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/diagnostic/v2/grpc",component:u("/service-bridge/next/refs/tsb/diagnostic/v2/grpc","7b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/extension/v2/grpc",component:u("/service-bridge/next/refs/tsb/extension/v2/grpc","f35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/next/refs/tsb/extension/v2/wasm_extension","c46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/next/refs/tsb/extension/v2/wasm_service","320"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/extension/v2/yaml",component:u("/service-bridge/next/refs/tsb/extension/v2/yaml","d4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/auth",component:u("/service-bridge/next/refs/tsb/gateway/v2/auth","551"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/next/refs/tsb/gateway/v2/eastwest_gateway","195"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/next/refs/tsb/gateway/v2/egress_gateway","d0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/next/refs/tsb/gateway/v2/gateway","c82"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/next/refs/tsb/gateway/v2/gateway_common","5ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/next/refs/tsb/gateway/v2/gateway_group","f65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/next/refs/tsb/gateway/v2/gateway_service","8af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/next/refs/tsb/gateway/v2/grpc","90a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/next/refs/tsb/gateway/v2/ingress_gateway","51c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/next/refs/tsb/gateway/v2/istio_gateway_direct","247"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/next/refs/tsb/gateway/v2/tier1_gateway","4a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/next/refs/tsb/gateway/v2/yaml","c07"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/next/refs/tsb/istiointernal/v2/grpc","5d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/next/refs/tsb/istiointernal/v2/istio_internal_group","a0f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/next/refs/tsb/istiointernal/v2/istio_istiointernal_direct","c7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/next/refs/tsb/istiointernal/v2/istiointernal_service","7b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/next/refs/tsb/istiointernal/v2/yaml","710"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/grpc","75c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/metric","c7e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/metric_service","2f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/source","8ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/source_service","3fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/next/refs/tsb/observability/telemetry/v2/yaml","da4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/profile/v2/grpc",component:u("/service-bridge/next/refs/tsb/profile/v2/grpc","88e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/profile/v2/profile",component:u("/service-bridge/next/refs/tsb/profile/v2/profile","e55"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/profile/v2/profile_service",component:u("/service-bridge/next/refs/tsb/profile/v2/profile_service","ee4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/profile/v2/yaml",component:u("/service-bridge/next/refs/tsb/profile/v2/yaml","972"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/next/refs/tsb/q/v2/approvals_service","5b3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/q/v2/grpc",component:u("/service-bridge/next/refs/tsb/q/v2/grpc","0c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/next/refs/tsb/q/v2/permissions_service","109"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/access_bindings","bd7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/api_access_bindings","b99"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/application_access_bindings","c4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/binding",component:u("/service-bridge/next/refs/tsb/rbac/v2/binding","17b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/gateway_access_bindings","7c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/next/refs/tsb/rbac/v2/grpc","d67"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/istio_internal_access_bindings","4c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/organization_access_bindings","35a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/next/refs/tsb/rbac/v2/permissions","9ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/next/refs/tsb/rbac/v2/policy_service","6e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/role",component:u("/service-bridge/next/refs/tsb/rbac/v2/role","1cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/next/refs/tsb/rbac/v2/role_service","183"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/security_access_bindings","dea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/tenant_access_bindings","5ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/traffic_access_bindings","c4a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/next/refs/tsb/rbac/v2/workspace_access_bindings","fed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/next/refs/tsb/rbac/v2/yaml","30e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/registry/v2/grpc",component:u("/service-bridge/next/refs/tsb/registry/v2/grpc","561"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/next/refs/tsb/registry/v2/lookup_service","57c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/next/refs/tsb/registry/v2/registration_service","041"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/registry/v2/service",component:u("/service-bridge/next/refs/tsb/registry/v2/service","98d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/registry/v2/yaml",component:u("/service-bridge/next/refs/tsb/registry/v2/yaml","11f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/grpc",component:u("/service-bridge/next/refs/tsb/security/v2/grpc","c46"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/next/refs/tsb/security/v2/istio_security_direct","5db"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/security_group",component:u("/service-bridge/next/refs/tsb/security/v2/security_group","c38"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/security_service",component:u("/service-bridge/next/refs/tsb/security/v2/security_service","8bc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/security_setting",component:u("/service-bridge/next/refs/tsb/security/v2/security_setting","18a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/next/refs/tsb/security/v2/service_security_setting","980"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/next/refs/tsb/security/v2/waf_settings","33e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/security/v2/yaml",component:u("/service-bridge/next/refs/tsb/security/v2/yaml","169"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/grpc",component:u("/service-bridge/next/refs/tsb/segmentation/v1/grpc","a9a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/membership",component:u("/service-bridge/next/refs/tsb/segmentation/v1/membership","060"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/policy",component:u("/service-bridge/next/refs/tsb/segmentation/v1/policy","35e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/rules",component:u("/service-bridge/next/refs/tsb/segmentation/v1/rules","4ae"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/service",component:u("/service-bridge/next/refs/tsb/segmentation/v1/service","b66"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/segmentation/v1/yaml",component:u("/service-bridge/next/refs/tsb/segmentation/v1/yaml","5bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/next/refs/tsb/traffic/v2/grpc","bd3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/next/refs/tsb/traffic/v2/istio_traffic_direct","257"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/next/refs/tsb/traffic/v2/service_route","3ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/service_traffic_setting",component:u("/service-bridge/next/refs/tsb/traffic/v2/service_traffic_setting","d21"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/next/refs/tsb/traffic/v2/traffic_group","220"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/next/refs/tsb/traffic/v2/traffic_service","224"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/next/refs/tsb/traffic/v2/traffic_setting","687"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/next/refs/tsb/traffic/v2/yaml","6e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/types/v2/types",component:u("/service-bridge/next/refs/tsb/types/v2/types","bcc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/types/v2/yaml",component:u("/service-bridge/next/refs/tsb/types/v2/yaml","05d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/api",component:u("/service-bridge/next/refs/tsb/v2/api","661"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/cluster",component:u("/service-bridge/next/refs/tsb/v2/cluster","611"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/cluster_service",component:u("/service-bridge/next/refs/tsb/v2/cluster_service","b27"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/grpc",component:u("/service-bridge/next/refs/tsb/v2/grpc","fa9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/info",component:u("/service-bridge/next/refs/tsb/v2/info","575"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/organization",component:u("/service-bridge/next/refs/tsb/v2/organization","df7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/organization_service",component:u("/service-bridge/next/refs/tsb/v2/organization_service","dbb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/organization_setting",component:u("/service-bridge/next/refs/tsb/v2/organization_setting","521"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/status",component:u("/service-bridge/next/refs/tsb/v2/status","83d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/status_service",component:u("/service-bridge/next/refs/tsb/v2/status_service","511"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/team",component:u("/service-bridge/next/refs/tsb/v2/team","a94"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/team_service",component:u("/service-bridge/next/refs/tsb/v2/team_service","ea8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/tenant",component:u("/service-bridge/next/refs/tsb/v2/tenant","8a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/tenant_service",component:u("/service-bridge/next/refs/tsb/v2/tenant_service","e93"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/tenant_setting",component:u("/service-bridge/next/refs/tsb/v2/tenant_setting","e49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/workspace",component:u("/service-bridge/next/refs/tsb/v2/workspace","5c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/workspace_service",component:u("/service-bridge/next/refs/tsb/v2/workspace_service","a36"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/workspace_setting",component:u("/service-bridge/next/refs/tsb/v2/workspace_setting","f8e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/refs/tsb/v2/yaml",component:u("/service-bridge/next/refs/tsb/v2/yaml","1b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/release-notes",component:u("/service-bridge/next/release-notes","2c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/release-notes-announcements",component:u("/service-bridge/next/release-notes-announcements","c04"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/release-notes-announcements/announcement",component:u("/service-bridge/next/release-notes-announcements/announcement","8dd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/release-notes-announcements/feature-status",component:u("/service-bridge/next/release-notes-announcements/feature-status","b88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/release-notes-announcements/support-policy",component:u("/service-bridge/next/release-notes-announcements/support-policy","143"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup",component:u("/service-bridge/next/setup","969"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/aws",component:u("/service-bridge/next/setup/aws","3f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/aws/container-marketplace",component:u("/service-bridge/next/setup/aws/container-marketplace","1ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/aws/vpc",component:u("/service-bridge/next/setup/aws/vpc","dbf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/certificate",component:u("/service-bridge/next/setup/certificate","1e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/certificate/automated-certificate-management",component:u("/service-bridge/next/setup/certificate/automated-certificate-management","ffc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/certificate/certificate-requirements",component:u("/service-bridge/next/setup/certificate/certificate-requirements","9c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/certificate/certificate-setup",component:u("/service-bridge/next/setup/certificate/certificate-setup","6a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/components",component:u("/service-bridge/next/setup/components","c2b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/fips",component:u("/service-bridge/next/setup/fips","6cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/firewall-information",component:u("/service-bridge/next/setup/firewall-information","a82"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/",component:u("/service-bridge/next/setup/helm/","938"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/controlplane",component:u("/service-bridge/next/setup/helm/controlplane","b4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/helm",component:u("/service-bridge/next/setup/helm/helm","f9c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/managementplane",component:u("/service-bridge/next/setup/helm/managementplane","718"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/uninstallation",component:u("/service-bridge/next/setup/helm/uninstallation","1e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/helm/upgrade",component:u("/service-bridge/next/setup/helm/upgrade","cbd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/isolation-boundaries",component:u("/service-bridge/next/setup/isolation-boundaries","cb5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/isolation-boundaries-installation",component:u("/service-bridge/next/setup/isolation-boundaries-installation","977"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/migrate-tctl-to-helm",component:u("/service-bridge/next/setup/migrate-tctl-to-helm","744"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/remote-registry",component:u("/service-bridge/next/setup/remote-registry","50e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/requirements-and-download",component:u("/service-bridge/next/setup/requirements-and-download","414"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/resource-planning",component:u("/service-bridge/next/setup/resource-planning","bb5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/security-context",component:u("/service-bridge/next/setup/security-context","fa7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/",component:u("/service-bridge/next/setup/self-managed/","453"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/demo-installation",component:u("/service-bridge/next/setup/self-managed/demo-installation","0c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/management-plane-installation",component:u("/service-bridge/next/setup/self-managed/management-plane-installation","b65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/onboarding-clusters",component:u("/service-bridge/next/setup/self-managed/onboarding-clusters","4d0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/uninstallation",component:u("/service-bridge/next/setup/self-managed/uninstallation","61b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/self-managed/upgrade",component:u("/service-bridge/next/setup/self-managed/upgrade","caf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/tctl-connect",component:u("/service-bridge/next/setup/tctl-connect","5f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrade-best-practices",component:u("/service-bridge/next/setup/upgrade-best-practices","560"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrades",component:u("/service-bridge/next/setup/upgrades","c50"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrades/cni-upgrade",component:u("/service-bridge/next/setup/upgrades/cni-upgrade","c47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrades/gateway-upgrade",component:u("/service-bridge/next/setup/upgrades/gateway-upgrade","f35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/next/setup/upgrades/non-revisioned-to-revisioned","118"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/next/setup/upgrades/revisioned-to-revisioned","0ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding",component:u("/service-bridge/next/setup/workload-onboarding","e85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/",component:u("/service-bridge/next/setup/workload-onboarding/guides/","521"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/next/setup/workload-onboarding/guides/ecs-workloads","85c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/managing",component:u("/service-bridge/next/setup/workload-onboarding/guides/managing","3ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/next/setup/workload-onboarding/guides/on-premise-workloads","940"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/next/setup/workload-onboarding/guides/onboarding","274"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/overview",component:u("/service-bridge/next/setup/workload-onboarding/guides/overview","0ad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/setup",component:u("/service-bridge/next/setup/workload-onboarding/guides/setup","f23"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/next/setup/workload-onboarding/guides/troubleshooting","89f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/next/setup/workload-onboarding/onboarding-vms","ff6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart",component:u("/service-bridge/next/setup/workload-onboarding/quickstart","3bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/","488"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","026"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","2c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","84f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","0ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","460"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","813"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/","db3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","41d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","9e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/","2a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-vm","734"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","70a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/onboard-vm","7b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting",component:u("/service-bridge/next/troubleshooting","734"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/cluster-onboarding",component:u("/service-bridge/next/troubleshooting/cluster-onboarding","b3e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/component-status",component:u("/service-bridge/next/troubleshooting/component-status","1d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/configuration-status",component:u("/service-bridge/next/troubleshooting/configuration-status","17a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/next/troubleshooting/gateway-troubleshooting","589"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/identify-underperforming-services",component:u("/service-bridge/next/troubleshooting/identify-underperforming-services","2a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/next/troubleshooting/Maximum-header-size-exceed","f5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/next/troubleshooting/Multiple-Transfer-encoding-chunked","baa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/proxy-tools",component:u("/service-bridge/next/troubleshooting/proxy-tools","348"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/troubleshooting",component:u("/service-bridge/next/troubleshooting/troubleshooting","dd3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/next/troubleshooting/tsb-ui-metrics","0b9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/next/workingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/next/workingwithsupport/workingWithTetrateSupport","c60"),exact:!0,sidebar:"defaultSidebar"}]}]},{path:"/service-bridge",component:u("/service-bridge","49b"),routes:[{path:"/service-bridge/tags",component:u("/service-bridge/tags","451"),exact:!0},{path:"/service-bridge/tags/featured",component:u("/service-bridge/tags/featured","c84"),exact:!0},{path:"/service-bridge/tags/tsb-concepts",component:u("/service-bridge/tags/tsb-concepts","1f6"),exact:!0},{path:"/service-bridge/tags/tsb-quickstart",component:u("/service-bridge/tags/tsb-quickstart","9c9"),exact:!0},{path:"/service-bridge",component:u("/service-bridge","337"),routes:[{path:"/service-bridge/",component:u("/service-bridge/","686"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/category/working-with-tetrate-customer-support",component:u("/service-bridge/category/working-with-tetrate-customer-support","c02"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/",component:u("/service-bridge/cheatsheet/","896"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/gateways-management",component:u("/service-bridge/cheatsheet/sheets/gateways-management","285"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/kubectl",component:u("/service-bridge/cheatsheet/sheets/kubectl","468"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/security-management",component:u("/service-bridge/cheatsheet/sheets/security-management","4ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/tctl",component:u("/service-bridge/cheatsheet/sheets/tctl","175"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/traffic-management",component:u("/service-bridge/cheatsheet/sheets/traffic-management","a92"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/tsb-concepts",component:u("/service-bridge/cheatsheet/sheets/tsb-concepts","288"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/tsb-quickstart",component:u("/service-bridge/cheatsheet/sheets/tsb-quickstart","0df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/cheatsheet/sheets/tsb-terminology",component:u("/service-bridge/cheatsheet/sheets/tsb-terminology","009"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/",component:u("/service-bridge/concepts/","ded"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/architecture",component:u("/service-bridge/concepts/architecture","170"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/configuration-dataflow",component:u("/service-bridge/concepts/configuration-dataflow","547"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/configuration-inheritance",component:u("/service-bridge/concepts/configuration-inheritance","5b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/glossary",component:u("/service-bridge/concepts/glossary","a15"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/observability",component:u("/service-bridge/concepts/observability","ee2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/operators/",component:u("/service-bridge/concepts/operators/","7ff"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/operators/control-plane",component:u("/service-bridge/concepts/operators/control-plane","10c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/operators/management-plane",component:u("/service-bridge/concepts/operators/management-plane","bca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/security",component:u("/service-bridge/concepts/security","4d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/service-mesh",component:u("/service-bridge/concepts/service-mesh","382"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/terminology",component:u("/service-bridge/concepts/terminology","d87"),exact:!0},{path:"/service-bridge/concepts/traffic-management",component:u("/service-bridge/concepts/traffic-management","b22"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/concepts/tsb-and-istio",component:u("/service-bridge/concepts/tsb-and-istio","d1b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/",component:u("/service-bridge/design-guides/","4b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/",component:u("/service-bridge/design-guides/app-onboarding/","a9f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/cross-cluster",component:u("/service-bridge/design-guides/app-onboarding/cross-cluster","a86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/deploy-service",component:u("/service-bridge/design-guides/app-onboarding/deploy-service","ac2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/gateway-security",component:u("/service-bridge/design-guides/app-onboarding/gateway-security","71b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/high-availability",component:u("/service-bridge/design-guides/app-onboarding/high-availability","aa8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/introduction",component:u("/service-bridge/design-guides/app-onboarding/introduction","96b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/monitor",component:u("/service-bridge/design-guides/app-onboarding/monitor","e83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/prepare",component:u("/service-bridge/design-guides/app-onboarding/prepare","982"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/app-onboarding/promote-service",component:u("/service-bridge/design-guides/app-onboarding/promote-service","9f0"),exact:!0},{path:"/service-bridge/design-guides/app-onboarding/security",component:u("/service-bridge/design-guides/app-onboarding/security","d8e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/",component:u("/service-bridge/design-guides/ha-dr-mp/","907"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/active-standby/automated-synchronization",component:u("/service-bridge/design-guides/ha-dr-mp/active-standby/automated-synchronization","101"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/active-standby/manual-backup-restore",component:u("/service-bridge/design-guides/ha-dr-mp/active-standby/manual-backup-restore","10f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/active-standby/troubleshoot",component:u("/service-bridge/design-guides/ha-dr-mp/active-standby/troubleshoot","996"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/before-you-begin",component:u("/service-bridge/design-guides/ha-dr-mp/before-you-begin","9fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/best-practices",component:u("/service-bridge/design-guides/ha-dr-mp/best-practices","c0c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/introduction",component:u("/service-bridge/design-guides/ha-dr-mp/introduction","732"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/manual/reinstall",component:u("/service-bridge/design-guides/ha-dr-mp/manual/reinstall","3bb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/operating/monitor",component:u("/service-bridge/design-guides/ha-dr-mp/operating/monitor","cb6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/operating/troubleshoot",component:u("/service-bridge/design-guides/ha-dr-mp/operating/troubleshoot","920"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-dr-mp/scenarios",component:u("/service-bridge/design-guides/ha-dr-mp/scenarios","747"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/",component:u("/service-bridge/design-guides/ha-multicluster/","6f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/cluster-failover",component:u("/service-bridge/design-guides/ha-multicluster/cluster-failover","338"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/demo-1",component:u("/service-bridge/design-guides/ha-multicluster/demo-1","95e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/demo-2",component:u("/service-bridge/design-guides/ha-multicluster/demo-2","e3e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/edge-failover",component:u("/service-bridge/design-guides/ha-multicluster/edge-failover","8a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/introduction",component:u("/service-bridge/design-guides/ha-multicluster/introduction","f9b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/design-guides/ha-multicluster/operations",component:u("/service-bridge/design-guides/ha-multicluster/operations","21f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto",component:u("/service-bridge/howto","841"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/authorization/",component:u("/service-bridge/howto/authorization/","b7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/authorization/ingress-gateway",component:u("/service-bridge/howto/authorization/ingress-gateway","ccf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/authorization/sidecar",component:u("/service-bridge/howto/authorization/sidecar","ac8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/authorization/tier1-gateway",component:u("/service-bridge/howto/authorization/tier1-gateway","315"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/authorization/tls-verification",component:u("/service-bridge/howto/authorization/tls-verification","da6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway",component:u("/service-bridge/howto/gateway","f3a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/app-ingress",component:u("/service-bridge/howto/gateway/app-ingress","8c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/application-gateway-with-openapi-annotations",component:u("/service-bridge/howto/gateway/application-gateway-with-openapi-annotations","6eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/configure-and-route-nonhttp-traffic",component:u("/service-bridge/howto/gateway/configure-and-route-nonhttp-traffic","4c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/configure-oidc",component:u("/service-bridge/howto/gateway/configure-oidc","604"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/distributed-ingress",component:u("/service-bridge/howto/gateway/distributed-ingress","0d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/end-user-auth-keycloak",component:u("/service-bridge/howto/gateway/end-user-auth-keycloak","9da"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/host-based-egress-access-control",component:u("/service-bridge/howto/gateway/host-based-egress-access-control","5cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/https-with-proxy-protocol",component:u("/service-bridge/howto/gateway/https-with-proxy-protocol","558"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/multi-cluster-traffic-failover-priority",component:u("/service-bridge/howto/gateway/multi-cluster-traffic-failover-priority","94d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/multi-cluster-traffic-routing-using-tier2gw",component:u("/service-bridge/howto/gateway/multi-cluster-traffic-routing-using-tier2gw","516"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway",component:u("/service-bridge/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway","9a6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/multi-cluster-traffic-shifting",component:u("/service-bridge/howto/gateway/multi-cluster-traffic-shifting","f47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/oas-validation",component:u("/service-bridge/howto/gateway/oas-validation","e1e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/service-identity-propagation",component:u("/service-bridge/howto/gateway/service-identity-propagation","9e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/shared-ingress",component:u("/service-bridge/howto/gateway/shared-ingress","ae8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/subset-based-routing-using-igw-and-service-route",component:u("/service-bridge/howto/gateway/subset-based-routing-using-igw-and-service-route","32b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/unfied-gateway-management-via-mp",component:u("/service-bridge/howto/gateway/unfied-gateway-management-via-mp","e85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/unified-gateway",component:u("/service-bridge/howto/gateway/unified-gateway","a99"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/unified-gateway-upgrade",component:u("/service-bridge/howto/gateway/unified-gateway-upgrade","f81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gateway/weighted-distribution-and-fallback",component:u("/service-bridge/howto/gateway/weighted-distribution-and-fallback","758"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops",component:u("/service-bridge/howto/gitops","190"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops/argo-rollouts",component:u("/service-bridge/howto/gitops/argo-rollouts","34a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops/clusterrole",component:u("/service-bridge/howto/gitops/clusterrole","d42"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops/flagger",component:u("/service-bridge/howto/gitops/flagger","753"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops/flux",component:u("/service-bridge/howto/gitops/flux","1e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/gitops/gitops",component:u("/service-bridge/howto/gitops/gitops","313"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/hpa-using-skywalking",component:u("/service-bridge/howto/hpa-using-skywalking","7f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/network-policies",component:u("/service-bridge/howto/network-policies","a23"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/promql-using-skywalking",component:u("/service-bridge/howto/promql-using-skywalking","f5b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/",component:u("/service-bridge/howto/rate-limiting/","38e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/external-rate-limiting",component:u("/service-bridge/howto/rate-limiting/external-rate-limiting","f9a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/ingress-gateway",component:u("/service-bridge/howto/rate-limiting/ingress-gateway","6b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/internal-rate-limiting",component:u("/service-bridge/howto/rate-limiting/internal-rate-limiting","aa8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/service-to-service",component:u("/service-bridge/howto/rate-limiting/service-to-service","7c4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/tier1-gateway",component:u("/service-bridge/howto/rate-limiting/tier1-gateway","bd1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/rate-limiting/tls-validation",component:u("/service-bridge/howto/rate-limiting/tls-validation","c04"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/security-domains",component:u("/service-bridge/howto/security-domains","460"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/service-accounts",component:u("/service-bridge/howto/service-accounts","020"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic",component:u("/service-bridge/howto/traffic","907"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/canary-releases",component:u("/service-bridge/howto/traffic/canary-releases","6fe"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/configure-multi-port-service-route",component:u("/service-bridge/howto/traffic/configure-multi-port-service-route","079"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/gateway-mtls",component:u("/service-bridge/howto/traffic/gateway-mtls","e90"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/load-balance",component:u("/service-bridge/howto/traffic/load-balance","21e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/migrating-VM-monoliths",component:u("/service-bridge/howto/traffic/migrating-VM-monoliths","ceb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/traffic/splitting-service-traffic-between-k8s-vms",component:u("/service-bridge/howto/traffic/splitting-service-traffic-between-k8s-vms","e03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/waf",component:u("/service-bridge/howto/waf","6fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/wasm",component:u("/service-bridge/howto/wasm","b2f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/wasm/wasm-extension",component:u("/service-bridge/howto/wasm/wasm-extension","051"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/wasm/wasm-overview",component:u("/service-bridge/howto/wasm/wasm-overview","556"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/wasm/wasm-proxy",component:u("/service-bridge/howto/wasm/wasm-proxy","eb1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/howto/wasm/wasm-try",component:u("/service-bridge/howto/wasm/wasm-try","ee4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/knowledge-base",component:u("/service-bridge/knowledge-base","bc3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/knowledge-base/faq",component:u("/service-bridge/knowledge-base/faq","873"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/knowledge-base/gitops",component:u("/service-bridge/knowledge-base/gitops","945"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations",component:u("/service-bridge/operations","e83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/configuration-promotion",component:u("/service-bridge/operations/configuration-promotion","94f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/configure-log-levels",component:u("/service-bridge/operations/configure-log-levels","33f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/elasticsearch",component:u("/service-bridge/operations/elasticsearch","df8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/elasticsearch/elasticsearch-role",component:u("/service-bridge/operations/elasticsearch/elasticsearch-role","d5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/elasticsearch/wipe-elastic",component:u("/service-bridge/operations/elasticsearch/wipe-elastic","3d1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features",component:u("/service-bridge/operations/features","e7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/configure-cluster-external-addresses",component:u("/service-bridge/operations/features/configure-cluster-external-addresses","74b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/configure-gitops",component:u("/service-bridge/operations/features/configure-gitops","11a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/deletion-protection",component:u("/service-bridge/operations/features/deletion-protection","975"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/edge-dns-resolution",component:u("/service-bridge/operations/features/edge-dns-resolution","180"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/enable-config-protection",component:u("/service-bridge/operations/features/enable-config-protection","bd5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/gateway-deletion-webhook",component:u("/service-bridge/operations/features/gateway-deletion-webhook","e2b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/internal-wasm-extensions",component:u("/service-bridge/operations/features/internal-wasm-extensions","40d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/istio-cni",component:u("/service-bridge/operations/features/istio-cni","da5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/label-annotation",component:u("/service-bridge/operations/features/label-annotation","67c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/streaming-log",component:u("/service-bridge/operations/features/streaming-log","1cf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/tier1-in-app-cluster",component:u("/service-bridge/operations/features/tier1-in-app-cluster","6f8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/features/tls-origin-multi-cluster",component:u("/service-bridge/operations/features/tls-origin-multi-cluster","1ef"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/graceful-connection-drain",component:u("/service-bridge/operations/graceful-connection-drain","3cc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/kube-customization",component:u("/service-bridge/operations/kube-customization","4d4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/lower-istio-resources",component:u("/service-bridge/operations/lower-istio-resources","ed5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/migrate-organization",component:u("/service-bridge/operations/migrate-organization","72e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/multiple-iam-keys",component:u("/service-bridge/operations/multiple-iam-keys","0b0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/postgresql",component:u("/service-bridge/operations/postgresql","2d5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/postgresql/auditlog-retention",component:u("/service-bridge/operations/postgresql/auditlog-retention","25d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/postgresql/azure-credentials",component:u("/service-bridge/operations/postgresql/azure-credentials","f61"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/postgresql/backup-and-restore",component:u("/service-bridge/operations/postgresql/backup-and-restore","0b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/postgresql/managing-kubegres",component:u("/service-bridge/operations/postgresql/managing-kubegres","790"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry",component:u("/service-bridge/operations/telemetry","dd9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/alerting-guidelines",component:u("/service-bridge/operations/telemetry/alerting-guidelines","1fc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/distributed-tracing",component:u("/service-bridge/operations/telemetry/distributed-tracing","8eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/key-metrics",component:u("/service-bridge/operations/telemetry/key-metrics","b29"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/new-relic",component:u("/service-bridge/operations/telemetry/new-relic","c0d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/red-metrics",component:u("/service-bridge/operations/telemetry/red-metrics","03b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/telemetry/telemetry-architecture",component:u("/service-bridge/operations/telemetry/telemetry-architecture","a2a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users",component:u("/service-bridge/operations/users","4e1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/admin-password",component:u("/service-bridge/operations/users/admin-password","ac9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/configuring-ldap",component:u("/service-bridge/operations/users/configuring-ldap","ab1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/new-user-local-idp",component:u("/service-bridge/operations/users/new-user-local-idp","e57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/oidc-azure",component:u("/service-bridge/operations/users/oidc-azure","ab5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/tsb-fqns",component:u("/service-bridge/operations/users/tsb-fqns","436"),exact:!0},{path:"/service-bridge/operations/users/user-synchronization",component:u("/service-bridge/operations/users/user-synchronization","10f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/users/users-roles-and-permissions",component:u("/service-bridge/operations/users/users-roles-and-permissions","d7d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/vault",component:u("/service-bridge/operations/vault","640"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/vault/elasticsearch",component:u("/service-bridge/operations/vault/elasticsearch","abd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/vault/istiod-ca",component:u("/service-bridge/operations/vault/istiod-ca","136"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/operations/vault/postgresql",component:u("/service-bridge/operations/vault/postgresql","1e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart",component:u("/service-bridge/quickstart","205"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/apps",component:u("/service-bridge/quickstart/apps","11d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/config-groups",component:u("/service-bridge/quickstart/config-groups","3cb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/deploy-sample-app",component:u("/service-bridge/quickstart/deploy-sample-app","343"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/ingress-gateway",component:u("/service-bridge/quickstart/ingress-gateway","4b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/introduction",component:u("/service-bridge/quickstart/introduction","c3f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/observability",component:u("/service-bridge/quickstart/observability","0c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/permissions",component:u("/service-bridge/quickstart/permissions","996"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/security",component:u("/service-bridge/quickstart/security","5a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/tenant",component:u("/service-bridge/quickstart/tenant","155"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/traffic-shifting",component:u("/service-bridge/quickstart/traffic-shifting","732"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/quickstart/workspace",component:u("/service-bridge/quickstart/workspace","44f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference",component:u("/service-bridge/reference","964"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli",component:u("/service-bridge/reference/cli","920"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/guide/index",component:u("/service-bridge/reference/cli/guide/index","c34"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/guide/toc",component:u("/service-bridge/reference/cli/guide/toc","609"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference",component:u("/service-bridge/reference/cli/reference","5fd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/apply",component:u("/service-bridge/reference/cli/reference/apply","000"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/audit",component:u("/service-bridge/reference/cli/reference/audit","1bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/collect",component:u("/service-bridge/reference/cli/reference/collect","b30"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/completion",component:u("/service-bridge/reference/cli/reference/completion","709"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/config",component:u("/service-bridge/reference/cli/reference/config","906"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/debug",component:u("/service-bridge/reference/cli/reference/debug","8e8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/delete",component:u("/service-bridge/reference/cli/reference/delete","56d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/edit",component:u("/service-bridge/reference/cli/reference/edit","381"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/experimental",component:u("/service-bridge/reference/cli/reference/experimental","254"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/get",component:u("/service-bridge/reference/cli/reference/get","354"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/index",component:u("/service-bridge/reference/cli/reference/index","720"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/install",component:u("/service-bridge/reference/cli/reference/install","9c6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/login",component:u("/service-bridge/reference/cli/reference/login","1fb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/service-account",component:u("/service-bridge/reference/cli/reference/service-account","56a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/status",component:u("/service-bridge/reference/cli/reference/status","3c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/ui",component:u("/service-bridge/reference/cli/reference/ui","0c3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/validate",component:u("/service-bridge/reference/cli/reference/validate","410"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/version",component:u("/service-bridge/reference/cli/reference/version","04c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/whoami",component:u("/service-bridge/reference/cli/reference/whoami","556"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/cli/reference/workload-entry-annotations",component:u("/service-bridge/reference/cli/reference/workload-entry-annotations","049"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/grpc-api",component:u("/service-bridge/reference/grpc-api","69c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/grpc-api/guide",component:u("/service-bridge/reference/grpc-api/guide","884"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/grpc-api/reference",component:u("/service-bridge/reference/grpc-api/reference","3e0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api",component:u("/service-bridge/reference/k8s-api","4de"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/guide",component:u("/service-bridge/reference/k8s-api/guide","f1a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen","e8f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io","7f9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io","f0c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io","5d7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io","c4d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io","c84"),exact:!0},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io","523"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io","f4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io","186"),exact:!0},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io","d96"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api","87f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster","887"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig","87f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization","f10"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting","511"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount","f57"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team","008"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant","05d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting","bce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user","5c1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace","a7f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting","28c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2",component:u("/service-bridge/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2","0ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/operators",component:u("/service-bridge/reference/operators","d59"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/rest-api/guide",component:u("/service-bridge/reference/rest-api/guide","171"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/samples",component:u("/service-bridge/reference/samples","1ee"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/samples/httpbin",component:u("/service-bridge/reference/samples/httpbin","b49"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/samples/opa",component:u("/service-bridge/reference/samples/opa","e3f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/samples/sleep-service",component:u("/service-bridge/reference/samples/sleep-service","cfa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/workload-onboarding",component:u("/service-bridge/reference/workload-onboarding","440"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/workload-onboarding/onboarding-agent",component:u("/service-bridge/reference/workload-onboarding/onboarding-agent","874"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/workload-onboarding/onboarding-authorization",component:u("/service-bridge/reference/workload-onboarding/onboarding-authorization","ed1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/workload-onboarding/onboarding-runtime",component:u("/service-bridge/reference/workload-onboarding/onboarding-runtime","281"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/yaml-api",component:u("/service-bridge/reference/yaml-api","828"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/yaml-api/guide",component:u("/service-bridge/reference/yaml-api/guide","59e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/reference/yaml-api/reference",component:u("/service-bridge/reference/yaml-api/reference","e27"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/audit/v1/audit",component:u("/service-bridge/refs/audit/v1/audit","f79"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/audit/v1/grpc",component:u("/service-bridge/refs/audit/v1/grpc","92a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/iam/v2/grpc",component:u("/service-bridge/refs/iam/v2/grpc","89c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/iam/v2/oauth_service",component:u("/service-bridge/refs/iam/v2/oauth_service","3f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/iam/v2/oidc_service",component:u("/service-bridge/refs/iam/v2/oidc_service","4f3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install",component:u("/service-bridge/refs/install","ac6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/common/common_config",component:u("/service-bridge/refs/install/common/common_config","88a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/controlplane/v1alpha1/spec",component:u("/service-bridge/refs/install/controlplane/v1alpha1/spec","a81"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/controlplane/v1alpha1/status",component:u("/service-bridge/refs/install/controlplane/v1alpha1/status","fca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/dataplane/v1alpha1/spec",component:u("/service-bridge/refs/install/dataplane/v1alpha1/spec","934"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/kubernetes/k8s",component:u("/service-bridge/refs/install/kubernetes/k8s","13e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/managementplane/v1alpha1/spec",component:u("/service-bridge/refs/install/managementplane/v1alpha1/spec","90d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/install/managementplane/v1alpha1/status",component:u("/service-bridge/refs/install/managementplane/v1alpha1/status","1eb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/agent/v1alpha1/agent_configuration",component:u("/service-bridge/refs/onboarding/config/agent/v1alpha1/agent_configuration","0b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/agent/v1alpha1/onboarding_configuration",component:u("/service-bridge/refs/onboarding/config/agent/v1alpha1/onboarding_configuration","de0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/authorization/aws/v1alpha1/aws",component:u("/service-bridge/refs/onboarding/config/authorization/aws/v1alpha1/aws","458"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/authorization/jwt/v1alpha1/jwt",component:u("/service-bridge/refs/onboarding/config/authorization/jwt/v1alpha1/jwt","14f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/authorization/v1alpha1/policy",component:u("/service-bridge/refs/onboarding/config/authorization/v1alpha1/policy","df5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/install/v1alpha1/jwt_issuer",component:u("/service-bridge/refs/onboarding/config/install/v1alpha1/jwt_issuer","9c2"),exact:!0},{path:"/service-bridge/refs/onboarding/config/install/v1alpha1/workload_configuration",component:u("/service-bridge/refs/onboarding/config/install/v1alpha1/workload_configuration","0a5"),exact:!0},{path:"/service-bridge/refs/onboarding/config/runtime/v1alpha1/registration",component:u("/service-bridge/refs/onboarding/config/runtime/v1alpha1/registration","420"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/onboarding/config/types/config/v1alpha1/transport_security",component:u("/service-bridge/refs/onboarding/config/types/config/v1alpha1/transport_security","0bb"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/core/v1alpha1/condition",component:u("/service-bridge/refs/onboarding/config/types/core/v1alpha1/condition","1f0"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/core/v1alpha1/namespaced_name",component:u("/service-bridge/refs/onboarding/config/types/core/v1alpha1/namespaced_name","50d"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/identity/aws/v1alpha1/aws",component:u("/service-bridge/refs/onboarding/config/types/identity/aws/v1alpha1/aws","9df"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt",component:u("/service-bridge/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt","76d"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/identity/v1alpha1/identity",component:u("/service-bridge/refs/onboarding/config/types/identity/v1alpha1/identity","586"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/hostinfo",component:u("/service-bridge/refs/onboarding/config/types/registration/v1alpha1/hostinfo","b3d"),exact:!0},{path:"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/registration",component:u("/service-bridge/refs/onboarding/config/types/registration/v1alpha1/registration","171"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin",component:u("/service-bridge/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin","b2b"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin",component:u("/service-bridge/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin","e53"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service",component:u("/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service","fdd"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service",component:u("/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service","4ee"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration",component:u("/service-bridge/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration","e9f"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/plane/generator/v1alpha1/version",component:u("/service-bridge/refs/onboarding/private/component/plane/generator/v1alpha1/version","278"),exact:!0},{path:"/service-bridge/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token",component:u("/service-bridge/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token","02f"),exact:!0},{path:"/service-bridge/refs/onboarding/private/install/v1alpha1/spec",component:u("/service-bridge/refs/onboarding/private/install/v1alpha1/spec","907"),exact:!0},{path:"/service-bridge/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service",component:u("/service-bridge/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service","935"),exact:!0},{path:"/service-bridge/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service",component:u("/service-bridge/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service","485"),exact:!0},{path:"/service-bridge/refs/onboarding/private/protocol/registration/v1alpha1/registration_service",component:u("/service-bridge/refs/onboarding/private/protocol/registration/v1alpha1/registration_service","637"),exact:!0},{path:"/service-bridge/refs/onboarding/private/protocol/session/v1alpha1/session_service",component:u("/service-bridge/refs/onboarding/private/protocol/session/v1alpha1/session_service","d31"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/config/v1alpha1/transport_security",component:u("/service-bridge/refs/onboarding/private/types/config/v1alpha1/transport_security","dd4"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/ec2",component:u("/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/ec2","698"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/sts",component:u("/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/sts","c11"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt",component:u("/service-bridge/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt","7be"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/discovery/v1alpha1/discovery",component:u("/service-bridge/refs/onboarding/private/types/discovery/v1alpha1/discovery","7ad"),exact:!0},{path:"/service-bridge/refs/onboarding/private/types/sidecar/v1alpha1/configuration",component:u("/service-bridge/refs/onboarding/private/types/sidecar/v1alpha1/configuration","549"),exact:!0},{path:"/service-bridge/refs/private/iam/v1/iam",component:u("/service-bridge/refs/private/iam/v1/iam","c07"),exact:!0},{path:"/service-bridge/refs/test/v1/echo",component:u("/service-bridge/refs/test/v1/echo","ff6"),exact:!0},{path:"/service-bridge/refs/tsb/application/v2/api",component:u("/service-bridge/refs/tsb/application/v2/api","f71"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/application/v2/application",component:u("/service-bridge/refs/tsb/application/v2/application","e35"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/application/v2/application_service",component:u("/service-bridge/refs/tsb/application/v2/application_service","b06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/application/v2/grpc",component:u("/service-bridge/refs/tsb/application/v2/grpc","d78"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/application/v2/openapi_extensions",component:u("/service-bridge/refs/tsb/application/v2/openapi_extensions","bb0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/application/v2/yaml",component:u("/service-bridge/refs/tsb/application/v2/yaml","489"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/auth/v2/auth",component:u("/service-bridge/refs/tsb/auth/v2/auth","0f6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/auth/v2/yaml",component:u("/service-bridge/refs/tsb/auth/v2/yaml","0cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/dashboard/v1/dashboard_service",component:u("/service-bridge/refs/tsb/dashboard/v1/dashboard_service","d6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/dashboard/v1/grpc",component:u("/service-bridge/refs/tsb/dashboard/v1/grpc","26f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/diagnostic/v2/diagnostic_service",component:u("/service-bridge/refs/tsb/diagnostic/v2/diagnostic_service","1c0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/diagnostic/v2/grpc",component:u("/service-bridge/refs/tsb/diagnostic/v2/grpc","9c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/extension/v2/grpc",component:u("/service-bridge/refs/tsb/extension/v2/grpc","072"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/extension/v2/wasm_extension",component:u("/service-bridge/refs/tsb/extension/v2/wasm_extension","336"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/extension/v2/wasm_service",component:u("/service-bridge/refs/tsb/extension/v2/wasm_service","d20"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/extension/v2/yaml",component:u("/service-bridge/refs/tsb/extension/v2/yaml","722"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/auth",component:u("/service-bridge/refs/tsb/gateway/v2/auth","46c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/eastwest_gateway",component:u("/service-bridge/refs/tsb/gateway/v2/eastwest_gateway","923"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/egress_gateway",component:u("/service-bridge/refs/tsb/gateway/v2/egress_gateway","478"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/gateway",component:u("/service-bridge/refs/tsb/gateway/v2/gateway","6bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/gateway_common",component:u("/service-bridge/refs/tsb/gateway/v2/gateway_common","028"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/gateway_group",component:u("/service-bridge/refs/tsb/gateway/v2/gateway_group","048"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/gateway_service",component:u("/service-bridge/refs/tsb/gateway/v2/gateway_service","1ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/grpc",component:u("/service-bridge/refs/tsb/gateway/v2/grpc","883"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/ingress_gateway",component:u("/service-bridge/refs/tsb/gateway/v2/ingress_gateway","d11"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/istio_gateway_direct",component:u("/service-bridge/refs/tsb/gateway/v2/istio_gateway_direct","8bf"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/tier1_gateway",component:u("/service-bridge/refs/tsb/gateway/v2/tier1_gateway","da9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/gateway/v2/yaml",component:u("/service-bridge/refs/tsb/gateway/v2/yaml","c98"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/istiointernal/v2/grpc",component:u("/service-bridge/refs/tsb/istiointernal/v2/grpc","3d3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/istiointernal/v2/istio_internal_group",component:u("/service-bridge/refs/tsb/istiointernal/v2/istio_internal_group","a6a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/istiointernal/v2/istio_istiointernal_direct",component:u("/service-bridge/refs/tsb/istiointernal/v2/istio_istiointernal_direct","d4c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/istiointernal/v2/istiointernal_service",component:u("/service-bridge/refs/tsb/istiointernal/v2/istiointernal_service","d5f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/istiointernal/v2/yaml",component:u("/service-bridge/refs/tsb/istiointernal/v2/yaml","502"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/grpc",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/grpc","2cd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/metric",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/metric","8ce"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/metric_service",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/metric_service","57c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/source",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/source","e4f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/source_service",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/source_service","369"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/observability/telemetry/v2/yaml",component:u("/service-bridge/refs/tsb/observability/telemetry/v2/yaml","e9a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/profile/v2/grpc",component:u("/service-bridge/refs/tsb/profile/v2/grpc","d62"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/profile/v2/profile",component:u("/service-bridge/refs/tsb/profile/v2/profile","84f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/profile/v2/profile_service",component:u("/service-bridge/refs/tsb/profile/v2/profile_service","f12"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/profile/v2/yaml",component:u("/service-bridge/refs/tsb/profile/v2/yaml","33b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/q/v2/approvals_service",component:u("/service-bridge/refs/tsb/q/v2/approvals_service","e0e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/q/v2/grpc",component:u("/service-bridge/refs/tsb/q/v2/grpc","6ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/q/v2/permissions_service",component:u("/service-bridge/refs/tsb/q/v2/permissions_service","a2a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/access_bindings","226"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/api_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/api_access_bindings","6a9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/application_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/application_access_bindings","12b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/binding",component:u("/service-bridge/refs/tsb/rbac/v2/binding","1b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/gateway_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/gateway_access_bindings","a1c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/grpc",component:u("/service-bridge/refs/tsb/rbac/v2/grpc","064"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/istio_internal_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/istio_internal_access_bindings","b73"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/organization_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/organization_access_bindings","2bc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/permissions",component:u("/service-bridge/refs/tsb/rbac/v2/permissions","5df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/policy_service",component:u("/service-bridge/refs/tsb/rbac/v2/policy_service","8ea"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/role",component:u("/service-bridge/refs/tsb/rbac/v2/role","877"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/role_service",component:u("/service-bridge/refs/tsb/rbac/v2/role_service","f45"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/security_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/security_access_bindings","155"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/tenant_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/tenant_access_bindings","c4e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/traffic_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/traffic_access_bindings","498"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/workspace_access_bindings",component:u("/service-bridge/refs/tsb/rbac/v2/workspace_access_bindings","3c8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/rbac/v2/yaml",component:u("/service-bridge/refs/tsb/rbac/v2/yaml","636"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/registry/v2/grpc",component:u("/service-bridge/refs/tsb/registry/v2/grpc","6ba"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/registry/v2/lookup_service",component:u("/service-bridge/refs/tsb/registry/v2/lookup_service","5b1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/registry/v2/registration_service",component:u("/service-bridge/refs/tsb/registry/v2/registration_service","1a4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/registry/v2/service",component:u("/service-bridge/refs/tsb/registry/v2/service","0b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/registry/v2/yaml",component:u("/service-bridge/refs/tsb/registry/v2/yaml","2c5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/grpc",component:u("/service-bridge/refs/tsb/security/v2/grpc","0a5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/istio_security_direct",component:u("/service-bridge/refs/tsb/security/v2/istio_security_direct","e47"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/security_group",component:u("/service-bridge/refs/tsb/security/v2/security_group","dbb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/security_service",component:u("/service-bridge/refs/tsb/security/v2/security_service","6e4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/security_setting",component:u("/service-bridge/refs/tsb/security/v2/security_setting","0df"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/service_security_setting",component:u("/service-bridge/refs/tsb/security/v2/service_security_setting","873"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/waf_settings",component:u("/service-bridge/refs/tsb/security/v2/waf_settings","4f3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/security/v2/yaml",component:u("/service-bridge/refs/tsb/security/v2/yaml","45c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/grpc",component:u("/service-bridge/refs/tsb/segmentation/v1/grpc","aaa"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/membership",component:u("/service-bridge/refs/tsb/segmentation/v1/membership","c6b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/policy",component:u("/service-bridge/refs/tsb/segmentation/v1/policy","497"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/rules",component:u("/service-bridge/refs/tsb/segmentation/v1/rules","6f0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/service",component:u("/service-bridge/refs/tsb/segmentation/v1/service","ae5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/segmentation/v1/yaml",component:u("/service-bridge/refs/tsb/segmentation/v1/yaml","890"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/grpc",component:u("/service-bridge/refs/tsb/traffic/v2/grpc","b72"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/istio_traffic_direct",component:u("/service-bridge/refs/tsb/traffic/v2/istio_traffic_direct","040"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/service_route",component:u("/service-bridge/refs/tsb/traffic/v2/service_route","845"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/service_traffic_setting",component:u("/service-bridge/refs/tsb/traffic/v2/service_traffic_setting","1b7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/traffic_group",component:u("/service-bridge/refs/tsb/traffic/v2/traffic_group","ba2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/traffic_service",component:u("/service-bridge/refs/tsb/traffic/v2/traffic_service","cfc"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/traffic_setting",component:u("/service-bridge/refs/tsb/traffic/v2/traffic_setting","df0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/traffic/v2/yaml",component:u("/service-bridge/refs/tsb/traffic/v2/yaml","74a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/types/v2/types",component:u("/service-bridge/refs/tsb/types/v2/types","d31"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/types/v2/yaml",component:u("/service-bridge/refs/tsb/types/v2/yaml","a85"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/api",component:u("/service-bridge/refs/tsb/v2/api","7b6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/cluster",component:u("/service-bridge/refs/tsb/v2/cluster","09e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/cluster_service",component:u("/service-bridge/refs/tsb/v2/cluster_service","bd0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/grpc",component:u("/service-bridge/refs/tsb/v2/grpc","dd6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/info",component:u("/service-bridge/refs/tsb/v2/info","6b8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/organization",component:u("/service-bridge/refs/tsb/v2/organization","e00"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/organization_service",component:u("/service-bridge/refs/tsb/v2/organization_service","1f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/organization_setting",component:u("/service-bridge/refs/tsb/v2/organization_setting","191"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/status",component:u("/service-bridge/refs/tsb/v2/status","de4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/status_service",component:u("/service-bridge/refs/tsb/v2/status_service","ee2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/team",component:u("/service-bridge/refs/tsb/v2/team","88f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/team_service",component:u("/service-bridge/refs/tsb/v2/team_service","50c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/tenant",component:u("/service-bridge/refs/tsb/v2/tenant","517"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/tenant_service",component:u("/service-bridge/refs/tsb/v2/tenant_service","a86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/tenant_setting",component:u("/service-bridge/refs/tsb/v2/tenant_setting","a64"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/workspace",component:u("/service-bridge/refs/tsb/v2/workspace","7a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/workspace_service",component:u("/service-bridge/refs/tsb/v2/workspace_service","4f4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/workspace_setting",component:u("/service-bridge/refs/tsb/v2/workspace_setting","9c7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/refs/tsb/v2/yaml",component:u("/service-bridge/refs/tsb/v2/yaml","356"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/release-notes",component:u("/service-bridge/release-notes","920"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/release-notes-announcements",component:u("/service-bridge/release-notes-announcements","2b5"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/release-notes-announcements/announcement",component:u("/service-bridge/release-notes-announcements/announcement","d68"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/release-notes-announcements/feature-status",component:u("/service-bridge/release-notes-announcements/feature-status","4d9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/release-notes-announcements/support-policy",component:u("/service-bridge/release-notes-announcements/support-policy","ebd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup",component:u("/service-bridge/setup","c40"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/aws",component:u("/service-bridge/setup/aws","b24"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/aws/container-marketplace",component:u("/service-bridge/setup/aws/container-marketplace","3ed"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/aws/vpc",component:u("/service-bridge/setup/aws/vpc","542"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/certificate",component:u("/service-bridge/setup/certificate","08c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/certificate/automated-certificate-management",component:u("/service-bridge/setup/certificate/automated-certificate-management","000"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/certificate/certificate-requirements",component:u("/service-bridge/setup/certificate/certificate-requirements","088"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/certificate/certificate-setup",component:u("/service-bridge/setup/certificate/certificate-setup","605"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/components",component:u("/service-bridge/setup/components","b8e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/fips",component:u("/service-bridge/setup/fips","e28"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/firewall-information",component:u("/service-bridge/setup/firewall-information","6b2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/",component:u("/service-bridge/setup/helm/","5af"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/controlplane",component:u("/service-bridge/setup/helm/controlplane","011"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/helm",component:u("/service-bridge/setup/helm/helm","0e2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/managementplane",component:u("/service-bridge/setup/helm/managementplane","b83"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/uninstallation",component:u("/service-bridge/setup/helm/uninstallation","586"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/helm/upgrade",component:u("/service-bridge/setup/helm/upgrade","78a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/isolation-boundaries",component:u("/service-bridge/setup/isolation-boundaries","2f1"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/isolation-boundaries-installation",component:u("/service-bridge/setup/isolation-boundaries-installation","605"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/migrate-tctl-to-helm",component:u("/service-bridge/setup/migrate-tctl-to-helm","46b"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/remote-registry",component:u("/service-bridge/setup/remote-registry","154"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/requirements-and-download",component:u("/service-bridge/setup/requirements-and-download","c5d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/resource-planning",component:u("/service-bridge/setup/resource-planning","c6f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/security-context",component:u("/service-bridge/setup/security-context","9ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/",component:u("/service-bridge/setup/self-managed/","bcb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/demo-installation",component:u("/service-bridge/setup/self-managed/demo-installation","1ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/management-plane-installation",component:u("/service-bridge/setup/self-managed/management-plane-installation","3ab"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/onboarding-clusters",component:u("/service-bridge/setup/self-managed/onboarding-clusters","abd"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/uninstallation",component:u("/service-bridge/setup/self-managed/uninstallation","0a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/self-managed/upgrade",component:u("/service-bridge/setup/self-managed/upgrade","85c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/tctl-connect",component:u("/service-bridge/setup/tctl-connect","cf3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrade-best-practices",component:u("/service-bridge/setup/upgrade-best-practices","1c9"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrades",component:u("/service-bridge/setup/upgrades","28c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrades/cni-upgrade",component:u("/service-bridge/setup/upgrades/cni-upgrade","d65"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrades/gateway-upgrade",component:u("/service-bridge/setup/upgrades/gateway-upgrade","578"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrades/non-revisioned-to-revisioned",component:u("/service-bridge/setup/upgrades/non-revisioned-to-revisioned","364"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/upgrades/revisioned-to-revisioned",component:u("/service-bridge/setup/upgrades/revisioned-to-revisioned","1e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding",component:u("/service-bridge/setup/workload-onboarding","e79"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/",component:u("/service-bridge/setup/workload-onboarding/guides/","46c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/ecs-workloads",component:u("/service-bridge/setup/workload-onboarding/guides/ecs-workloads","b6d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/managing",component:u("/service-bridge/setup/workload-onboarding/guides/managing","30f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/on-premise-workloads",component:u("/service-bridge/setup/workload-onboarding/guides/on-premise-workloads","f88"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/onboarding",component:u("/service-bridge/setup/workload-onboarding/guides/onboarding","ba7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/overview",component:u("/service-bridge/setup/workload-onboarding/guides/overview","e03"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/setup",component:u("/service-bridge/setup/workload-onboarding/guides/setup","804"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/guides/troubleshooting",component:u("/service-bridge/setup/workload-onboarding/guides/troubleshooting","dad"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/onboarding-vms",component:u("/service-bridge/setup/workload-onboarding/onboarding-vms","c08"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart",component:u("/service-bridge/setup/workload-onboarding/quickstart","51c"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/","a86"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/bookinfo",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/bookinfo","3ca"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-vm",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-vm","f06"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding","756"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding","7b4"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg","3a3"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm","bf0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/","85e"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding","511"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs",component:u("/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs","5a0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/",component:u("/service-bridge/setup/workload-onboarding/quickstart/on-premise/","3c2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-vm",component:u("/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-vm","04d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding",component:u("/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding","5e6"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/onboard-vm",component:u("/service-bridge/setup/workload-onboarding/quickstart/on-premise/onboard-vm","0d8"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting",component:u("/service-bridge/troubleshooting","1d7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/cluster-onboarding",component:u("/service-bridge/troubleshooting/cluster-onboarding","43a"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/component-status",component:u("/service-bridge/troubleshooting/component-status","c7d"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/configuration-status",component:u("/service-bridge/troubleshooting/configuration-status","9f2"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/gateway-troubleshooting",component:u("/service-bridge/troubleshooting/gateway-troubleshooting","bf0"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/identify-underperforming-services",component:u("/service-bridge/troubleshooting/identify-underperforming-services","10f"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/Maximum-header-size-exceed",component:u("/service-bridge/troubleshooting/Maximum-header-size-exceed","1e7"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/Multiple-Transfer-encoding-chunked",component:u("/service-bridge/troubleshooting/Multiple-Transfer-encoding-chunked","787"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/proxy-tools",component:u("/service-bridge/troubleshooting/proxy-tools","120"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/troubleshooting",component:u("/service-bridge/troubleshooting/troubleshooting","dcb"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/troubleshooting/tsb-ui-metrics",component:u("/service-bridge/troubleshooting/tsb-ui-metrics","4ec"),exact:!0,sidebar:"defaultSidebar"},{path:"/service-bridge/workingwithsupport/workingWithTetrateSupport",component:u("/service-bridge/workingwithsupport/workingWithTetrateSupport","13d"),exact:!0,sidebar:"defaultSidebar"}]}]}]},{path:"/",component:u("/","e5f"),exact:!0},{path:"*",component:u("*")}]},823992:function(e,t,r){"use strict";function s(e,t){(null==t||t&gt;e.length)&amp;&amp;(t=e.length);for(var r=0,s=Array(t);r&lt;t;r++)s[r]=e[r];return s}r.d(t,{Z:function(){return s}})},313714:function(e,t,r){"use strict";function s(){return(s=Object.assign?Object.assign.bind():function(e){for(var t=1;t&lt;arguments.length;t++){var r=arguments[t];for(var s in r)({}).hasOwnProperty.call(r,s)&amp;&amp;(e[s]=r[s])}return e}).apply(null,arguments)}r.d(t,{Z:function(){return s}})},541543:function(e,t,r){"use strict";r.d(t,{Z:function(){return n}});var s=r(911503);function n(e,t){e.prototype=Object.create(t.prototype),e.prototype.constructor=e,(0,s.Z)(e,t)}},322753:function(e,t,r){"use strict";r.d(t,{Z:function(){return n}});var s=r(283660);function n(e,t){if(null==e)return{};var r,n,i=(0,s.Z)(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n&lt;a.length;n++)r=a[n],-1===t.indexOf(r)&amp;&amp;({}).propertyIsEnumerable.call(e,r)&amp;&amp;(i[r]=e[r])}return i}},283660:function(e,t,r){"use strict";function s(e,t){if(null==e)return{};var r={};for(var s in e)if(({}).hasOwnProperty.call(e,s)){if(-1!==t.indexOf(s))continue;r[s]=e[s]}return r}r.d(t,{Z:function(){return s}})},911503:function(e,t,r){"use strict";function s(e,t){return(s=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e})(e,t)}r.d(t,{Z:function(){return s}})},486221:function(e,t,r){"use strict";r.d(t,{Z:()=&gt;n});var s=r("997053");function n(e,t){return function(e){if(Array.isArray(e))return e}(e)||function(e,t){var r=null==e?null:"undefined"!=typeof Symbol&amp;&amp;e[Symbol.iterator]||e["@@iterator"];if(null!=r){var s,n,i,a,o=[],c=!0,p=!1;try{if(i=(r=r.call(e)).next,0===t){if(Object(r)!==r)return;c=!1}else for(;!(c=(s=i.call(r)).done)&amp;&amp;(o.push(s.value),o.length!==t);c=!0);}catch(e){p=!0,n=e}finally{try{if(!c&amp;&amp;null!=r.return&amp;&amp;(a=r.return(),Object(a)!==a))return}finally{if(p)throw n}}return o}}(e,t)||(0,s.Z)(e,t)||function(){throw TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}},997053:function(e,t,r){"use strict";r.d(t,{Z:function(){return n}});var s=r(823992);function n(e,t){if(e){if("string"==typeof e)return(0,s.Z)(e,t);var r=({}).toString.call(e).slice(8,-1);return"Object"===r&amp;&amp;e.constructor&amp;&amp;(r=e.constructor.name),"Map"===r||"Set"===r?Array.from(e):"Arguments"===r||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(r)?(0,s.Z)(e,t):void 0}}},395365:function(e,t,r){"use strict";r.r(t),r.d(t,{__addDisposableResource:function(){return E},__assign:function(){return i},__asyncDelegator:function(){return q},__asyncGenerator:function(){return A},__asyncValues:function(){return k},__await:function(){return _},__awaiter:function(){return h},__classPrivateFieldGet:function(){return P},__classPrivateFieldIn:function(){return R},__classPrivateFieldSet:function(){return $},__createBinding:function(){return f},__decorate:function(){return o},__disposeResources:function(){return C},__esDecorate:function(){return p},__exportStar:function(){return y},__extends:function(){return n},__generator:function(){return g},__importDefault:function(){return I},__importStar:function(){return j},__makeTemplateObject:function(){return T},__metadata:function(){return m},__param:function(){return c},__propKey:function(){return u},__read:function(){return b},__rest:function(){return a},__runInitializers:function(){return d},__setFunctionName:function(){return l},__spread:function(){return w},__spreadArray:function(){return S},__spreadArrays:function(){return x},__values:function(){return v},default:function(){return L}});var s=function(e,t){return(s=Object.setPrototypeOf||({__proto__:[]})instanceof Array&amp;&amp;function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&amp;&amp;(e[r]=t[r])})(e,t)};function n(e,t){if("function"!=typeof t&amp;&amp;null!==t)throw TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}s(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)}var i=function(){return(i=Object.assign||function(e){for(var t,r=1,s=arguments.length;r&lt;s;r++)for(var n in t=arguments[r])Object.prototype.hasOwnProperty.call(t,n)&amp;&amp;(e[n]=t[n]);return e}).apply(this,arguments)};function a(e,t){var r={};for(var s in e)Object.prototype.hasOwnProperty.call(e,s)&amp;&amp;0&gt;t.indexOf(s)&amp;&amp;(r[s]=e[s]);if(null!=e&amp;&amp;"function"==typeof Object.getOwnPropertySymbols)for(var n=0,s=Object.getOwnPropertySymbols(e);n&lt;s.length;n++)0&gt;t.indexOf(s[n])&amp;&amp;Object.prototype.propertyIsEnumerable.call(e,s[n])&amp;&amp;(r[s[n]]=e[s[n]]);return r}function o(e,t,r,s){var n,i=arguments.length,a=i&lt;3?t:null===s?s=Object.getOwnPropertyDescriptor(t,r):s;if("object"==typeof Reflect&amp;&amp;"function"==typeof Reflect.decorate)a=Reflect.decorate(e,t,r,s);else for(var o=e.length-1;o&gt;=0;o--)(n=e[o])&amp;&amp;(a=(i&lt;3?n(a):i&gt;3?n(t,r,a):n(t,r))||a);return i&gt;3&amp;&amp;a&amp;&amp;Object.defineProperty(t,r,a),a}function c(e,t){return function(r,s){t(r,s,e)}}function p(e,t,r,s,n,i){function a(e){if(void 0!==e&amp;&amp;"function"!=typeof e)throw TypeError("Function expected");return e}for(var o,c=s.kind,p="getter"===c?"get":"setter"===c?"set":"value",d=!t&amp;&amp;e?s.static?e:e.prototype:null,u=t||(d?Object.getOwnPropertyDescriptor(d,s.name):{}),l=!1,m=r.length-1;m&gt;=0;m--){var h={};for(var g in s)h[g]="access"===g?{}:s[g];for(var g in s.access)h.access[g]=s.access[g];h.addInitializer=function(e){if(l)throw TypeError("Cannot add initializers after decoration has completed");i.push(a(e||null))};var f=(0,r[m])("accessor"===c?{get:u.get,set:u.set}:u[p],h);if("accessor"===c){if(void 0===f)continue;if(null===f||"object"!=typeof f)throw TypeError("Object expected");(o=a(f.get))&amp;&amp;(u.get=o),(o=a(f.set))&amp;&amp;(u.set=o),(o=a(f.init))&amp;&amp;n.unshift(o)}else(o=a(f))&amp;&amp;("field"===c?n.unshift(o):u[p]=o)}d&amp;&amp;Object.defineProperty(d,s.name,u),l=!0}function d(e,t,r){for(var s=arguments.length&gt;2,n=0;n&lt;t.length;n++)r=s?t[n].call(e,r):t[n].call(e);return s?r:void 0}function u(e){return"symbol"==typeof e?e:"".concat(e)}function l(e,t,r){return"symbol"==typeof t&amp;&amp;(t=t.description?"[".concat(t.description,"]"):""),Object.defineProperty(e,"name",{configurable:!0,value:r?"".concat(r," ",t):t})}function m(e,t){if("object"==typeof Reflect&amp;&amp;"function"==typeof Reflect.metadata)return Reflect.metadata(e,t)}function h(e,t,r,s){return new(r||(r=Promise))(function(n,i){function a(e){try{c(s.next(e))}catch(e){i(e)}}function o(e){try{c(s.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?n(e.value):((t=e.value)instanceof r?t:new r(function(e){e(t)})).then(a,o)}c((s=s.apply(e,t||[])).next())})}function g(e,t){var r,s,n,i,a={label:0,sent:function(){if(1&amp;n[0])throw n[1];return n[1]},trys:[],ops:[]};return i={next:o(0),throw:o(1),return:o(2)},"function"==typeof Symbol&amp;&amp;(i[Symbol.iterator]=function(){return this}),i;function o(o){return function(c){return function(o){if(r)throw TypeError("Generator is already executing.");for(;i&amp;&amp;(i=0,o[0]&amp;&amp;(a=0)),a;)try{if(r=1,s&amp;&amp;(n=2&amp;o[0]?s.return:o[0]?s.throw||((n=s.return)&amp;&amp;n.call(s),0):s.next)&amp;&amp;!(n=n.call(s,o[1])).done)return n;switch(s=0,n&amp;&amp;(o=[2&amp;o[0],n.value]),o[0]){case 0:case 1:n=o;break;case 4:return a.label++,{value:o[1],done:!1};case 5:a.label++,s=o[1],o=[0];continue;case 7:o=a.ops.pop(),a.trys.pop();continue;default:if(!(n=(n=a.trys).length&gt;0&amp;&amp;n[n.length-1])&amp;&amp;(6===o[0]||2===o[0])){a=0;continue}if(3===o[0]&amp;&amp;(!n||o[1]&gt;n[0]&amp;&amp;o[1]&lt;n[3])){a.label=o[1];break}if(6===o[0]&amp;&amp;a.label&lt;n[1]){a.label=n[1],n=o;break}if(n&amp;&amp;a.label&lt;n[2]){a.label=n[2],a.ops.push(o);break}n[2]&amp;&amp;a.ops.pop(),a.trys.pop();continue}o=t.call(e,a)}catch(e){o=[6,e],s=0}finally{r=n=0}if(5&amp;o[0])throw o[1];return{value:o[0]?o[1]:void 0,done:!0}}([o,c])}}}var f=Object.create?function(e,t,r,s){void 0===s&amp;&amp;(s=r);var n=Object.getOwnPropertyDescriptor(t,r);(!n||("get"in n?!t.__esModule:n.writable||n.configurable))&amp;&amp;(n={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,s,n)}:function(e,t,r,s){void 0===s&amp;&amp;(s=r),e[s]=t[r]};function y(e,t){for(var r in e)"default"===r||Object.prototype.hasOwnProperty.call(t,r)||f(t,e,r)}function v(e){var t="function"==typeof Symbol&amp;&amp;Symbol.iterator,r=t&amp;&amp;e[t],s=0;if(r)return r.call(e);if(e&amp;&amp;"number"==typeof e.length)return{next:function(){return e&amp;&amp;s&gt;=e.length&amp;&amp;(e=void 0),{value:e&amp;&amp;e[s++],done:!e}}};throw TypeError(t?"Object is not iterable.":"Symbol.iterator is not defined.")}function b(e,t){var r="function"==typeof Symbol&amp;&amp;e[Symbol.iterator];if(!r)return e;var s,n,i=r.call(e),a=[];try{for(;(void 0===t||t-- &gt;0)&amp;&amp;!(s=i.next()).done;)a.push(s.value)}catch(e){n={error:e}}finally{try{s&amp;&amp;!s.done&amp;&amp;(r=i.return)&amp;&amp;r.call(i)}finally{if(n)throw n.error}}return a}function w(){for(var e=[],t=0;t&lt;arguments.length;t++)e=e.concat(b(arguments[t]));return e}function x(){for(var e=0,t=0,r=arguments.length;t&lt;r;t++)e+=arguments[t].length;for(var s=Array(e),n=0,t=0;t&lt;r;t++)for(var i=arguments[t],a=0,o=i.length;a&lt;o;a++,n++)s[n]=i[a];return s}function S(e,t,r){if(r||2==arguments.length)for(var s,n=0,i=t.length;n&lt;i;n++)!s&amp;&amp;n in t||(s||(s=Array.prototype.slice.call(t,0,n)),s[n]=t[n]);return e.concat(s||Array.prototype.slice.call(t))}function _(e){return this instanceof _?(this.v=e,this):new _(e)}function A(e,t,r){if(!Symbol.asyncIterator)throw TypeError("Symbol.asyncIterator is not defined.");var s,n=r.apply(e,t||[]),i=[];return s={},a("next"),a("throw"),a("return"),s[Symbol.asyncIterator]=function(){return this},s;function a(e){n[e]&amp;&amp;(s[e]=function(t){return new Promise(function(r,s){i.push([e,t,r,s])&gt;1||o(e,t)})})}function o(e,t){try{var r;(r=n[e](t)).value instanceof _?Promise.resolve(r.value.v).then(c,p):d(i[0][2],r)}catch(e){d(i[0][3],e)}}function c(e){o("next",e)}function p(e){o("throw",e)}function d(e,t){e(t),i.shift(),i.length&amp;&amp;o(i[0][0],i[0][1])}}function q(e){var t,r;return t={},s("next"),s("throw",function(e){throw e}),s("return"),t[Symbol.iterator]=function(){return this},t;function s(s,n){t[s]=e[s]?function(t){return(r=!r)?{value:_(e[s](t)),done:!1}:n?n(t):t}:n}}function k(e){if(!Symbol.asyncIterator)throw TypeError("Symbol.asyncIterator is not defined.");var t,r=e[Symbol.asyncIterator];return r?r.call(e):(e=v(e),t={},s("next"),s("throw"),s("return"),t[Symbol.asyncIterator]=function(){return this},t);function s(r){t[r]=e[r]&amp;&amp;function(t){return new Promise(function(s,n){!function(e,t,r,s){Promise.resolve(s).then(function(t){e({value:t,done:r})},t)}(s,n,(t=e[r](t)).done,t.value)})}}}function T(e,t){return Object.defineProperty?Object.defineProperty(e,"raw",{value:t}):e.raw=t,e}var z=Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t};function j(e){if(e&amp;&amp;e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&amp;&amp;Object.prototype.hasOwnProperty.call(e,r)&amp;&amp;f(t,e,r);return z(t,e),t}function I(e){return e&amp;&amp;e.__esModule?e:{default:e}}function P(e,t,r,s){if("a"===r&amp;&amp;!s)throw TypeError("Private accessor was defined without a getter");if("function"==typeof t?e!==t||!s:!t.has(e))throw TypeError("Cannot read private member from an object whose class did not declare it");return"m"===r?s:"a"===r?s.call(e):s?s.value:t.get(e)}function $(e,t,r,s,n){if("m"===s)throw TypeError("Private method is not writable");if("a"===s&amp;&amp;!n)throw TypeError("Private accessor was defined without a setter");if("function"==typeof t?e!==t||!n:!t.has(e))throw TypeError("Cannot write private member to an object whose class did not declare it");return"a"===s?n.call(e,r):n?n.value=r:t.set(e,r),r}function R(e,t){if(null===t||"object"!=typeof t&amp;&amp;"function"!=typeof t)throw TypeError("Cannot use 'in' operator on non-object");return"function"==typeof e?t===e:e.has(t)}function E(e,t,r){if(null!=t){var s;if("object"!=typeof t&amp;&amp;"function"!=typeof t)throw TypeError("Object expected.");if(r){if(!Symbol.asyncDispose)throw TypeError("Symbol.asyncDispose is not defined.");s=t[Symbol.asyncDispose]}if(void 0===s){if(!Symbol.dispose)throw TypeError("Symbol.dispose is not defined.");s=t[Symbol.dispose]}if("function"!=typeof s)throw TypeError("Object not disposable.");e.stack.push({value:t,dispose:s,async:r})}else r&amp;&amp;e.stack.push({async:!0});return t}var O="function"==typeof SuppressedError?SuppressedError:function(e,t,r){var s=Error(r);return s.name="SuppressedError",s.error=e,s.suppressed=t,s};function C(e){function t(t){e.error=e.hasError?new O(t,e.error,"An error was suppressed during disposal."):t,e.hasError=!0}return function r(){for(;e.stack.length;){var s=e.stack.pop();try{var n=s.dispose&amp;&amp;s.dispose.call(s.value);if(s.async)return Promise.resolve(n).then(r,function(e){return t(e),r()})}catch(e){t(e)}}if(e.hasError)throw e.error}()}let L={__extends:n,__assign:i,__rest:a,__decorate:o,__param:c,__metadata:m,__awaiter:h,__generator:g,__createBinding:f,__exportStar:y,__values:v,__read:b,__spread:w,__spreadArrays:x,__spreadArray:S,__await:_,__asyncGenerator:A,__asyncDelegator:q,__asyncValues:k,__makeTemplateObject:T,__importStar:j,__importDefault:I,__classPrivateFieldGet:P,__classPrivateFieldSet:$,__classPrivateFieldIn:R,__addDisposableResource:E,__disposeResources:C}},436299:function(e,t,r){"use strict";r.d(t,{Z:function(){return s}});let s=function(){for(var e,t,r=0,s="";r&lt;arguments.length;)(e=arguments[r++])&amp;&amp;(t=function e(t){var r,s,n="";if("string"==typeof t||"number"==typeof t)n+=t;else if("object"==typeof t){if(Array.isArray(t))for(r=0;r&lt;t.length;r++)t[r]&amp;&amp;(s=e(t[r]))&amp;&amp;(n&amp;&amp;(n+=" "),n+=s);else for(r in t)t[r]&amp;&amp;(n&amp;&amp;(n+=" "),n+=r)}return n}(e))&amp;&amp;(s&amp;&amp;(s+=" "),s+=t);return s}},900224:function(e,t,r){"use strict";let s,n,i,a,o;r.d(t,{p1:function(){return N},y$:function(){return ey}});var c,p,d,u,l,m,h,g,f,y,v,b,w,x,S,_,A=r(202784),q=r(436299),k=Object.create,T=Object.defineProperty,z=Object.defineProperties,j=Object.getOwnPropertyDescriptor,I=Object.getOwnPropertyDescriptors,P=Object.getOwnPropertyNames,$=Object.getOwnPropertySymbols,R=Object.getPrototypeOf,E=Object.prototype.hasOwnProperty,O=Object.prototype.propertyIsEnumerable,C=(e,t,r)=&gt;t in e?T(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r,L=(e,t)=&gt;{for(var r in t||(t={}))E.call(t,r)&amp;&amp;C(e,r,t[r]);if($)for(var r of $(t))O.call(t,r)&amp;&amp;C(e,r,t[r]);return e},D=(e,t)=&gt;z(e,I(t)),B=(e,t)=&gt;{var r={};for(var s in e)E.call(e,s)&amp;&amp;0&gt;t.indexOf(s)&amp;&amp;(r[s]=e[s]);if(null!=e&amp;&amp;$)for(var s of $(e))0&gt;t.indexOf(s)&amp;&amp;O.call(e,s)&amp;&amp;(r[s]=e[s]);return r},N=(o=null!=(i=(s={"../../node_modules/.pnpm/prismjs@1.29.0_patch_hash=vrxx3pzkik6jpmgpayxfjunetu/node_modules/prismjs/prism.js"(e,t){var r=function(){var e=/(?:^|\s)lang(?:uage)?-([\w-]+)(?=\s|$)/i,t=0,r={},s={util:{encode:function e(t){return t instanceof n?new n(t.type,e(t.content),t.alias):Array.isArray(t)?t.map(e):t.replace(/&amp;/g,"&amp;amp;").replace(/&lt;/g,"&amp;lt;").replace(/\u00a0/g," ")},type:function(e){return Object.prototype.toString.call(e).slice(8,-1)},objId:function(e){return e.__id||Object.defineProperty(e,"__id",{value:++t}),e.__id},clone:function e(t,r){var n,i;switch(r=r||{},s.util.type(t)){case"Object":if(r[i=s.util.objId(t)])return r[i];for(var a in n={},r[i]=n,t)t.hasOwnProperty(a)&amp;&amp;(n[a]=e(t[a],r));return n;case"Array":if(r[i=s.util.objId(t)])return r[i];return n=[],r[i]=n,t.forEach(function(t,s){n[s]=e(t,r)}),n;default:return t}},getLanguage:function(t){for(;t;){var r=e.exec(t.className);if(r)return r[1].toLowerCase();t=t.parentElement}return"none"},setLanguage:function(t,r){t.className=t.className.replace(RegExp(e,"gi"),""),t.classList.add("language-"+r)},isActive:function(e,t,r){for(var s="no-"+t;e;){var n=e.classList;if(n.contains(t))return!0;if(n.contains(s))return!1;e=e.parentElement}return!!r}},languages:{plain:r,plaintext:r,text:r,txt:r,extend:function(e,t){var r=s.util.clone(s.languages[e]);for(var n in t)r[n]=t[n];return r},insertBefore:function(e,t,r,n){var i=(n=n||s.languages)[e],a={};for(var o in i)if(i.hasOwnProperty(o)){if(o==t)for(var c in r)r.hasOwnProperty(c)&amp;&amp;(a[c]=r[c]);r.hasOwnProperty(o)||(a[o]=i[o])}var p=n[e];return n[e]=a,s.languages.DFS(s.languages,function(t,r){r===p&amp;&amp;t!=e&amp;&amp;(this[t]=a)}),a},DFS:function e(t,r,n,i){i=i||{};var a=s.util.objId;for(var o in t)if(t.hasOwnProperty(o)){r.call(t,o,t[o],n||o);var c=t[o],p=s.util.type(c);"Object"!==p||i[a(c)]?"Array"!==p||i[a(c)]||(i[a(c)]=!0,e(c,r,o,i)):(i[a(c)]=!0,e(c,r,null,i))}}},plugins:{},highlight:function(e,t,r){var i={code:e,grammar:t,language:r};if(s.hooks.run("before-tokenize",i),!i.grammar)throw Error('The language "'+i.language+'" has no grammar.');return i.tokens=s.tokenize(i.code,i.grammar),s.hooks.run("after-tokenize",i),n.stringify(s.util.encode(i.tokens),i.language)},tokenize:function(e,t){var r=t.rest;if(r){for(var c in r)t[c]=r[c];delete t.rest}var p=new a;return o(p,p.head,e),function e(t,r,a,c,p,d){for(var u in a)if(a.hasOwnProperty(u)&amp;&amp;a[u]){var l=a[u];l=Array.isArray(l)?l:[l];for(var m=0;m&lt;l.length;++m){if(d&amp;&amp;d.cause==u+","+m)return;var h=l[m],g=h.inside,f=!!h.lookbehind,y=!!h.greedy,v=h.alias;if(y&amp;&amp;!h.pattern.global){var b=h.pattern.toString().match(/[imsuy]*$/)[0];h.pattern=RegExp(h.pattern.source,b+"g")}for(var w=h.pattern||h,x=c.next,S=p;x!==r.tail&amp;&amp;(!d||!(S&gt;=d.reach));S+=x.value.length,x=x.next){var _,A=x.value;if(r.length&gt;t.length)return;if(!(A instanceof n)){var q=1;if(y){if(!(_=i(w,S,t,f))||_.index&gt;=t.length)break;var k=_.index,T=_.index+_[0].length,z=S;for(z+=x.value.length;k&gt;=z;)z+=(x=x.next).value.length;if(z-=x.value.length,S=z,x.value instanceof n)continue;for(var j=x;j!==r.tail&amp;&amp;(z&lt;T||"string"==typeof j.value);j=j.next)q++,z+=j.value.length;q--,A=t.slice(S,z),_.index-=S}else if(!(_=i(w,0,A,f)))continue;var k=_.index,I=_[0],P=A.slice(0,k),$=A.slice(k+I.length),R=S+A.length;d&amp;&amp;R&gt;d.reach&amp;&amp;(d.reach=R);var E=x.prev;if(P&amp;&amp;(E=o(r,E,P),S+=P.length),function(e,t,r){for(var s=t.next,n=0;n&lt;r&amp;&amp;s!==e.tail;n++)s=s.next;t.next=s,s.prev=t,e.length-=n}(r,E,q),x=o(r,E,new n(u,g?s.tokenize(I,g):I,v,I)),$&amp;&amp;o(r,x,$),q&gt;1){var O={cause:u+","+m,reach:R};e(t,r,a,x.prev,S,O),d&amp;&amp;O.reach&gt;d.reach&amp;&amp;(d.reach=O.reach)}}}}}}(e,p,t,p.head,0),function(e){for(var t=[],r=e.head.next;r!==e.tail;)t.push(r.value),r=r.next;return t}(p)},hooks:{all:{},add:function(e,t){var r=s.hooks.all;r[e]=r[e]||[],r[e].push(t)},run:function(e,t){var r=s.hooks.all[e];if(r&amp;&amp;r.length)for(var n,i=0;n=r[i++];)n(t)}},Token:n};function n(e,t,r,s){this.type=e,this.content=t,this.alias=r,this.length=0|(s||"").length}function i(e,t,r,s){e.lastIndex=t;var n=e.exec(r);if(n&amp;&amp;s&amp;&amp;n[1]){var i=n[1].length;n.index+=i,n[0]=n[0].slice(i)}return n}function a(){var e={value:null,prev:null,next:null},t={value:null,prev:e,next:null};e.next=t,this.head=e,this.tail=t,this.length=0}function o(e,t,r){var s=t.next,n={value:r,prev:t,next:s};return t.next=n,s.prev=n,e.length++,n}return n.stringify=function e(t,r){if("string"==typeof t)return t;if(Array.isArray(t)){var n="";return t.forEach(function(t){n+=e(t,r)}),n}var i={type:t.type,content:e(t.content,r),tag:"span",classes:["token",t.type],attributes:{},language:r},a=t.alias;a&amp;&amp;(Array.isArray(a)?Array.prototype.push.apply(i.classes,a):i.classes.push(a)),s.hooks.run("wrap",i);var o="";for(var c in i.attributes)o+=" "+c+'="'+(i.attributes[c]||"").replace(/"/g,"&amp;quot;")+'"';return"&lt;"+i.tag+' class="'+i.classes.join(" ")+'"'+o+"&gt;"+i.content+"&lt;/"+i.tag+"&gt;"},s}();t.exports=r,r.default=r}},function(){return n||(0,s[P(s)[0]])((n={exports:{}}).exports,n),n.exports})())?k(R(i)):{},((e,t,r,s)=&gt;{if(t&amp;&amp;"object"==typeof t||"function"==typeof t)for(let n of P(t))E.call(e,n)||n===r||T(e,n,{get:()=&gt;t[n],enumerable:!(s=j(t,n))||s.enumerable});return e})(!a&amp;&amp;i&amp;&amp;i.__esModule?o:T(o,"default",{value:i,enumerable:!0}),i));N.languages.markup={comment:{pattern:/&lt;!--(?:(?!&lt;!--)[\s\S])*?--&gt;/,greedy:!0},prolog:{pattern:/&lt;\?[\s\S]+?\?&gt;/,greedy:!0},doctype:{pattern:/&lt;!DOCTYPE(?:[^&gt;"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^&lt;"'\]]|"[^"]*"|'[^']*'|&lt;(?!!--)|&lt;!--(?:[^-]|-(?!-&gt;))*--&gt;)*\]\s*)?&gt;/i,greedy:!0,inside:{"internal-subset":{pattern:/(^[^\[]*\[)[\s\S]+(?=\]&gt;$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^&lt;!|&gt;$|[[\]]/,"doctype-tag":/^DOCTYPE/i,name:/[^\s&lt;&gt;'"]+/}},cdata:{pattern:/&lt;!\[CDATA\[[\s\S]*?\]\]&gt;/i,greedy:!0},tag:{pattern:/&lt;\/?(?!\d)[^\s&gt;\/=$&lt;%]+(?:\s(?:\s*[^\s&gt;\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'"&gt;=]+(?=[\s&gt;]))|(?=[\s/&gt;])))+)?\s*\/?&gt;/,greedy:!0,inside:{tag:{pattern:/^&lt;\/?[^\s&gt;\/]+/,inside:{punctuation:/^&lt;\/?/,namespace:/^[^\s&gt;\/:]+:/}},"special-attr":[],"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'"&gt;=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},{pattern:/^(\s*)["']|["']$/,lookbehind:!0}]}},punctuation:/\/?&gt;/,"attr-name":{pattern:/[^\s&gt;\/]+/,inside:{namespace:/^[^\s&gt;\/:]+:/}}}},entity:[{pattern:/&amp;[\da-z]{1,8};/i,alias:"named-entity"},/&amp;#x?[\da-f]{1,8};/i]},N.languages.markup.tag.inside["attr-value"].inside.entity=N.languages.markup.entity,N.languages.markup.doctype.inside["internal-subset"].inside=N.languages.markup,N.hooks.add("wrap",function(e){"entity"===e.type&amp;&amp;(e.attributes.title=e.content.replace(/&amp;amp;/,"&amp;"))}),Object.defineProperty(N.languages.markup.tag,"addInlined",{value:function(e,t){var r={},r=(r["language-"+t]={pattern:/(^&lt;!\[CDATA\[)[\s\S]+?(?=\]\]&gt;$)/i,lookbehind:!0,inside:N.languages[t]},r.cdata=/^&lt;!\[CDATA\[|\]\]&gt;$/i,{"included-cdata":{pattern:/&lt;!\[CDATA\[[\s\S]*?\]\]&gt;/i,inside:r}}),t=(r["language-"+t]={pattern:/[\s\S]+/,inside:N.languages[t]},{});t[e]={pattern:RegExp(/(&lt;__[^&gt;]*&gt;)(?:&lt;!\[CDATA\[(?:[^\]]|\](?!\]&gt;))*\]\]&gt;|(?!&lt;!\[CDATA\[)[\s\S])*?(?=&lt;\/__&gt;)/.source.replace(/__/g,function(){return e}),"i"),lookbehind:!0,greedy:!0,inside:r},N.languages.insertBefore("markup","cdata",t)}}),Object.defineProperty(N.languages.markup.tag,"addAttribute",{value:function(e,t){N.languages.markup.tag.inside["special-attr"].push({pattern:RegExp(/(^|["'\s])/.source+"(?:"+e+")"+/\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'"&gt;=]+(?=[\s&gt;]))/.source,"i"),lookbehind:!0,inside:{"attr-name":/^[^\s=]+/,"attr-value":{pattern:/=[\s\S]+/,inside:{value:{pattern:/(^=\s*(["']|(?!["'])))\S[\s\S]*(?=\2$)/,lookbehind:!0,alias:[t,"language-"+t],inside:N.languages[t]},punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}}}})}}),N.languages.html=N.languages.markup,N.languages.mathml=N.languages.markup,N.languages.svg=N.languages.markup,N.languages.xml=N.languages.extend("markup",{}),N.languages.ssml=N.languages.xml,N.languages.atom=N.languages.xml,N.languages.rss=N.languages.xml,c={pattern:/\\[\\(){}[\]^$+*?|.]/,alias:"escape"},d=RegExp((d="(?:[^\\\\-]|"+(p=/\\(?:x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]+\}|0[0-7]{0,2}|[123][0-7]{2}|c[a-zA-Z]|.)/).source+")")+"-"+d),u={pattern:/(&lt;|')[^&lt;&gt;']+(?=[&gt;']$)/,lookbehind:!0,alias:"variable"},N.languages.regex={"char-class":{pattern:/((?:^|[^\\])(?:\\\\)*)\[(?:[^\\\]]|\\[\s\S])*\]/,lookbehind:!0,inside:{"char-class-negation":{pattern:/(^\[)\^/,lookbehind:!0,alias:"operator"},"char-class-punctuation":{pattern:/^\[|\]$/,alias:"punctuation"},range:{pattern:d,inside:{escape:p,"range-punctuation":{pattern:/-/,alias:"operator"}}},"special-escape":c,"char-set":{pattern:/\\[wsd]|\\p\{[^{}]+\}/i,alias:"class-name"},escape:p}},"special-escape":c,"char-set":{pattern:/\.|\\[wsd]|\\p\{[^{}]+\}/i,alias:"class-name"},backreference:[{pattern:/\\(?![123][0-7]{2})[1-9]/,alias:"keyword"},{pattern:/\\k&lt;[^&lt;&gt;']+&gt;/,alias:"keyword",inside:{"group-name":u}}],anchor:{pattern:/[$^]|\\[ABbGZz]/,alias:"function"},escape:p,group:[{pattern:/\((?:\?(?:&lt;[^&lt;&gt;']+&gt;|'[^&lt;&gt;']+'|[&gt;:]|&lt;?[=!]|[idmnsuxU]+(?:-[idmnsuxU]+)?:?))?/,alias:"punctuation",inside:{"group-name":u}},{pattern:/\)/,alias:"punctuation"}],quantifier:{pattern:/(?:[+*?]|\{\d+(?:,\d*)?\})[?+]?/,alias:"number"},alternation:{pattern:/\|/,alias:"keyword"}},N.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0,greedy:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/(\b(?:class|extends|implements|instanceof|interface|new|trait)\s+|\bcatch\s+\()[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:break|catch|continue|do|else|finally|for|function|if|in|instanceof|new|null|return|throw|try|while)\b/,boolean:/\b(?:false|true)\b/,function:/\b\w+(?=\()/,number:/\b0x[\da-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/[&lt;&gt;]=?|[!=]=?=?|--?|\+\+?|&amp;&amp;?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/},N.languages.javascript=N.languages.extend("clike",{"class-name":[N.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$A-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\.(?:constructor|prototype))/,lookbehind:!0}],keyword:[{pattern:/((?:^|\})\s*)catch\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|assert(?=\s*\{)|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally(?=\s*(?:\{|$))|for|from(?=\s*(?:['"]|$))|function|(?:get|set)(?=\s*(?:[#\[$\w\xA0-\uFFFF]|$))|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],function:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,number:{pattern:RegExp(/(^|[^\w$])/.source+"(?:"+/NaN|Infinity/.source+"|"+/0[bB][01]+(?:_[01]+)*n?/.source+"|"+/0[oO][0-7]+(?:_[0-7]+)*n?/.source+"|"+/0[xX][\dA-Fa-f]+(?:_[\dA-Fa-f]+)*n?/.source+"|"+/\d+(?:_\d+)*n/.source+"|"+/(?:\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\.\d+(?:_\d+)*)(?:[Ee][+-]?\d+(?:_\d+)*)?/.source+")"+/(?![\w$])/.source),lookbehind:!0},operator:/--|\+\+|\*\*=?|=&gt;|&amp;&amp;=?|\|\|=?|[!=]==|&lt;&lt;=?|&gt;&gt;&gt;?=?|[-+*/%&amp;|^!=&lt;&gt;]=?|\.{3}|\?\?=?|\?\.?|[~:]/}),N.languages.javascript["class-name"][0].pattern=/(\b(?:class|extends|implements|instanceof|interface|new)\s+)[\w.\\]+/,N.languages.insertBefore("javascript","keyword",{regex:{pattern:RegExp(/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)/.source+/\//.source+"(?:"+/(?:\[(?:[^\]\\\r\n]|\\.)*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}/.source+"|"+/(?:\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.)*\])*\])*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}v[dgimyus]{0,7}/.source+")"+/(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/.source),lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:N.languages.regex},"regex-delimiter":/^\/|\/$/,"regex-flags":/^[a-z]+$/}},"function-variable":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=&gt;))/,alias:"function"},parameter:[{pattern:/(function(?:\s+(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)?\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\))/,lookbehind:!0,inside:N.languages.javascript},{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=&gt;)/i,lookbehind:!0,inside:N.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*=&gt;)/,lookbehind:!0,inside:N.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*\{)/,lookbehind:!0,inside:N.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/}),N.languages.insertBefore("javascript","string",{hashbang:{pattern:/^#!.*/,greedy:!0,alias:"comment"},"template-string":{pattern:/`(?:\\[\s\S]|\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}|(?!\$\{)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\$\{|\}$/,alias:"punctuation"},rest:N.languages.javascript}},string:/[\s\S]+/}},"string-property":{pattern:/((?:^|[,{])[ \t]*)(["'])(?:\\(?:\r\n|[\s\S])|(?!\2)[^\\\r\n])*\2(?=\s*:)/m,lookbehind:!0,greedy:!0,alias:"property"}}),N.languages.insertBefore("javascript","operator",{"literal-property":{pattern:/((?:^|[,{])[ \t]*)(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*:)/m,lookbehind:!0,alias:"property"}}),N.languages.markup&amp;&amp;(N.languages.markup.tag.addInlined("script","javascript"),N.languages.markup.tag.addAttribute(/on(?:abort|blur|change|click|composition(?:end|start|update)|dblclick|error|focus(?:in|out)?|key(?:down|up)|load|mouse(?:down|enter|leave|move|out|over|up)|reset|resize|scroll|select|slotchange|submit|unload|wheel)/.source,"javascript")),N.languages.js=N.languages.javascript,N.languages.actionscript=N.languages.extend("javascript",{keyword:/\b(?:as|break|case|catch|class|const|default|delete|do|dynamic|each|else|extends|final|finally|for|function|get|if|implements|import|in|include|instanceof|interface|internal|is|namespace|native|new|null|override|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|use|var|void|while|with)\b/,operator:/\+\+|--|(?:[+\-*\/%^]|&amp;&amp;?|\|\|?|&lt;&lt;?|&gt;&gt;?&gt;?|[!=]=?)=?|[~?@]/}),N.languages.actionscript["class-name"].alias="function",delete N.languages.actionscript.parameter,delete N.languages.actionscript["literal-property"],N.languages.markup&amp;&amp;N.languages.insertBefore("actionscript","string",{xml:{pattern:/(^|[^.])&lt;\/?\w+(?:\s+[^\s&gt;\/=]+=("|')(?:\\[\s\S]|(?!\2)[^\\])*\2)*\s*\/?&gt;/,lookbehind:!0,inside:N.languages.markup}}),l=/#(?!\{).+/,m={pattern:/#\{[^}]+\}/,alias:"variable"},N.languages.coffeescript=N.languages.extend("javascript",{comment:l,string:[{pattern:/'(?:\\[\s\S]|[^\\'])*'/,greedy:!0},{pattern:/"(?:\\[\s\S]|[^\\"])*"/,greedy:!0,inside:{interpolation:m}}],keyword:/\b(?:and|break|by|catch|class|continue|debugger|delete|do|each|else|extend|extends|false|finally|for|if|in|instanceof|is|isnt|let|loop|namespace|new|no|not|null|of|off|on|or|own|return|super|switch|then|this|throw|true|try|typeof|undefined|unless|until|when|while|window|with|yes|yield)\b/,"class-member":{pattern:/@(?!\d)\w+/,alias:"variable"}}),N.languages.insertBefore("coffeescript","comment",{"multiline-comment":{pattern:/###[\s\S]+?###/,alias:"comment"},"block-regex":{pattern:/\/{3}[\s\S]*?\/{3}/,alias:"regex",inside:{comment:l,interpolation:m}}}),N.languages.insertBefore("coffeescript","string",{"inline-javascript":{pattern:/`(?:\\[\s\S]|[^\\`])*`/,inside:{delimiter:{pattern:/^`|`$/,alias:"punctuation"},script:{pattern:/[\s\S]+/,alias:"language-javascript",inside:N.languages.javascript}}},"multiline-string":[{pattern:/'''[\s\S]*?'''/,greedy:!0,alias:"string"},{pattern:/"""[\s\S]*?"""/,greedy:!0,alias:"string",inside:{interpolation:m}}]}),N.languages.insertBefore("coffeescript","keyword",{property:/(?!\d)\w+(?=\s*:(?!:))/}),delete N.languages.coffeescript["template-string"],N.languages.coffee=N.languages.coffeescript,Object.defineProperty(h=N.languages.javadoclike={parameter:{pattern:/(^[\t ]*(?:\/{3}|\*|\/\*\*)\s*@(?:arg|arguments|param)\s+)\w+/m,lookbehind:!0},keyword:{pattern:/(^[\t ]*(?:\/{3}|\*|\/\*\*)\s*|\{)@[a-z][a-zA-Z-]+\b/m,lookbehind:!0},punctuation:/[{}]/},"addSupport",{value:function(e,t){(e="string"==typeof e?[e]:e).forEach(function(e){var r=function(e){e.inside||(e.inside={}),e.inside.rest=t},s="doc-comment";if(n=N.languages[e]){var n,i=n[s];if((i=i||(n=N.languages.insertBefore(e,"comment",{"doc-comment":{pattern:/(^|[^\\])\/\*\*[^/][\s\S]*?(?:\*\/|$)/,lookbehind:!0,alias:"comment"}}))[s])instanceof RegExp&amp;&amp;(i=n[s]={pattern:i}),Array.isArray(i))for(var a=0,o=i.length;a&lt;o;a++)i[a]instanceof RegExp&amp;&amp;(i[a]={pattern:i[a]}),r(i[a]);else r(i)}})}}),h.addSupport(["java","javascript","php"],h),g=/(?:"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n])*')/,N.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:RegExp("@[\\w-](?:"+/[^;{\s"']|\s+(?!\s)/.source+"|"+g.source+")*?"+/(?:;|(?=\s*\{))/.source),inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\(\s*(?![\s)]))(?:[^()\s]|\s+(?![\s)])|\((?:[^()]|\([^()]*\))*\))+(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+g.source+"|"+/(?:[^\\\r\n()"']|\\[\s\S])*/.source+")\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+g.source+"$"),alias:"url"}}},selector:{pattern:RegExp("(^|[{}\\s])[^{}\\s](?:[^{};\"'\\s]|\\s+(?![\\s{])|"+g.source+")*(?=\\s*\\{)"),lookbehind:!0},string:{pattern:g,greedy:!0},property:{pattern:/(^|[^-\w\xA0-\uFFFF])(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*(?=\s*:)/i,lookbehind:!0},important:/!important\b/i,function:{pattern:/(^|[^-a-z0-9])[-a-z0-9]+(?=\()/i,lookbehind:!0},punctuation:/[(){};:,]/},N.languages.css.atrule.inside.rest=N.languages.css,(g=N.languages.markup)&amp;&amp;(g.tag.addInlined("style","css"),g.tag.addAttribute("style","css")),function(e){var t=/("|')(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,t=(e.languages.css.selector={pattern:e.languages.css.selector.pattern,lookbehind:!0,inside:t={"pseudo-element":/:(?:after|before|first-letter|first-line|selection)|::[-\w]+/,"pseudo-class":/:[-\w]+/,class:/\.[-\w]+/,id:/#[-\w]+/,attribute:{pattern:RegExp("\\[(?:[^[\\]\"']|"+t.source+")*\\]"),greedy:!0,inside:{punctuation:/^\[|\]$/,"case-sensitivity":{pattern:/(\s)[si]$/i,lookbehind:!0,alias:"keyword"},namespace:{pattern:/^(\s*)(?:(?!\s)[-*\w\xA0-\uFFFF])*\|(?!=)/,lookbehind:!0,inside:{punctuation:/\|$/}},"attr-name":{pattern:/^(\s*)(?:(?!\s)[-\w\xA0-\uFFFF])+/,lookbehind:!0},"attr-value":[t,{pattern:/(=\s*)(?:(?!\s)[-\w\xA0-\uFFFF])+(?=\s*$)/,lookbehind:!0}],operator:/[|~*^$]?=/}},"n-th":[{pattern:/(\(\s*)[+-]?\d*[\dn](?:\s*[+-]\s*\d+)?(?=\s*\))/,lookbehind:!0,inside:{number:/[\dn]+/,operator:/[+-]/}},{pattern:/(\(\s*)(?:even|odd)(?=\s*\))/i,lookbehind:!0}],combinator:/&gt;|\+|~|\|\|/,punctuation:/[(),]/}},e.languages.css.atrule.inside["selector-function-argument"].inside=t,e.languages.insertBefore("css","property",{variable:{pattern:/(^|[^-\w\xA0-\uFFFF])--(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*/i,lookbehind:!0}}),{pattern:/(\b\d+)(?:%|[a-z]+(?![\w-]))/,lookbehind:!0}),r={pattern:/(^|[^\w.-])-?(?:\d+(?:\.\d+)?|\.\d+)/,lookbehind:!0};e.languages.insertBefore("css","function",{operator:{pattern:/(\s)[+\-*\/](?=\s)/,lookbehind:!0},hexcode:{pattern:/\B#[\da-f]{3,8}\b/i,alias:"color"},color:[{pattern:/(^|[^\w-])(?:AliceBlue|AntiqueWhite|Aqua|Aquamarine|Azure|Beige|Bisque|Black|BlanchedAlmond|Blue|BlueViolet|Brown|BurlyWood|CadetBlue|Chartreuse|Chocolate|Coral|CornflowerBlue|Cornsilk|Crimson|Cyan|DarkBlue|DarkCyan|DarkGoldenRod|DarkGr[ae]y|DarkGreen|DarkKhaki|DarkMagenta|DarkOliveGreen|DarkOrange|DarkOrchid|DarkRed|DarkSalmon|DarkSeaGreen|DarkSlateBlue|DarkSlateGr[ae]y|DarkTurquoise|DarkViolet|DeepPink|DeepSkyBlue|DimGr[ae]y|DodgerBlue|FireBrick|FloralWhite|ForestGreen|Fuchsia|Gainsboro|GhostWhite|Gold|GoldenRod|Gr[ae]y|Green|GreenYellow|HoneyDew|HotPink|IndianRed|Indigo|Ivory|Khaki|Lavender|LavenderBlush|LawnGreen|LemonChiffon|LightBlue|LightCoral|LightCyan|LightGoldenRodYellow|LightGr[ae]y|LightGreen|LightPink|LightSalmon|LightSeaGreen|LightSkyBlue|LightSlateGr[ae]y|LightSteelBlue|LightYellow|Lime|LimeGreen|Linen|Magenta|Maroon|MediumAquaMarine|MediumBlue|MediumOrchid|MediumPurple|MediumSeaGreen|MediumSlateBlue|MediumSpringGreen|MediumTurquoise|MediumVioletRed|MidnightBlue|MintCream|MistyRose|Moccasin|NavajoWhite|Navy|OldLace|Olive|OliveDrab|Orange|OrangeRed|Orchid|PaleGoldenRod|PaleGreen|PaleTurquoise|PaleVioletRed|PapayaWhip|PeachPuff|Peru|Pink|Plum|PowderBlue|Purple|RebeccaPurple|Red|RosyBrown|RoyalBlue|SaddleBrown|Salmon|SandyBrown|SeaGreen|SeaShell|Sienna|Silver|SkyBlue|SlateBlue|SlateGr[ae]y|Snow|SpringGreen|SteelBlue|Tan|Teal|Thistle|Tomato|Transparent|Turquoise|Violet|Wheat|White|WhiteSmoke|Yellow|YellowGreen)(?![\w-])/i,lookbehind:!0},{pattern:/\b(?:hsl|rgb)\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*\)\B|\b(?:hsl|rgb)a\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*,\s*(?:0|0?\.\d+|1)\s*\)\B/i,inside:{unit:t,number:r,function:/[\w-]+(?=\()/,punctuation:/[(),]/}}],entity:/\\[\da-f]{1,8}/i,unit:t,number:r})}(N),function(e){var t=/[*&amp;][^\s[\]{},]+/,r=/!(?:&lt;[\w\-%#;/?:@&amp;=+$,.!~*'()[\]]+&gt;|(?:[a-zA-Z\d-]*!)?[\w\-%#;/?:@&amp;=+$.~*'()]+)?/,s="(?:"+r.source+"(?:[ 	]+"+t.source+")?|"+t.source+"(?:[ 	]+"+r.source+")?)",n=/(?:[^\s\x00-\x08\x0e-\x1f!"#%&amp;'*,\-:&gt;?@[\]`{|}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]|[?:-]&lt;PLAIN&gt;)(?:[ \t]*(?:(?![#:])&lt;PLAIN&gt;|:&lt;PLAIN&gt;))*/.source.replace(/&lt;PLAIN&gt;/g,function(){return/[^\s\x00-\x08\x0e-\x1f,[\]{}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]/.source}),i=/"(?:[^"\\\r\n]|\\.)*"|'(?:[^'\\\r\n]|\\.)*'/.source;function a(e,t){return t=(t||"").replace(/m/g,"")+"m",RegExp(/([:\-,[{]\s*(?:\s&lt;&lt;prop&gt;&gt;[ \t]+)?)(?:&lt;&lt;value&gt;&gt;)(?=[ \t]*(?:$|,|\]|\}|(?:[\r\n]\s*)?#))/.source.replace(/&lt;&lt;prop&gt;&gt;/g,function(){return s}).replace(/&lt;&lt;value&gt;&gt;/g,function(){return e}),t)}e.languages.yaml={scalar:{pattern:RegExp(/([\-:]\s*(?:\s&lt;&lt;prop&gt;&gt;[ \t]+)?[|&gt;])[ \t]*(?:((?:\r?\n|\r)[ \t]+)\S[^\r\n]*(?:\2[^\r\n]+)*)/.source.replace(/&lt;&lt;prop&gt;&gt;/g,function(){return s})),lookbehind:!0,alias:"string"},comment:/#.*/,key:{pattern:RegExp(/((?:^|[:\-,[{\r\n?])[ \t]*(?:&lt;&lt;prop&gt;&gt;[ \t]+)?)&lt;&lt;key&gt;&gt;(?=\s*:\s)/.source.replace(/&lt;&lt;prop&gt;&gt;/g,function(){return s}).replace(/&lt;&lt;key&gt;&gt;/g,function(){return"(?:"+n+"|"+i+")"})),lookbehind:!0,greedy:!0,alias:"atrule"},directive:{pattern:/(^[ \t]*)%.+/m,lookbehind:!0,alias:"important"},datetime:{pattern:a(/\d{4}-\d\d?-\d\d?(?:[tT]|[ \t]+)\d\d?:\d{2}:\d{2}(?:\.\d*)?(?:[ \t]*(?:Z|[-+]\d\d?(?::\d{2})?))?|\d{4}-\d{2}-\d{2}|\d\d?:\d{2}(?::\d{2}(?:\.\d*)?)?/.source),lookbehind:!0,alias:"number"},boolean:{pattern:a(/false|true/.source,"i"),lookbehind:!0,alias:"important"},null:{pattern:a(/null|~/.source,"i"),lookbehind:!0,alias:"important"},string:{pattern:a(i),lookbehind:!0,greedy:!0},number:{pattern:a(/[+-]?(?:0x[\da-f]+|0o[0-7]+|(?:\d+(?:\.\d*)?|\.\d+)(?:e[+-]?\d+)?|\.inf|\.nan)/.source,"i"),lookbehind:!0},tag:r,important:t,punctuation:/---|[:[\]{}\-,|&gt;?]|\.\.\./},e.languages.yml=e.languages.yaml}(N),function(e){var t=/(?:\\.|[^\\\n\r]|(?:\n|\r\n?)(?![\r\n]))/.source;function r(e){return e=e.replace(/&lt;inner&gt;/g,function(){return t}),RegExp(/((?:^|[^\\])(?:\\{2})*)/.source+"(?:"+e+")")}var s=/(?:\\.|``(?:[^`\r\n]|`(?!`))+``|`[^`\r\n]+`|[^\\|\r\n`])+/.source,n=/\|?__(?:\|__)+\|?(?:(?:\n|\r\n?)|(?![\s\S]))/.source.replace(/__/g,function(){return s}),i=/\|?[ \t]*:?-{3,}:?[ \t]*(?:\|[ \t]*:?-{3,}:?[ \t]*)+\|?(?:\n|\r\n?)/.source,a=(e.languages.markdown=e.languages.extend("markup",{}),e.languages.insertBefore("markdown","prolog",{"front-matter-block":{pattern:/(^(?:\s*[\r\n])?)---(?!.)[\s\S]*?[\r\n]---(?!.)/,lookbehind:!0,greedy:!0,inside:{punctuation:/^---|---$/,"front-matter":{pattern:/\S+(?:\s+\S+)*/,alias:["yaml","language-yaml"],inside:e.languages.yaml}}},blockquote:{pattern:/^&gt;(?:[\t ]*&gt;)*/m,alias:"punctuation"},table:{pattern:RegExp("^"+n+i+"(?:"+n+")*","m"),inside:{"table-data-rows":{pattern:RegExp("^("+n+i+")(?:"+n+")*$"),lookbehind:!0,inside:{"table-data":{pattern:RegExp(s),inside:e.languages.markdown},punctuation:/\|/}},"table-line":{pattern:RegExp("^("+n+")"+i+"$"),lookbehind:!0,inside:{punctuation:/\||:?-{3,}:?/}},"table-header-row":{pattern:RegExp("^"+n+"$"),inside:{"table-header":{pattern:RegExp(s),alias:"important",inside:e.languages.markdown},punctuation:/\|/}}}},code:[{pattern:/((?:^|\n)[ \t]*\n|(?:^|\r\n?)[ \t]*\r\n?)(?: {4}|\t).+(?:(?:\n|\r\n?)(?: {4}|\t).+)*/,lookbehind:!0,alias:"keyword"},{pattern:/^```[\s\S]*?^```$/m,greedy:!0,inside:{"code-block":{pattern:/^(```.*(?:\n|\r\n?))[\s\S]+?(?=(?:\n|\r\n?)^```$)/m,lookbehind:!0},"code-language":{pattern:/^(```).+/,lookbehind:!0},punctuation:/```/}}],title:[{pattern:/\S.*(?:\n|\r\n?)(?:==+|--+)(?=[ \t]*$)/m,alias:"important",inside:{punctuation:/==+$|--+$/}},{pattern:/(^\s*)#.+/m,lookbehind:!0,alias:"important",inside:{punctuation:/^#+|#+$/}}],hr:{pattern:/(^\s*)([*-])(?:[\t ]*\2){2,}(?=\s*$)/m,lookbehind:!0,alias:"punctuation"},list:{pattern:/(^\s*)(?:[*+-]|\d+\.)(?=[\t ].)/m,lookbehind:!0,alias:"punctuation"},"url-reference":{pattern:/!?\[[^\]]+\]:[\t ]+(?:\S+|&lt;(?:\\.|[^&gt;\\])+&gt;)(?:[\t ]+(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\)))?/,inside:{variable:{pattern:/^(!?\[)[^\]]+/,lookbehind:!0},string:/(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\))$/,punctuation:/^[\[\]!:]|[&lt;&gt;]/},alias:"url"},bold:{pattern:r(/\b__(?:(?!_)&lt;inner&gt;|_(?:(?!_)&lt;inner&gt;)+_)+__\b|\*\*(?:(?!\*)&lt;inner&gt;|\*(?:(?!\*)&lt;inner&gt;)+\*)+\*\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^..)[\s\S]+(?=..$)/,lookbehind:!0,inside:{}},punctuation:/\*\*|__/}},italic:{pattern:r(/\b_(?:(?!_)&lt;inner&gt;|__(?:(?!_)&lt;inner&gt;)+__)+_\b|\*(?:(?!\*)&lt;inner&gt;|\*\*(?:(?!\*)&lt;inner&gt;)+\*\*)+\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^.)[\s\S]+(?=.$)/,lookbehind:!0,inside:{}},punctuation:/[*_]/}},strike:{pattern:r(/(~~?)(?:(?!~)&lt;inner&gt;)+\2/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^~~?)[\s\S]+(?=\1$)/,lookbehind:!0,inside:{}},punctuation:/~~?/}},"code-snippet":{pattern:/(^|[^\\`])(?:``[^`\r\n]+(?:`[^`\r\n]+)*``(?!`)|`[^`\r\n]+`(?!`))/,lookbehind:!0,greedy:!0,alias:["code","keyword"]},url:{pattern:r(/!?\[(?:(?!\])&lt;inner&gt;)+\](?:\([^\s)]+(?:[\t ]+"(?:\\.|[^"\\])*")?\)|[ \t]?\[(?:(?!\])&lt;inner&gt;)+\])/.source),lookbehind:!0,greedy:!0,inside:{operator:/^!/,content:{pattern:/(^\[)[^\]]+(?=\])/,lookbehind:!0,inside:{}},variable:{pattern:/(^\][ \t]?\[)[^\]]+(?=\]$)/,lookbehind:!0},url:{pattern:/(^\]\()[^\s)]+/,lookbehind:!0},string:{pattern:/(^[ \t]+)"(?:\\.|[^"\\])*"(?=\)$)/,lookbehind:!0}}}}),["url","bold","italic","strike"].forEach(function(t){["url","bold","italic","strike","code-snippet"].forEach(function(r){t!==r&amp;&amp;(e.languages.markdown[t].inside.content.inside[r]=e.languages.markdown[r])})}),e.hooks.add("after-tokenize",function(e){"markdown"!==e.language&amp;&amp;"md"!==e.language||function e(t){if(t&amp;&amp;"string"!=typeof t)for(var r=0,s=t.length;r&lt;s;r++){var n,i=t[r];"code"!==i.type?e(i.content):(n=i.content[1],i=i.content[3],n&amp;&amp;i&amp;&amp;"code-language"===n.type&amp;&amp;"code-block"===i.type&amp;&amp;"string"==typeof n.content&amp;&amp;(n=n.content.replace(/\b#/g,"sharp").replace(/\b\+\+/g,"pp"),n="language-"+(n=(/[a-z][\w-]*/i.exec(n)||[""])[0].toLowerCase()),i.alias?"string"==typeof i.alias?i.alias=[i.alias,n]:i.alias.push(n):i.alias=[n]))}}(e.tokens)}),e.hooks.add("wrap",function(t){if("code-block"===t.type){for(var r,s="",n=0,i=t.classes.length;n&lt;i;n++){var p=t.classes[n],p=/language-(.+)/.exec(p);if(p){s=p[1];break}}var d,u=e.languages[s];u?t.content=e.highlight((0,t.content).replace(a,"").replace(/&amp;(\w{1,8}|#x?[\da-f]{1,8});/gi,function(e,t){return"#"===(t=t.toLowerCase())[0]?c("x"===t[1]?parseInt(t.slice(2),16):Number(t.slice(1))):o[t]||e}),u,s):s&amp;&amp;"none"!==s&amp;&amp;e.plugins.autoloader&amp;&amp;(d="md-"+new Date().valueOf()+"-"+Math.floor(1e16*Math.random()),t.attributes.id=d,e.plugins.autoloader.loadLanguages(s,function(){var t=document.getElementById(d);t&amp;&amp;(t.innerHTML=e.highlight(t.textContent,e.languages[s],s))}))}}),RegExp(e.languages.markup.tag.pattern.source,"gi")),o={amp:"&amp;",lt:"&lt;",gt:"&gt;",quot:'"'},c=String.fromCodePoint||String.fromCharCode;e.languages.md=e.languages.markdown}(N),N.languages.graphql={comment:/#.*/,description:{pattern:/(?:"""(?:[^"]|(?!""")")*"""|"(?:\\.|[^\\"\r\n])*")(?=\s*[a-z_])/i,greedy:!0,alias:"string",inside:{"language-markdown":{pattern:/(^"(?:"")?)(?!\1)[\s\S]+(?=\1$)/,lookbehind:!0,inside:N.languages.markdown}}},string:{pattern:/"""(?:[^"]|(?!""")")*"""|"(?:\\.|[^\\"\r\n])*"/,greedy:!0},number:/(?:\B-|\b)\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,boolean:/\b(?:false|true)\b/,variable:/\$[a-z_]\w*/i,directive:{pattern:/@[a-z_]\w*/i,alias:"function"},"attr-name":{pattern:/\b[a-z_]\w*(?=\s*(?:\((?:[^()"]|"(?:\\.|[^\\"\r\n])*")*\))?:)/i,greedy:!0},"atom-input":{pattern:/\b[A-Z]\w*Input\b/,alias:"class-name"},scalar:/\b(?:Boolean|Float|ID|Int|String)\b/,constant:/\b[A-Z][A-Z_\d]*\b/,"class-name":{pattern:/(\b(?:enum|implements|interface|on|scalar|type|union)\s+|&amp;\s*|:\s*|\[)[A-Z_]\w*/,lookbehind:!0},fragment:{pattern:/(\bfragment\s+|\.{3}\s*(?!on\b))[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},"definition-mutation":{pattern:/(\bmutation\s+)[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},"definition-query":{pattern:/(\bquery\s+)[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},keyword:/\b(?:directive|enum|extend|fragment|implements|input|interface|mutation|on|query|repeatable|scalar|schema|subscription|type|union)\b/,operator:/[!=|&amp;]|\.{3}/,"property-query":/\w+(?=\s*\()/,object:/\w+(?=\s*\{)/,punctuation:/[!(){}\[\]:=,]/,property:/\w+/},N.hooks.add("after-tokenize",function(e){if("graphql"===e.language)for(var t=e.tokens.filter(function(e){return"string"!=typeof e&amp;&amp;"comment"!==e.type&amp;&amp;"scalar"!==e.type}),r=0;r&lt;t.length;){var s=t[r++];if("keyword"===s.type&amp;&amp;"mutation"===s.content){var n=[];if(d(["definition-mutation","punctuation"])&amp;&amp;"("===t[r+1].content){r+=2;var i=u(/^\($/,/^\)$/);if(-1===i)continue;for(;r&lt;i;r++){var a=t[r+0];"variable"===a.type&amp;&amp;(l(a,"variable-input"),n.push(a.content))}r=i+1}if(d(["punctuation","property-query"])&amp;&amp;"{"===t[r+0].content&amp;&amp;(l(t[++r+0],"property-mutation"),0&lt;n.length)){var o=u(/^\{$/,/^\}$/);if(-1!==o)for(var c=r;c&lt;o;c++){var p=t[c];"variable"===p.type&amp;&amp;0&lt;=n.indexOf(p.content)&amp;&amp;l(p,"variable-input")}}}}function d(e,s){s=s||0;for(var n=0;n&lt;e.length;n++){var i=t[r+(n+s)];if(!i||i.type!==e[n])return}return 1}function u(e,s){for(var n=1,i=r;i&lt;t.length;i++){var a=t[i],o=a.content;if("punctuation"===a.type&amp;&amp;"string"==typeof o){if(e.test(o))n++;else if(s.test(o)&amp;&amp;0==--n)return i}}return -1}function l(e,t){var r=e.alias;r?Array.isArray(r)||(e.alias=r=[r]):e.alias=r=[],r.push(t)}}),N.languages.sql={comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|(?:--|\/\/|#).*)/,lookbehind:!0},variable:[{pattern:/@(["'`])(?:\\[\s\S]|(?!\1)[^\\])+\1/,greedy:!0},/@[\w.$]+/],string:{pattern:/(^|[^@\\])("|')(?:\\[\s\S]|(?!\2)[^\\]|\2\2)*\2/,greedy:!0,lookbehind:!0},identifier:{pattern:/(^|[^@\\])`(?:\\[\s\S]|[^`\\]|``)*`/,greedy:!0,lookbehind:!0,inside:{punctuation:/^`|`$/}},function:/\b(?:AVG|COUNT|FIRST|FORMAT|LAST|LCASE|LEN|MAX|MID|MIN|MOD|NOW|ROUND|SUM|UCASE)(?=\s*\()/i,keyword:/\b(?:ACTION|ADD|AFTER|ALGORITHM|ALL|ALTER|ANALYZE|ANY|APPLY|AS|ASC|AUTHORIZATION|AUTO_INCREMENT|BACKUP|BDB|BEGIN|BERKELEYDB|BIGINT|BINARY|BIT|BLOB|BOOL|BOOLEAN|BREAK|BROWSE|BTREE|BULK|BY|CALL|CASCADED?|CASE|CHAIN|CHAR(?:ACTER|SET)?|CHECK(?:POINT)?|CLOSE|CLUSTERED|COALESCE|COLLATE|COLUMNS?|COMMENT|COMMIT(?:TED)?|COMPUTE|CONNECT|CONSISTENT|CONSTRAINT|CONTAINS(?:TABLE)?|CONTINUE|CONVERT|CREATE|CROSS|CURRENT(?:_DATE|_TIME|_TIMESTAMP|_USER)?|CURSOR|CYCLE|DATA(?:BASES?)?|DATE(?:TIME)?|DAY|DBCC|DEALLOCATE|DEC|DECIMAL|DECLARE|DEFAULT|DEFINER|DELAYED|DELETE|DELIMITERS?|DENY|DESC|DESCRIBE|DETERMINISTIC|DISABLE|DISCARD|DISK|DISTINCT|DISTINCTROW|DISTRIBUTED|DO|DOUBLE|DROP|DUMMY|DUMP(?:FILE)?|DUPLICATE|ELSE(?:IF)?|ENABLE|ENCLOSED|END|ENGINE|ENUM|ERRLVL|ERRORS|ESCAPED?|EXCEPT|EXEC(?:UTE)?|EXISTS|EXIT|EXPLAIN|EXTENDED|FETCH|FIELDS|FILE|FILLFACTOR|FIRST|FIXED|FLOAT|FOLLOWING|FOR(?: EACH ROW)?|FORCE|FOREIGN|FREETEXT(?:TABLE)?|FROM|FULL|FUNCTION|GEOMETRY(?:COLLECTION)?|GLOBAL|GOTO|GRANT|GROUP|HANDLER|HASH|HAVING|HOLDLOCK|HOUR|IDENTITY(?:COL|_INSERT)?|IF|IGNORE|IMPORT|INDEX|INFILE|INNER|INNODB|INOUT|INSERT|INT|INTEGER|INTERSECT|INTERVAL|INTO|INVOKER|ISOLATION|ITERATE|JOIN|KEYS?|KILL|LANGUAGE|LAST|LEAVE|LEFT|LEVEL|LIMIT|LINENO|LINES|LINESTRING|LOAD|LOCAL|LOCK|LONG(?:BLOB|TEXT)|LOOP|MATCH(?:ED)?|MEDIUM(?:BLOB|INT|TEXT)|MERGE|MIDDLEINT|MINUTE|MODE|MODIFIES|MODIFY|MONTH|MULTI(?:LINESTRING|POINT|POLYGON)|NATIONAL|NATURAL|NCHAR|NEXT|NO|NONCLUSTERED|NULLIF|NUMERIC|OFF?|OFFSETS?|ON|OPEN(?:DATASOURCE|QUERY|ROWSET)?|OPTIMIZE|OPTION(?:ALLY)?|ORDER|OUT(?:ER|FILE)?|OVER|PARTIAL|PARTITION|PERCENT|PIVOT|PLAN|POINT|POLYGON|PRECEDING|PRECISION|PREPARE|PREV|PRIMARY|PRINT|PRIVILEGES|PROC(?:EDURE)?|PUBLIC|PURGE|QUICK|RAISERROR|READS?|REAL|RECONFIGURE|REFERENCES|RELEASE|RENAME|REPEAT(?:ABLE)?|REPLACE|REPLICATION|REQUIRE|RESIGNAL|RESTORE|RESTRICT|RETURN(?:ING|S)?|REVOKE|RIGHT|ROLLBACK|ROUTINE|ROW(?:COUNT|GUIDCOL|S)?|RTREE|RULE|SAVE(?:POINT)?|SCHEMA|SECOND|SELECT|SERIAL(?:IZABLE)?|SESSION(?:_USER)?|SET(?:USER)?|SHARE|SHOW|SHUTDOWN|SIMPLE|SMALLINT|SNAPSHOT|SOME|SONAME|SQL|START(?:ING)?|STATISTICS|STATUS|STRIPED|SYSTEM_USER|TABLES?|TABLESPACE|TEMP(?:ORARY|TABLE)?|TERMINATED|TEXT(?:SIZE)?|THEN|TIME(?:STAMP)?|TINY(?:BLOB|INT|TEXT)|TOP?|TRAN(?:SACTIONS?)?|TRIGGER|TRUNCATE|TSEQUAL|TYPES?|UNBOUNDED|UNCOMMITTED|UNDEFINED|UNION|UNIQUE|UNLOCK|UNPIVOT|UNSIGNED|UPDATE(?:TEXT)?|USAGE|USE|USER|USING|VALUES?|VAR(?:BINARY|CHAR|CHARACTER|YING)|VIEW|WAITFOR|WARNINGS|WHEN|WHERE|WHILE|WITH(?: ROLLUP|IN)?|WORK|WRITE(?:TEXT)?|YEAR)\b/i,boolean:/\b(?:FALSE|NULL|TRUE)\b/i,number:/\b0x[\da-f]+\b|\b\d+(?:\.\d*)?|\B\.\d+\b/i,operator:/[-+*\/=%^~]|&amp;&amp;?|\|\|?|!=?|&lt;(?:=&gt;?|&lt;|&gt;)?|&gt;[&gt;=]?|\b(?:AND|BETWEEN|DIV|ILIKE|IN|IS|LIKE|NOT|OR|REGEXP|RLIKE|SOUNDS LIKE|XOR)\b/i,punctuation:/[;[\]()`,.]/},function(e){var t=e.languages.javascript["template-string"],r=t.pattern.source,s=t.inside.interpolation,n=s.inside["interpolation-punctuation"],i=s.pattern.source;function a(t,s){if(e.languages[t])return{pattern:RegExp("((?:"+s+")\\s*)"+r),lookbehind:!0,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},"embedded-code":{pattern:/[\s\S]+/,alias:t}}}}function o(t,r,s){return t={code:t,grammar:r,language:s},e.hooks.run("before-tokenize",t),t.tokens=e.tokenize(t.code,t.grammar),e.hooks.run("after-tokenize",t),t.tokens}e.languages.javascript["template-string"]=[a("css",/\b(?:styled(?:\([^)]*\))?(?:\s*\.\s*\w+(?:\([^)]*\))*)*|css(?:\s*\.\s*(?:global|resolve))?|createGlobalStyle|keyframes)/.source),a("html",/\bhtml|\.\s*(?:inner|outer)HTML\s*\+?=/.source),a("svg",/\bsvg/.source),a("markdown",/\b(?:markdown|md)/.source),a("graphql",/\b(?:gql|graphql(?:\s*\.\s*experimental)?)/.source),a("sql",/\bsql/.source),t].filter(Boolean);var c={javascript:!0,js:!0,typescript:!0,ts:!0,jsx:!0,tsx:!0};e.hooks.add("after-tokenize",function(t){t.language in c&amp;&amp;function t(r){for(var a=0,c=r.length;a&lt;c;a++){var p,d,u,l=r[a];"string"!=typeof l&amp;&amp;(Array.isArray(p=l.content)?"template-string"===l.type?(l=p[1],3===p.length&amp;&amp;"string"!=typeof l&amp;&amp;"embedded-code"===l.type&amp;&amp;(d=function e(t){return"string"==typeof t?t:Array.isArray(t)?t.map(e).join(""):e(t.content)}(l),l=Array.isArray(l=l.alias)?l[0]:l,u=e.languages[l])&amp;&amp;(p[1]=function(t,r,a){var c=e.tokenize(t,{interpolation:{pattern:RegExp(i),lookbehind:!0}}),p=0,d={},c=o(c.map(function(e){if("string"==typeof e)return e;for(var r,s,e=e.content;-1!==t.indexOf((s=p++,r="___"+a.toUpperCase()+"_"+s+"___")););return d[r]=e,r}).join(""),r,a),u=Object.keys(d);return p=0,function t(r){for(var i=0;i&lt;r.length;i++){if(p&gt;=u.length)return;var a,c,l,m,h,g,f,y=r[i];"string"==typeof y||"string"==typeof y.content?(a=u[p],-1!==(f=(g="string"==typeof y?y:y.content).indexOf(a))&amp;&amp;(++p,c=g.substring(0,f),h=d[a],l=void 0,(m={})["interpolation-punctuation"]=n,3===(m=e.tokenize(h,m)).length&amp;&amp;((l=[1,1]).push.apply(l,o(m[1],e.languages.javascript,"javascript")),m.splice.apply(m,l)),l=new e.Token("interpolation",m,s.alias,h),m=g.substring(f+a.length),h=[],c&amp;&amp;h.push(c),h.push(l),m&amp;&amp;(t(g=[m]),h.push.apply(h,g)),"string"==typeof y?(r.splice.apply(r,[i,1].concat(h)),i+=h.length-1):y.content=h)):Array.isArray(f=y.content)?t(f):t([f])}}(c),new e.Token(a,c,"language-"+a,t)}(d,u,l))):t(p):"string"!=typeof p&amp;&amp;t([p]))}}(t.tokens)})}(N),N.languages.typescript=N.languages.extend("javascript",{"class-name":{pattern:/(\b(?:class|extends|implements|instanceof|interface|new|type)\s+)(?!keyof\b)(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?:\s*&lt;(?:[^&lt;&gt;]|&lt;(?:[^&lt;&gt;]|&lt;[^&lt;&gt;]*&gt;)*&gt;)*&gt;)?/,lookbehind:!0,greedy:!0,inside:null},builtin:/\b(?:Array|Function|Promise|any|boolean|console|never|number|string|symbol|unknown)\b/}),N.languages.typescript.keyword.push(/\b(?:abstract|declare|is|keyof|readonly|require)\b/,/\b(?:asserts|infer|interface|module|namespace|type)\b(?=\s*(?:[{_$a-zA-Z\xA0-\uFFFF]|$))/,/\btype\b(?=\s*(?:[\{*]|$))/),delete N.languages.typescript.parameter,delete N.languages.typescript["literal-property"],f=N.languages.extend("typescript",{}),delete f["class-name"],N.languages.typescript["class-name"].inside=f,N.languages.insertBefore("typescript","function",{decorator:{pattern:/@[$\w\xA0-\uFFFF]+/,inside:{at:{pattern:/^@/,alias:"operator"},function:/^[\s\S]+/}},"generic-function":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*&lt;(?:[^&lt;&gt;]|&lt;(?:[^&lt;&gt;]|&lt;[^&lt;&gt;]*&gt;)*&gt;)*&gt;(?=\s*\()/,greedy:!0,inside:{function:/^#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*/,generic:{pattern:/&lt;[\s\S]+/,alias:"class-name",inside:f}}}}),N.languages.ts=N.languages.typescript,y=N.languages.javascript,b="(@(?:arg|argument|param|property)\\s+(?:"+(v=/\{(?:[^{}]|\{(?:[^{}]|\{[^{}]*\})*\})+\}/.source)+"\\s+)?)",N.languages.jsdoc=N.languages.extend("javadoclike",{parameter:{pattern:RegExp(b+/(?:(?!\s)[$\w\xA0-\uFFFF.])+(?=\s|$)/.source),lookbehind:!0,inside:{punctuation:/\./}}}),N.languages.insertBefore("jsdoc","keyword",{"optional-parameter":{pattern:RegExp(b+/\[(?:(?!\s)[$\w\xA0-\uFFFF.])+(?:=[^[\]]+)?\](?=\s|$)/.source),lookbehind:!0,inside:{parameter:{pattern:/(^\[)[$\w\xA0-\uFFFF\.]+/,lookbehind:!0,inside:{punctuation:/\./}},code:{pattern:/(=)[\s\S]*(?=\]$)/,lookbehind:!0,inside:y,alias:"language-javascript"},punctuation:/[=[\]]/}},"class-name":[{pattern:RegExp(/(@(?:augments|class|extends|interface|memberof!?|template|this|typedef)\s+(?:&lt;TYPE&gt;\s+)?)[A-Z]\w*(?:\.[A-Z]\w*)*/.source.replace(/&lt;TYPE&gt;/g,function(){return v})),lookbehind:!0,inside:{punctuation:/\./}},{pattern:RegExp("(@[a-z]+\\s+)"+v),lookbehind:!0,inside:{string:y.string,number:y.number,boolean:y.boolean,keyword:N.languages.typescript.keyword,operator:/=&gt;|\.\.\.|[&amp;|?:*]/,punctuation:/[.,;=&lt;&gt;{}()[\]]/}}],example:{pattern:/(@example\s+(?!\s))(?:[^@\s]|\s+(?!\s))+?(?=\s*(?:\*\s*)?(?:@\w|\*\/))/,lookbehind:!0,inside:{code:{pattern:/^([\t ]*(?:\*\s*)?)\S.*$/m,lookbehind:!0,inside:y,alias:"language-javascript"}}}}),N.languages.javadoclike.addSupport("javascript",N.languages.jsdoc),N.languages.flow=N.languages.extend("javascript",{}),N.languages.insertBefore("flow","keyword",{type:[{pattern:/\b(?:[Bb]oolean|Function|[Nn]umber|[Ss]tring|[Ss]ymbol|any|mixed|null|void)\b/,alias:"class-name"}]}),N.languages.flow["function-variable"].pattern=/(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=\s*(?:function\b|(?:\([^()]*\)(?:\s*:\s*\w+)?|(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=&gt;))/i,delete N.languages.flow.parameter,N.languages.insertBefore("flow","operator",{"flow-punctuation":{pattern:/\{\||\|\}/,alias:"punctuation"}}),Array.isArray(N.languages.flow.keyword)||(N.languages.flow.keyword=[N.languages.flow.keyword]),N.languages.flow.keyword.unshift({pattern:/(^|[^$]\b)(?:Class|declare|opaque|type)\b(?!\$)/,lookbehind:!0},{pattern:/(^|[^$]\B)\$(?:Diff|Enum|Exact|Keys|ObjMap|PropertyType|Record|Shape|Subtype|Supertype|await)\b(?!\$)/,lookbehind:!0}),N.languages.n4js=N.languages.extend("javascript",{keyword:/\b(?:Array|any|boolean|break|case|catch|class|const|constructor|continue|debugger|declare|default|delete|do|else|enum|export|extends|false|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|module|new|null|number|package|private|protected|public|return|set|static|string|super|switch|this|throw|true|try|typeof|var|void|while|with|yield)\b/}),N.languages.insertBefore("n4js","constant",{annotation:{pattern:/@+\w+/,alias:"operator"}}),N.languages.n4jsd=N.languages.n4js,function(e){function t(e,t){return RegExp(e.replace(/&lt;ID&gt;/g,function(){return/(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*/.source}),t)}e.languages.insertBefore("javascript","function-variable",{"method-variable":{pattern:RegExp("(\\.\\s*)"+e.languages.javascript["function-variable"].pattern.source),lookbehind:!0,alias:["function-variable","method","function","property-access"]}}),e.languages.insertBefore("javascript","function",{method:{pattern:RegExp("(\\.\\s*)"+e.languages.javascript.function.source),lookbehind:!0,alias:["function","property-access"]}}),e.languages.insertBefore("javascript","constant",{"known-class-name":[{pattern:/\b(?:(?:Float(?:32|64)|(?:Int|Uint)(?:8|16|32)|Uint8Clamped)?Array|ArrayBuffer|BigInt|Boolean|DataView|Date|Error|Function|Intl|JSON|(?:Weak)?(?:Map|Set)|Math|Number|Object|Promise|Proxy|Reflect|RegExp|String|Symbol|WebAssembly)\b/,alias:"class-name"},{pattern:/\b(?:[A-Z]\w*)Error\b/,alias:"class-name"}]}),e.languages.insertBefore("javascript","keyword",{imports:{pattern:t(/(\bimport\b\s*)(?:&lt;ID&gt;(?:\s*,\s*(?:\*\s*as\s+&lt;ID&gt;|\{[^{}]*\}))?|\*\s*as\s+&lt;ID&gt;|\{[^{}]*\})(?=\s*\bfrom\b)/.source),lookbehind:!0,inside:e.languages.javascript},exports:{pattern:t(/(\bexport\b\s*)(?:\*(?:\s*as\s+&lt;ID&gt;)?(?=\s*\bfrom\b)|\{[^{}]*\})/.source),lookbehind:!0,inside:e.languages.javascript}}),e.languages.javascript.keyword.unshift({pattern:/\b(?:as|default|export|from|import)\b/,alias:"module"},{pattern:/\b(?:await|break|catch|continue|do|else|finally|for|if|return|switch|throw|try|while|yield)\b/,alias:"control-flow"},{pattern:/\bnull\b/,alias:["null","nil"]},{pattern:/\bundefined\b/,alias:"nil"}),e.languages.insertBefore("javascript","operator",{spread:{pattern:/\.{3}/,alias:"operator"},arrow:{pattern:/=&gt;/,alias:"operator"}}),e.languages.insertBefore("javascript","punctuation",{"property-access":{pattern:t(/(\.\s*)#?&lt;ID&gt;/.source),lookbehind:!0},"maybe-class-name":{pattern:/(^|[^$\w\xA0-\uFFFF])[A-Z][$\w\xA0-\uFFFF]+/,lookbehind:!0},dom:{pattern:/\b(?:document|(?:local|session)Storage|location|navigator|performance|window)\b/,alias:"variable"},console:{pattern:/\bconsole(?=\s*\.)/,alias:"class-name"}});for(var r=["function","function-variable","method","method-variable","property-access"],s=0;s&lt;r.length;s++){var n=r[s],i=e.languages.javascript[n],n=(i="RegExp"===e.util.type(i)?e.languages.javascript[n]={pattern:i}:i).inside||{};(i.inside=n)["maybe-class-name"]=/^[A-Z][\s\S]*/}}(N),function(e){var t=e.util.clone(e.languages.javascript),r=/(?:\s|\/\/.*(?!.)|\/\*(?:[^*]|\*(?!\/))\*\/)/.source,s=/(?:\{(?:\{(?:\{[^{}]*\}|[^{}])*\}|[^{}])*\})/.source,n=/(?:\{&lt;S&gt;*\.{3}(?:[^{}]|&lt;BRACES&gt;)*\})/.source;function i(e,t){return RegExp(e=e.replace(/&lt;S&gt;/g,function(){return r}).replace(/&lt;BRACES&gt;/g,function(){return s}).replace(/&lt;SPREAD&gt;/g,function(){return n}),t)}n=i(n).source,e.languages.jsx=e.languages.extend("markup",t),e.languages.jsx.tag.pattern=i(/&lt;\/?(?:[\w.:-]+(?:&lt;S&gt;+(?:[\w.:$-]+(?:=(?:"(?:\\[\s\S]|[^\\"])*"|'(?:\\[\s\S]|[^\\'])*'|[^\s{'"/&gt;=]+|&lt;BRACES&gt;))?|&lt;SPREAD&gt;))*&lt;S&gt;*\/?)?&gt;/.source),e.languages.jsx.tag.inside.tag.pattern=/^&lt;\/?[^\s&gt;\/]*/,e.languages.jsx.tag.inside["attr-value"].pattern=/=(?!\{)(?:"(?:\\[\s\S]|[^\\"])*"|'(?:\\[\s\S]|[^\\'])*'|[^\s'"&gt;]+)/,e.languages.jsx.tag.inside.tag.inside["class-name"]=/^[A-Z]\w*(?:\.[A-Z]\w*)*$/,e.languages.jsx.tag.inside.comment=t.comment,e.languages.insertBefore("inside","attr-name",{spread:{pattern:i(/&lt;SPREAD&gt;/.source),inside:e.languages.jsx}},e.languages.jsx.tag),e.languages.insertBefore("inside","special-attr",{script:{pattern:i(/=&lt;BRACES&gt;/.source),alias:"language-javascript",inside:{"script-punctuation":{pattern:/^=(?=\{)/,alias:"punctuation"},rest:e.languages.jsx}}},e.languages.jsx.tag);var a=function(e){return e?"string"==typeof e?e:"string"==typeof e.content?e.content:e.content.map(a).join(""):""};e.hooks.add("after-tokenize",function(t){"jsx"!==t.language&amp;&amp;"tsx"!==t.language||function t(r){for(var s=[],n=0;n&lt;r.length;n++){var i=r[n],o=!1;"string"!=typeof i&amp;&amp;("tag"===i.type&amp;&amp;i.content[0]&amp;&amp;"tag"===i.content[0].type?"&lt;/"===i.content[0].content[0].content?0&lt;s.length&amp;&amp;s[s.length-1].tagName===a(i.content[0].content[1])&amp;&amp;s.pop():"/&gt;"!==i.content[i.content.length-1].content&amp;&amp;s.push({tagName:a(i.content[0].content[1]),openedBraces:0}):0&lt;s.length&amp;&amp;"punctuation"===i.type&amp;&amp;"{"===i.content?s[s.length-1].openedBraces++:0&lt;s.length&amp;&amp;0&lt;s[s.length-1].openedBraces&amp;&amp;"punctuation"===i.type&amp;&amp;"}"===i.content?s[s.length-1].openedBraces--:o=!0),(o||"string"==typeof i)&amp;&amp;0&lt;s.length&amp;&amp;0===s[s.length-1].openedBraces&amp;&amp;(o=a(i),n&lt;r.length-1&amp;&amp;("string"==typeof r[n+1]||"plain-text"===r[n+1].type)&amp;&amp;(o+=a(r[n+1]),r.splice(n+1,1)),0&lt;n&amp;&amp;("string"==typeof r[n-1]||"plain-text"===r[n-1].type)&amp;&amp;(o=a(r[n-1])+o,r.splice(n-1,1),n--),r[n]=new e.Token("plain-text",o,null,o)),i.content&amp;&amp;"string"!=typeof i.content&amp;&amp;t(i.content)}}(t.tokens)})}(N),w=N.util.clone(N.languages.typescript),(N.languages.tsx=N.languages.extend("jsx",w),delete N.languages.tsx.parameter,delete N.languages.tsx["literal-property"],w=N.languages.tsx.tag).pattern=RegExp(/(^|[^\w$]|(?=&lt;\/))/.source+"(?:"+w.pattern.source+")",w.pattern.flags),w.lookbehind=!0,N.languages.swift={comment:{pattern:/(^|[^\\:])(?:\/\/.*|\/\*(?:[^/*]|\/(?!\*)|\*(?!\/)|\/\*(?:[^*]|\*(?!\/))*\*\/)*\*\/)/,lookbehind:!0,greedy:!0},"string-literal":[{pattern:RegExp(/(^|[^"#])/.source+"(?:"+/"(?:\\(?:\((?:[^()]|\([^()]*\))*\)|\r\n|[^(])|[^\\\r\n"])*"/.source+"|"+/"""(?:\\(?:\((?:[^()]|\([^()]*\))*\)|[^(])|[^\\"]|"(?!""))*"""/.source+")"+/(?!["#])/.source),lookbehind:!0,greedy:!0,inside:{interpolation:{pattern:/(\\\()(?:[^()]|\([^()]*\))*(?=\))/,lookbehind:!0,inside:null},"interpolation-punctuation":{pattern:/^\)|\\\($/,alias:"punctuation"},punctuation:/\\(?=[\r\n])/,string:/[\s\S]+/}},{pattern:RegExp(/(^|[^"#])(#+)/.source+"(?:"+/"(?:\\(?:#+\((?:[^()]|\([^()]*\))*\)|\r\n|[^#])|[^\\\r\n])*?"/.source+"|"+/"""(?:\\(?:#+\((?:[^()]|\([^()]*\))*\)|[^#])|[^\\])*?"""/.source+")\\2"),lookbehind:!0,greedy:!0,inside:{interpolation:{pattern:/(\\#+\()(?:[^()]|\([^()]*\))*(?=\))/,lookbehind:!0,inside:null},"interpolation-punctuation":{pattern:/^\)|\\#+\($/,alias:"punctuation"},string:/[\s\S]+/}}],directive:{pattern:RegExp(/#/.source+"(?:"+/(?:elseif|if)\b/.source+"(?:[ 	]*"+/(?:![ \t]*)?(?:\b\w+\b(?:[ \t]*\((?:[^()]|\([^()]*\))*\))?|\((?:[^()]|\([^()]*\))*\))(?:[ \t]*(?:&amp;&amp;|\|\|))?/.source+")+|"+/(?:else|endif)\b/.source+")"),alias:"property",inside:{"directive-name":/^#\w+/,boolean:/\b(?:false|true)\b/,number:/\b\d+(?:\.\d+)*\b/,operator:/!|&amp;&amp;|\|\||[&lt;&gt;]=?/,punctuation:/[(),]/}},literal:{pattern:/#(?:colorLiteral|column|dsohandle|file(?:ID|Literal|Path)?|function|imageLiteral|line)\b/,alias:"constant"},"other-directive":{pattern:/#\w+\b/,alias:"property"},attribute:{pattern:/@\w+/,alias:"atrule"},"function-definition":{pattern:/(\bfunc\s+)\w+/,lookbehind:!0,alias:"function"},label:{pattern:/\b(break|continue)\s+\w+|\b[a-zA-Z_]\w*(?=\s*:\s*(?:for|repeat|while)\b)/,lookbehind:!0,alias:"important"},keyword:/\b(?:Any|Protocol|Self|Type|actor|as|assignment|associatedtype|associativity|async|await|break|case|catch|class|continue|convenience|default|defer|deinit|didSet|do|dynamic|else|enum|extension|fallthrough|fileprivate|final|for|func|get|guard|higherThan|if|import|in|indirect|infix|init|inout|internal|is|isolated|lazy|left|let|lowerThan|mutating|none|nonisolated|nonmutating|open|operator|optional|override|postfix|precedencegroup|prefix|private|protocol|public|repeat|required|rethrows|return|right|safe|self|set|some|static|struct|subscript|super|switch|throw|throws|try|typealias|unowned|unsafe|var|weak|where|while|willSet)\b/,boolean:/\b(?:false|true)\b/,nil:{pattern:/\bnil\b/,alias:"constant"},"short-argument":/\$\d+\b/,omit:{pattern:/\b_\b/,alias:"keyword"},number:/\b(?:[\d_]+(?:\.[\de_]+)?|0x[a-f0-9_]+(?:\.[a-f0-9p_]+)?|0b[01_]+|0o[0-7_]+)\b/i,"class-name":/\b[A-Z](?:[A-Z_\d]*[a-z]\w*)?\b/,function:/\b[a-z_]\w*(?=\s*\()/i,constant:/\b(?:[A-Z_]{2,}|k[A-Z][A-Za-z_]+)\b/,operator:/[-+*/%=!&lt;&gt;&amp;|^~?]+|\.[.\-+*/%=!&lt;&gt;&amp;|^~?]+/,punctuation:/[{}[\]();,.:\\]/},N.languages.swift["string-literal"].forEach(function(e){e.inside.interpolation.inside=N.languages.swift}),N.languages.kotlin=N.languages.extend("clike",{keyword:{pattern:/(^|[^.])\b(?:abstract|actual|annotation|as|break|by|catch|class|companion|const|constructor|continue|crossinline|data|do|dynamic|else|enum|expect|external|final|finally|for|fun|get|if|import|in|infix|init|inline|inner|interface|internal|is|lateinit|noinline|null|object|open|operator|out|override|package|private|protected|public|reified|return|sealed|set|super|suspend|tailrec|this|throw|to|try|typealias|val|var|vararg|when|where|while)\b/,lookbehind:!0},function:[{pattern:/(?:`[^\r\n`]+`|\b\w+)(?=\s*\()/,greedy:!0},{pattern:/(\.)(?:`[^\r\n`]+`|\w+)(?=\s*\{)/,lookbehind:!0,greedy:!0}],number:/\b(?:0[xX][\da-fA-F]+(?:_[\da-fA-F]+)*|0[bB][01]+(?:_[01]+)*|\d+(?:_\d+)*(?:\.\d+(?:_\d+)*)?(?:[eE][+-]?\d+(?:_\d+)*)?[fFL]?)\b/,operator:/\+[+=]?|-[-=&gt;]?|==?=?|!(?:!|==?)?|[\/*%&lt;&gt;]=?|[?:]:?|\.\.|&amp;&amp;|\|\||\b(?:and|inv|or|shl|shr|ushr|xor)\b/}),delete N.languages.kotlin["class-name"],x={"interpolation-punctuation":{pattern:/^\$\{?|\}$/,alias:"punctuation"},expression:{pattern:/[\s\S]+/,inside:N.languages.kotlin}},N.languages.insertBefore("kotlin","string",{"string-literal":[{pattern:/"""(?:[^$]|\$(?:(?!\{)|\{[^{}]*\}))*?"""/,alias:"multiline",inside:{interpolation:{pattern:/\$(?:[a-z_]\w*|\{[^{}]*\})/i,inside:x},string:/[\s\S]+/}},{pattern:/"(?:[^"\\\r\n$]|\\.|\$(?:(?!\{)|\{[^{}]*\}))*"/,alias:"singleline",inside:{interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\$(?:[a-z_]\w*|\{[^{}]*\})/i,lookbehind:!0,inside:x},string:/[\s\S]+/}}],char:{pattern:/'(?:[^'\\\r\n]|\\(?:.|u[a-fA-F0-9]{0,4}))'/,greedy:!0}}),delete N.languages.kotlin.string,N.languages.insertBefore("kotlin","keyword",{annotation:{pattern:/\B@(?:\w+:)?(?:[A-Z]\w*|\[[^\]]+\])/,alias:"builtin"}}),N.languages.insertBefore("kotlin","function",{label:{pattern:/\b\w+@|@\w+\b/,alias:"symbol"}}),N.languages.kt=N.languages.kotlin,N.languages.kts=N.languages.kotlin,N.languages.c=N.languages.extend("clike",{comment:{pattern:/\/\/(?:[^\r\n\\]|\\(?:\r\n?|\n|(?![\r\n])))*|\/\*[\s\S]*?(?:\*\/|$)/,greedy:!0},string:{pattern:/"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"/,greedy:!0},"class-name":{pattern:/(\b(?:enum|struct)\s+(?:__attribute__\s*\(\([\s\S]*?\)\)\s*)?)\w+|\b[a-z]\w*_t\b/,lookbehind:!0},keyword:/\b(?:_Alignas|_Alignof|_Atomic|_Bool|_Complex|_Generic|_Imaginary|_Noreturn|_Static_assert|_Thread_local|__attribute__|asm|auto|break|case|char|const|continue|default|do|double|else|enum|extern|float|for|goto|if|inline|int|long|register|return|short|signed|sizeof|static|struct|switch|typedef|typeof|union|unsigned|void|volatile|while)\b/,function:/\b[a-z_]\w*(?=\s*\()/i,number:/(?:\b0x(?:[\da-f]+(?:\.[\da-f]*)?|\.[\da-f]+)(?:p[+-]?\d+)?|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?)[ful]{0,4}/i,operator:/&gt;&gt;=?|&lt;&lt;=?|-&gt;|([-+&amp;|:])\1|[?:~]|[-+*/%&amp;|^!=&lt;&gt;]=?/}),N.languages.insertBefore("c","string",{char:{pattern:/'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n]){0,32}'/,greedy:!0}}),N.languages.insertBefore("c","string",{macro:{pattern:/(^[\t ]*)#\s*[a-z](?:[^\r\n\\/]|\/(?!\*)|\/\*(?:[^*]|\*(?!\/))*\*\/|\\(?:\r\n|[\s\S]))*/im,lookbehind:!0,greedy:!0,alias:"property",inside:{string:[{pattern:/^(#\s*include\s*)&lt;[^&gt;]+&gt;/,lookbehind:!0},N.languages.c.string],char:N.languages.c.char,comment:N.languages.c.comment,"macro-name":[{pattern:/(^#\s*define\s+)\w+\b(?!\()/i,lookbehind:!0},{pattern:/(^#\s*define\s+)\w+\b(?=\()/i,lookbehind:!0,alias:"function"}],directive:{pattern:/^(#\s*)[a-z]+/,lookbehind:!0,alias:"keyword"},"directive-hash":/^#/,punctuation:/##|\\(?=[\r\n])/,expression:{pattern:/\S[\s\S]*/,inside:N.languages.c}}}}),N.languages.insertBefore("c","function",{constant:/\b(?:EOF|NULL|SEEK_CUR|SEEK_END|SEEK_SET|__DATE__|__FILE__|__LINE__|__TIMESTAMP__|__TIME__|__func__|stderr|stdin|stdout)\b/}),delete N.languages.c.boolean,N.languages.objectivec=N.languages.extend("c",{string:{pattern:/@?"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"/,greedy:!0},keyword:/\b(?:asm|auto|break|case|char|const|continue|default|do|double|else|enum|extern|float|for|goto|if|in|inline|int|long|register|return|self|short|signed|sizeof|static|struct|super|switch|typedef|typeof|union|unsigned|void|volatile|while)\b|(?:@interface|@end|@implementation|@protocol|@class|@public|@protected|@private|@property|@try|@catch|@finally|@throw|@synthesize|@dynamic|@selector)\b/,operator:/-[-&gt;]?|\+\+?|!=?|&lt;&lt;?=?|&gt;&gt;?=?|==?|&amp;&amp;?|\|\|?|[~^%?*\/@]/}),delete N.languages.objectivec["class-name"],N.languages.objc=N.languages.objectivec,N.languages.reason=N.languages.extend("clike",{string:{pattern:/"(?:\\(?:\r\n|[\s\S])|[^\\\r\n"])*"/,greedy:!0},"class-name":/\b[A-Z]\w*/,keyword:/\b(?:and|as|assert|begin|class|constraint|do|done|downto|else|end|exception|external|for|fun|function|functor|if|in|include|inherit|initializer|lazy|let|method|module|mutable|new|nonrec|object|of|open|or|private|rec|sig|struct|switch|then|to|try|type|val|virtual|when|while|with)\b/,operator:/\.{3}|:[:=]|\|&gt;|-&gt;|=(?:==?|&gt;)?|&lt;=?|&gt;=?|[|^?'#!~`]|[+\-*\/]\.?|\b(?:asr|land|lor|lsl|lsr|lxor|mod)\b/}),N.languages.insertBefore("reason","class-name",{char:{pattern:/'(?:\\x[\da-f]{2}|\\o[0-3][0-7][0-7]|\\\d{3}|\\.|[^'\\\r\n])'/,greedy:!0},constructor:/\b[A-Z]\w*\b(?!\s*\.)/,label:{pattern:/\b[a-z]\w*(?=::)/,alias:"symbol"}}),delete N.languages.reason.function,function(e){for(var t=/\/\*(?:[^*/]|\*(?!\/)|\/(?!\*)|&lt;self&gt;)*\*\//.source,r=0;r&lt;2;r++)t=t.replace(/&lt;self&gt;/g,function(){return t});t=t.replace(/&lt;self&gt;/g,function(){return/[^\s\S]/.source}),e.languages.rust={comment:[{pattern:RegExp(/(^|[^\\])/.source+t),lookbehind:!0,greedy:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/b?"(?:\\[\s\S]|[^\\"])*"|b?r(#*)"(?:[^"]|"(?!\1))*"\1/,greedy:!0},char:{pattern:/b?'(?:\\(?:x[0-7][\da-fA-F]|u\{(?:[\da-fA-F]_*){1,6}\}|.)|[^\\\r\n\t'])'/,greedy:!0},attribute:{pattern:/#!?\[(?:[^\[\]"]|"(?:\\[\s\S]|[^\\"])*")*\]/,greedy:!0,alias:"attr-name",inside:{string:null}},"closure-params":{pattern:/([=(,:]\s*|\bmove\s*)\|[^|]*\||\|[^|]*\|(?=\s*(?:\{|-&gt;))/,lookbehind:!0,greedy:!0,inside:{"closure-punctuation":{pattern:/^\||\|$/,alias:"punctuation"},rest:null}},"lifetime-annotation":{pattern:/'\w+/,alias:"symbol"},"fragment-specifier":{pattern:/(\$\w+:)[a-z]+/,lookbehind:!0,alias:"punctuation"},variable:/\$\w+/,"function-definition":{pattern:/(\bfn\s+)\w+/,lookbehind:!0,alias:"function"},"type-definition":{pattern:/(\b(?:enum|struct|trait|type|union)\s+)\w+/,lookbehind:!0,alias:"class-name"},"module-declaration":[{pattern:/(\b(?:crate|mod)\s+)[a-z][a-z_\d]*/,lookbehind:!0,alias:"namespace"},{pattern:/(\b(?:crate|self|super)\s*)::\s*[a-z][a-z_\d]*\b(?:\s*::(?:\s*[a-z][a-z_\d]*\s*::)*)?/,lookbehind:!0,alias:"namespace",inside:{punctuation:/::/}}],keyword:[/\b(?:Self|abstract|as|async|await|become|box|break|const|continue|crate|do|dyn|else|enum|extern|final|fn|for|if|impl|in|let|loop|macro|match|mod|move|mut|override|priv|pub|ref|return|self|static|struct|super|trait|try|type|typeof|union|unsafe|unsized|use|virtual|where|while|yield)\b/,/\b(?:bool|char|f(?:32|64)|[ui](?:8|16|32|64|128|size)|str)\b/],function:/\b[a-z_]\w*(?=\s*(?:::\s*&lt;|\())/,macro:{pattern:/\b\w+!/,alias:"property"},constant:/\b[A-Z_][A-Z_\d]+\b/,"class-name":/\b[A-Z]\w*\b/,namespace:{pattern:/(?:\b[a-z][a-z_\d]*\s*::\s*)*\b[a-z][a-z_\d]*\s*::(?!\s*&lt;)/,inside:{punctuation:/::/}},number:/\b(?:0x[\dA-Fa-f](?:_?[\dA-Fa-f])*|0o[0-7](?:_?[0-7])*|0b[01](?:_?[01])*|(?:(?:\d(?:_?\d)*)?\.)?\d(?:_?\d)*(?:[Ee][+-]?\d+)?)(?:_?(?:f32|f64|[iu](?:8|16|32|64|size)?))?\b/,boolean:/\b(?:false|true)\b/,punctuation:/-&gt;|\.\.=|\.{1,3}|::|[{}[\];(),:]/,operator:/[-+*\/%!^]=?|=[=&gt;]?|&amp;[&amp;=]?|\|[|=]?|&lt;&lt;?=?|&gt;&gt;?=?|[@?]/},e.languages.rust["closure-params"].inside.rest=e.languages.rust,e.languages.rust.attribute.inside.string=e.languages.rust.string}(N),N.languages.go=N.languages.extend("clike",{string:{pattern:/(^|[^\\])"(?:\\.|[^"\\\r\n])*"|`[^`]*`/,lookbehind:!0,greedy:!0},keyword:/\b(?:break|case|chan|const|continue|default|defer|else|fallthrough|for|func|go(?:to)?|if|import|interface|map|package|range|return|select|struct|switch|type|var)\b/,boolean:/\b(?:_|false|iota|nil|true)\b/,number:[/\b0(?:b[01_]+|o[0-7_]+)i?\b/i,/\b0x(?:[a-f\d_]+(?:\.[a-f\d_]*)?|\.[a-f\d_]+)(?:p[+-]?\d+(?:_\d+)*)?i?(?!\w)/i,/(?:\b\d[\d_]*(?:\.[\d_]*)?|\B\.\d[\d_]*)(?:e[+-]?[\d_]+)?i?(?!\w)/i],operator:/[*\/%^!=]=?|\+[=+]?|-[=-]?|\|[=|]?|&amp;(?:=|&amp;|\^=?)?|&gt;(?:&gt;=?|=)?|&lt;(?:&lt;=?|=|-)?|:=|\.\.\./,builtin:/\b(?:append|bool|byte|cap|close|complex|complex(?:64|128)|copy|delete|error|float(?:32|64)|u?int(?:8|16|32|64)?|imag|len|make|new|panic|print(?:ln)?|real|recover|rune|string|uintptr)\b/}),N.languages.insertBefore("go","string",{char:{pattern:/'(?:\\.|[^'\\\r\n]){0,10}'/,greedy:!0}}),delete N.languages.go["class-name"],S=/\b(?:alignas|alignof|asm|auto|bool|break|case|catch|char|char16_t|char32_t|char8_t|class|co_await|co_return|co_yield|compl|concept|const|const_cast|consteval|constexpr|constinit|continue|decltype|default|delete|do|double|dynamic_cast|else|enum|explicit|export|extern|final|float|for|friend|goto|if|import|inline|int|int16_t|int32_t|int64_t|int8_t|long|module|mutable|namespace|new|noexcept|nullptr|operator|override|private|protected|public|register|reinterpret_cast|requires|return|short|signed|sizeof|static|static_assert|static_cast|struct|switch|template|this|thread_local|throw|try|typedef|typeid|typename|uint16_t|uint32_t|uint64_t|uint8_t|union|unsigned|using|virtual|void|volatile|wchar_t|while)\b/,_=/\b(?!&lt;keyword&gt;)\w+(?:\s*\.\s*\w+)*\b/.source.replace(/&lt;keyword&gt;/g,function(){return S.source}),N.languages.cpp=N.languages.extend("c",{"class-name":[{pattern:RegExp(/(\b(?:class|concept|enum|struct|typename)\s+)(?!&lt;keyword&gt;)\w+/.source.replace(/&lt;keyword&gt;/g,function(){return S.source})),lookbehind:!0},/\b[A-Z]\w*(?=\s*::\s*\w+\s*\()/,/\b[A-Z_]\w*(?=\s*::\s*~\w+\s*\()/i,/\b\w+(?=\s*&lt;(?:[^&lt;&gt;]|&lt;(?:[^&lt;&gt;]|&lt;[^&lt;&gt;]*&gt;)*&gt;)*&gt;\s*::\s*\w+\s*\()/],keyword:S,number:{pattern:/(?:\b0b[01']+|\b0x(?:[\da-f']+(?:\.[\da-f']*)?|\.[\da-f']+)(?:p[+-]?[\d']+)?|(?:\b[\d']+(?:\.[\d']*)?|\B\.[\d']+)(?:e[+-]?[\d']+)?)[ful]{0,4}/i,greedy:!0},operator:/&gt;&gt;=?|&lt;&lt;=?|-&gt;|--|\+\+|&amp;&amp;|\|\||[?:~]|&lt;=&gt;|[-+*/%&amp;|^!=&lt;&gt;]=?|\b(?:and|and_eq|bitand|bitor|not|not_eq|or|or_eq|xor|xor_eq)\b/,boolean:/\b(?:false|true)\b/}),N.languages.insertBefore("cpp","string",{module:{pattern:RegExp(/(\b(?:import|module)\s+)/.source+"(?:"+/"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|&lt;[^&lt;&gt;\r\n]*&gt;/.source+"|"+/&lt;mod-name&gt;(?:\s*:\s*&lt;mod-name&gt;)?|:\s*&lt;mod-name&gt;/.source.replace(/&lt;mod-name&gt;/g,function(){return _})+")"),lookbehind:!0,greedy:!0,inside:{string:/^[&lt;"][\s\S]+/,operator:/:/,punctuation:/\./}},"raw-string":{pattern:/R"([^()\\ ]{0,16})\([\s\S]*?\)\1"/,alias:"string",greedy:!0}}),N.languages.insertBefore("cpp","keyword",{"generic-function":{pattern:/\b(?!operator\b)[a-z_]\w*\s*&lt;(?:[^&lt;&gt;]|&lt;[^&lt;&gt;]*&gt;)*&gt;(?=\s*\()/i,inside:{function:/^\w+/,generic:{pattern:/&lt;[\s\S]+/,alias:"class-name",inside:N.languages.cpp}}}}),N.languages.insertBefore("cpp","operator",{"double-colon":{pattern:/::/,alias:"punctuation"}}),N.languages.insertBefore("cpp","class-name",{"base-clause":{pattern:/(\b(?:class|struct)\s+\w+\s*:\s*)[^;{}"'\s]+(?:\s+[^;{}"'\s]+)*(?=\s*[;{])/,lookbehind:!0,greedy:!0,inside:N.languages.extend("cpp",{})}}),N.languages.insertBefore("inside","double-colon",{"class-name":/\b[a-z_]\w*\b(?!\s*::)/i},N.languages.cpp["base-clause"]),N.languages.python={comment:{pattern:/(^|[^\\])#.*/,lookbehind:!0,greedy:!0},"string-interpolation":{pattern:/(?:f|fr|rf)(?:("""|''')[\s\S]*?\1|("|')(?:\\.|(?!\2)[^\\\r\n])*\2)/i,greedy:!0,inside:{interpolation:{pattern:/((?:^|[^{])(?:\{\{)*)\{(?!\{)(?:[^{}]|\{(?!\{)(?:[^{}]|\{(?!\{)(?:[^{}])+\})+\})+\}/,lookbehind:!0,inside:{"format-spec":{pattern:/(:)[^:(){}]+(?=\}$)/,lookbehind:!0},"conversion-option":{pattern:/![sra](?=[:}]$)/,alias:"punctuation"},rest:null}},string:/[\s\S]+/}},"triple-quoted-string":{pattern:/(?:[rub]|br|rb)?("""|''')[\s\S]*?\1/i,greedy:!0,alias:"string"},string:{pattern:/(?:[rub]|br|rb)?("|')(?:\\.|(?!\1)[^\\\r\n])*\1/i,greedy:!0},function:{pattern:/((?:^|\s)def[ \t]+)[a-zA-Z_]\w*(?=\s*\()/g,lookbehind:!0},"class-name":{pattern:/(\bclass\s+)\w+/i,lookbehind:!0},decorator:{pattern:/(^[\t ]*)@\w+(?:\.\w+)*/m,lookbehind:!0,alias:["annotation","punctuation"],inside:{punctuation:/\./}},keyword:/\b(?:_(?=\s*:)|and|as|assert|async|await|break|case|class|continue|def|del|elif|else|except|exec|finally|for|from|global|if|import|in|is|lambda|match|nonlocal|not|or|pass|print|raise|return|try|while|with|yield)\b/,builtin:/\b(?:__import__|abs|all|any|apply|ascii|basestring|bin|bool|buffer|bytearray|bytes|callable|chr|classmethod|cmp|coerce|compile|complex|delattr|dict|dir|divmod|enumerate|eval|execfile|file|filter|float|format|frozenset|getattr|globals|hasattr|hash|help|hex|id|input|int|intern|isinstance|issubclass|iter|len|list|locals|long|map|max|memoryview|min|next|object|oct|open|ord|pow|property|range|raw_input|reduce|reload|repr|reversed|round|set|setattr|slice|sorted|staticmethod|str|sum|super|tuple|type|unichr|unicode|vars|xrange|zip)\b/,boolean:/\b(?:False|None|True)\b/,number:/\b0(?:b(?:_?[01])+|o(?:_?[0-7])+|x(?:_?[a-f0-9])+)\b|(?:\b\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\B\.\d+(?:_\d+)*)(?:e[+-]?\d+(?:_\d+)*)?j?(?!\w)/i,operator:/[-+%=]=?|!=|:=|\*\*?=?|\/\/?=?|&lt;[&lt;=&gt;]?|&gt;[=&gt;]?|[&amp;|^~]/,punctuation:/[{}[\];(),.:]/},N.languages.python["string-interpolation"].inside.interpolation.inside.rest=N.languages.python,N.languages.py=N.languages.python,((e,t)=&gt;{for(var r in t)T(e,r,{get:t[r],enumerable:!0})})({},{dracula:()=&gt;G,duotoneDark:()=&gt;W,duotoneLight:()=&gt;M,github:()=&gt;U,jettwaveDark:()=&gt;es,jettwaveLight:()=&gt;en,nightOwl:()=&gt;F,nightOwlLight:()=&gt;H,oceanicNext:()=&gt;K,okaidia:()=&gt;J,oneDark:()=&gt;ei,oneLight:()=&gt;ea,palenight:()=&gt;X,shadesOfPurple:()=&gt;Y,synthwave84:()=&gt;Z,ultramin:()=&gt;ee,vsDark:()=&gt;et,vsLight:()=&gt;er});var G={plain:{color:"#F8F8F2",backgroundColor:"#282A36"},styles:[{types:["prolog","constant","builtin"],style:{color:"rgb(189, 147, 249)"}},{types:["inserted","function"],style:{color:"rgb(80, 250, 123)"}},{types:["deleted"],style:{color:"rgb(255, 85, 85)"}},{types:["changed"],style:{color:"rgb(255, 184, 108)"}},{types:["punctuation","symbol"],style:{color:"rgb(248, 248, 242)"}},{types:["string","char","tag","selector"],style:{color:"rgb(255, 121, 198)"}},{types:["keyword","variable"],style:{color:"rgb(189, 147, 249)",fontStyle:"italic"}},{types:["comment"],style:{color:"rgb(98, 114, 164)"}},{types:["attr-name"],style:{color:"rgb(241, 250, 140)"}}]},W={plain:{backgroundColor:"#2a2734",color:"#9a86fd"},styles:[{types:["comment","prolog","doctype","cdata","punctuation"],style:{color:"#6c6783"}},{types:["namespace"],style:{opacity:.7}},{types:["tag","operator","number"],style:{color:"#e09142"}},{types:["property","function"],style:{color:"#9a86fd"}},{types:["tag-id","selector","atrule-id"],style:{color:"#eeebff"}},{types:["attr-name"],style:{color:"#c4b9fe"}},{types:["boolean","string","entity","url","attr-value","keyword","control","directive","unit","statement","regex","atrule","placeholder","variable"],style:{color:"#ffcc99"}},{types:["deleted"],style:{textDecorationLine:"line-through"}},{types:["inserted"],style:{textDecorationLine:"underline"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["important","bold"],style:{fontWeight:"bold"}},{types:["important"],style:{color:"#c4b9fe"}}]},M={plain:{backgroundColor:"#faf8f5",color:"#728fcb"},styles:[{types:["comment","prolog","doctype","cdata","punctuation"],style:{color:"#b6ad9a"}},{types:["namespace"],style:{opacity:.7}},{types:["tag","operator","number"],style:{color:"#063289"}},{types:["property","function"],style:{color:"#b29762"}},{types:["tag-id","selector","atrule-id"],style:{color:"#2d2006"}},{types:["attr-name"],style:{color:"#896724"}},{types:["boolean","string","entity","url","attr-value","keyword","control","directive","unit","statement","regex","atrule"],style:{color:"#728fcb"}},{types:["placeholder","variable"],style:{color:"#93abdc"}},{types:["deleted"],style:{textDecorationLine:"line-through"}},{types:["inserted"],style:{textDecorationLine:"underline"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["important","bold"],style:{fontWeight:"bold"}},{types:["important"],style:{color:"#896724"}}]},U={plain:{color:"#393A34",backgroundColor:"#f6f8fa"},styles:[{types:["comment","prolog","doctype","cdata"],style:{color:"#999988",fontStyle:"italic"}},{types:["namespace"],style:{opacity:.7}},{types:["string","attr-value"],style:{color:"#e3116c"}},{types:["punctuation","operator"],style:{color:"#393A34"}},{types:["entity","url","symbol","number","boolean","variable","constant","property","regex","inserted"],style:{color:"#36acaa"}},{types:["atrule","keyword","attr-name","selector"],style:{color:"#00a4db"}},{types:["function","deleted","tag"],style:{color:"#d73a49"}},{types:["function-variable"],style:{color:"#6f42c1"}},{types:["tag","selector","keyword"],style:{color:"#00009f"}}]},F={plain:{color:"#d6deeb",backgroundColor:"#011627"},styles:[{types:["changed"],style:{color:"rgb(162, 191, 252)",fontStyle:"italic"}},{types:["deleted"],style:{color:"rgba(239, 83, 80, 0.56)",fontStyle:"italic"}},{types:["inserted","attr-name"],style:{color:"rgb(173, 219, 103)",fontStyle:"italic"}},{types:["comment"],style:{color:"rgb(99, 119, 119)",fontStyle:"italic"}},{types:["string","url"],style:{color:"rgb(173, 219, 103)"}},{types:["variable"],style:{color:"rgb(214, 222, 235)"}},{types:["number"],style:{color:"rgb(247, 140, 108)"}},{types:["builtin","char","constant","function"],style:{color:"rgb(130, 170, 255)"}},{types:["punctuation"],style:{color:"rgb(199, 146, 234)"}},{types:["selector","doctype"],style:{color:"rgb(199, 146, 234)",fontStyle:"italic"}},{types:["class-name"],style:{color:"rgb(255, 203, 139)"}},{types:["tag","operator","keyword"],style:{color:"rgb(127, 219, 202)"}},{types:["boolean"],style:{color:"rgb(255, 88, 116)"}},{types:["property"],style:{color:"rgb(128, 203, 196)"}},{types:["namespace"],style:{color:"rgb(178, 204, 214)"}}]},H={plain:{color:"#403f53",backgroundColor:"#FBFBFB"},styles:[{types:["changed"],style:{color:"rgb(162, 191, 252)",fontStyle:"italic"}},{types:["deleted"],style:{color:"rgba(239, 83, 80, 0.56)",fontStyle:"italic"}},{types:["inserted","attr-name"],style:{color:"rgb(72, 118, 214)",fontStyle:"italic"}},{types:["comment"],style:{color:"rgb(152, 159, 177)",fontStyle:"italic"}},{types:["string","builtin","char","constant","url"],style:{color:"rgb(72, 118, 214)"}},{types:["variable"],style:{color:"rgb(201, 103, 101)"}},{types:["number"],style:{color:"rgb(170, 9, 130)"}},{types:["punctuation"],style:{color:"rgb(153, 76, 195)"}},{types:["function","selector","doctype"],style:{color:"rgb(153, 76, 195)",fontStyle:"italic"}},{types:["class-name"],style:{color:"rgb(17, 17, 17)"}},{types:["tag"],style:{color:"rgb(153, 76, 195)"}},{types:["operator","property","keyword","namespace"],style:{color:"rgb(12, 150, 155)"}},{types:["boolean"],style:{color:"rgb(188, 84, 84)"}}]},V="#c5a5c5",Q="#8dc891",K={plain:{backgroundColor:"#282c34",color:"#ffffff"},styles:[{types:["attr-name"],style:{color:V}},{types:["attr-value"],style:{color:Q}},{types:["comment","block-comment","prolog","doctype","cdata","shebang"],style:{color:"#999999"}},{types:["property","number","function-name","constant","symbol","deleted"],style:{color:"#5a9bcf"}},{types:["boolean"],style:{color:"#ff8b50"}},{types:["tag"],style:{color:"#fc929e"}},{types:["string"],style:{color:Q}},{types:["punctuation"],style:{color:Q}},{types:["selector","char","builtin","inserted"],style:{color:"#D8DEE9"}},{types:["function"],style:{color:"#79b6f2"}},{types:["operator","entity","url","variable"],style:{color:"#d7deea"}},{types:["keyword"],style:{color:V}},{types:["atrule","class-name"],style:{color:"#FAC863"}},{types:["important"],style:{fontWeight:"400"}},{types:["bold"],style:{fontWeight:"bold"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["namespace"],style:{opacity:.7}}]},J={plain:{color:"#f8f8f2",backgroundColor:"#272822"},styles:[{types:["changed"],style:{color:"rgb(162, 191, 252)",fontStyle:"italic"}},{types:["deleted"],style:{color:"#f92672",fontStyle:"italic"}},{types:["inserted"],style:{color:"rgb(173, 219, 103)",fontStyle:"italic"}},{types:["comment"],style:{color:"#8292a2",fontStyle:"italic"}},{types:["string","url"],style:{color:"#a6e22e"}},{types:["variable"],style:{color:"#f8f8f2"}},{types:["number"],style:{color:"#ae81ff"}},{types:["builtin","char","constant","function","class-name"],style:{color:"#e6db74"}},{types:["punctuation"],style:{color:"#f8f8f2"}},{types:["selector","doctype"],style:{color:"#a6e22e",fontStyle:"italic"}},{types:["tag","operator","keyword"],style:{color:"#66d9ef"}},{types:["boolean"],style:{color:"#ae81ff"}},{types:["namespace"],style:{color:"rgb(178, 204, 214)",opacity:.7}},{types:["tag","property"],style:{color:"#f92672"}},{types:["attr-name"],style:{color:"#a6e22e !important"}},{types:["doctype"],style:{color:"#8292a2"}},{types:["rule"],style:{color:"#e6db74"}}]},X={plain:{color:"#bfc7d5",backgroundColor:"#292d3e"},styles:[{types:["comment"],style:{color:"rgb(105, 112, 152)",fontStyle:"italic"}},{types:["string","inserted"],style:{color:"rgb(195, 232, 141)"}},{types:["number"],style:{color:"rgb(247, 140, 108)"}},{types:["builtin","char","constant","function"],style:{color:"rgb(130, 170, 255)"}},{types:["punctuation","selector"],style:{color:"rgb(199, 146, 234)"}},{types:["variable"],style:{color:"rgb(191, 199, 213)"}},{types:["class-name","attr-name"],style:{color:"rgb(255, 203, 107)"}},{types:["tag","deleted"],style:{color:"rgb(255, 85, 114)"}},{types:["operator"],style:{color:"rgb(137, 221, 255)"}},{types:["boolean"],style:{color:"rgb(255, 88, 116)"}},{types:["keyword"],style:{fontStyle:"italic"}},{types:["doctype"],style:{color:"rgb(199, 146, 234)",fontStyle:"italic"}},{types:["namespace"],style:{color:"rgb(178, 204, 214)"}},{types:["url"],style:{color:"rgb(221, 221, 221)"}}]},Y={plain:{color:"#9EFEFF",backgroundColor:"#2D2A55"},styles:[{types:["changed"],style:{color:"rgb(255, 238, 128)"}},{types:["deleted"],style:{color:"rgba(239, 83, 80, 0.56)"}},{types:["inserted"],style:{color:"rgb(173, 219, 103)"}},{types:["comment"],style:{color:"rgb(179, 98, 255)",fontStyle:"italic"}},{types:["punctuation"],style:{color:"rgb(255, 255, 255)"}},{types:["constant"],style:{color:"rgb(255, 98, 140)"}},{types:["string","url"],style:{color:"rgb(165, 255, 144)"}},{types:["variable"],style:{color:"rgb(255, 238, 128)"}},{types:["number","boolean"],style:{color:"rgb(255, 98, 140)"}},{types:["attr-name"],style:{color:"rgb(255, 180, 84)"}},{types:["keyword","operator","property","namespace","tag","selector","doctype"],style:{color:"rgb(255, 157, 0)"}},{types:["builtin","char","constant","function","class-name"],style:{color:"rgb(250, 208, 0)"}}]},Z={plain:{backgroundColor:"linear-gradient(to bottom, #2a2139 75%, #34294f)",backgroundImage:"#34294f",color:"#f92aad",textShadow:"0 0 2px #100c0f, 0 0 5px #dc078e33, 0 0 10px #fff3"},styles:[{types:["comment","block-comment","prolog","doctype","cdata"],style:{color:"#495495",fontStyle:"italic"}},{types:["punctuation"],style:{color:"#ccc"}},{types:["tag","attr-name","namespace","number","unit","hexcode","deleted"],style:{color:"#e2777a"}},{types:["property","selector"],style:{color:"#72f1b8",textShadow:"0 0 2px #100c0f, 0 0 10px #257c5575, 0 0 35px #21272475"}},{types:["function-name"],style:{color:"#6196cc"}},{types:["boolean","selector-id","function"],style:{color:"#fdfdfd",textShadow:"0 0 2px #001716, 0 0 3px #03edf975, 0 0 5px #03edf975, 0 0 8px #03edf975"}},{types:["class-name","maybe-class-name","builtin"],style:{color:"#fff5f6",textShadow:"0 0 2px #000, 0 0 10px #fc1f2c75, 0 0 5px #fc1f2c75, 0 0 25px #fc1f2c75"}},{types:["constant","symbol"],style:{color:"#f92aad",textShadow:"0 0 2px #100c0f, 0 0 5px #dc078e33, 0 0 10px #fff3"}},{types:["important","atrule","keyword","selector-class"],style:{color:"#f4eee4",textShadow:"0 0 2px #393a33, 0 0 8px #f39f0575, 0 0 2px #f39f0575"}},{types:["string","char","attr-value","regex","variable"],style:{color:"#f87c32"}},{types:["parameter"],style:{fontStyle:"italic"}},{types:["entity","url"],style:{color:"#67cdcc"}},{types:["operator"],style:{color:"ffffffee"}},{types:["important","bold"],style:{fontWeight:"bold"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["entity"],style:{cursor:"help"}},{types:["inserted"],style:{color:"green"}}]},ee={plain:{color:"#282a2e",backgroundColor:"#ffffff"},styles:[{types:["comment"],style:{color:"rgb(197, 200, 198)"}},{types:["string","number","builtin","variable"],style:{color:"rgb(150, 152, 150)"}},{types:["class-name","function","tag","attr-name"],style:{color:"rgb(40, 42, 46)"}}]},et={plain:{color:"#9CDCFE",backgroundColor:"#1E1E1E"},styles:[{types:["prolog"],style:{color:"rgb(0, 0, 128)"}},{types:["comment"],style:{color:"rgb(106, 153, 85)"}},{types:["builtin","changed","keyword","interpolation-punctuation"],style:{color:"rgb(86, 156, 214)"}},{types:["number","inserted"],style:{color:"rgb(181, 206, 168)"}},{types:["constant"],style:{color:"rgb(100, 102, 149)"}},{types:["attr-name","variable"],style:{color:"rgb(156, 220, 254)"}},{types:["deleted","string","attr-value","template-punctuation"],style:{color:"rgb(206, 145, 120)"}},{types:["selector"],style:{color:"rgb(215, 186, 125)"}},{types:["tag"],style:{color:"rgb(78, 201, 176)"}},{types:["tag"],languages:["markup"],style:{color:"rgb(86, 156, 214)"}},{types:["punctuation","operator"],style:{color:"rgb(212, 212, 212)"}},{types:["punctuation"],languages:["markup"],style:{color:"#808080"}},{types:["function"],style:{color:"rgb(220, 220, 170)"}},{types:["class-name"],style:{color:"rgb(78, 201, 176)"}},{types:["char"],style:{color:"rgb(209, 105, 105)"}}]},er={plain:{color:"#000000",backgroundColor:"#ffffff"},styles:[{types:["comment"],style:{color:"rgb(0, 128, 0)"}},{types:["builtin"],style:{color:"rgb(0, 112, 193)"}},{types:["number","variable","inserted"],style:{color:"rgb(9, 134, 88)"}},{types:["operator"],style:{color:"rgb(0, 0, 0)"}},{types:["constant","char"],style:{color:"rgb(129, 31, 63)"}},{types:["tag"],style:{color:"rgb(128, 0, 0)"}},{types:["attr-name"],style:{color:"rgb(255, 0, 0)"}},{types:["deleted","string"],style:{color:"rgb(163, 21, 21)"}},{types:["changed","punctuation"],style:{color:"rgb(4, 81, 165)"}},{types:["function","keyword"],style:{color:"rgb(0, 0, 255)"}},{types:["class-name"],style:{color:"rgb(38, 127, 153)"}}]},es={plain:{color:"#f8fafc",backgroundColor:"#011627"},styles:[{types:["prolog"],style:{color:"#000080"}},{types:["comment"],style:{color:"#6A9955"}},{types:["builtin","changed","keyword","interpolation-punctuation"],style:{color:"#569CD6"}},{types:["number","inserted"],style:{color:"#B5CEA8"}},{types:["constant"],style:{color:"#f8fafc"}},{types:["attr-name","variable"],style:{color:"#9CDCFE"}},{types:["deleted","string","attr-value","template-punctuation"],style:{color:"#cbd5e1"}},{types:["selector"],style:{color:"#D7BA7D"}},{types:["tag"],style:{color:"#0ea5e9"}},{types:["tag"],languages:["markup"],style:{color:"#0ea5e9"}},{types:["punctuation","operator"],style:{color:"#D4D4D4"}},{types:["punctuation"],languages:["markup"],style:{color:"#808080"}},{types:["function"],style:{color:"#7dd3fc"}},{types:["class-name"],style:{color:"#0ea5e9"}},{types:["char"],style:{color:"#D16969"}}]},en={plain:{color:"#0f172a",backgroundColor:"#f1f5f9"},styles:[{types:["prolog"],style:{color:"#000080"}},{types:["comment"],style:{color:"#6A9955"}},{types:["builtin","changed","keyword","interpolation-punctuation"],style:{color:"#0c4a6e"}},{types:["number","inserted"],style:{color:"#B5CEA8"}},{types:["constant"],style:{color:"#0f172a"}},{types:["attr-name","variable"],style:{color:"#0c4a6e"}},{types:["deleted","string","attr-value","template-punctuation"],style:{color:"#64748b"}},{types:["selector"],style:{color:"#D7BA7D"}},{types:["tag"],style:{color:"#0ea5e9"}},{types:["tag"],languages:["markup"],style:{color:"#0ea5e9"}},{types:["punctuation","operator"],style:{color:"#475569"}},{types:["punctuation"],languages:["markup"],style:{color:"#808080"}},{types:["function"],style:{color:"#0e7490"}},{types:["class-name"],style:{color:"#0ea5e9"}},{types:["char"],style:{color:"#D16969"}}]},ei={plain:{backgroundColor:"hsl(220, 13%, 18%)",color:"hsl(220, 14%, 71%)",textShadow:"0 1px rgba(0, 0, 0, 0.3)"},styles:[{types:["comment","prolog","cdata"],style:{color:"hsl(220, 10%, 40%)"}},{types:["doctype","punctuation","entity"],style:{color:"hsl(220, 14%, 71%)"}},{types:["attr-name","class-name","maybe-class-name","boolean","constant","number","atrule"],style:{color:"hsl(29, 54%, 61%)"}},{types:["keyword"],style:{color:"hsl(286, 60%, 67%)"}},{types:["property","tag","symbol","deleted","important"],style:{color:"hsl(355, 65%, 65%)"}},{types:["selector","string","char","builtin","inserted","regex","attr-value"],style:{color:"hsl(95, 38%, 62%)"}},{types:["variable","operator","function"],style:{color:"hsl(207, 82%, 66%)"}},{types:["url"],style:{color:"hsl(187, 47%, 55%)"}},{types:["deleted"],style:{textDecorationLine:"line-through"}},{types:["inserted"],style:{textDecorationLine:"underline"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["important","bold"],style:{fontWeight:"bold"}},{types:["important"],style:{color:"hsl(220, 14%, 71%)"}}]},ea={plain:{backgroundColor:"hsl(230, 1%, 98%)",color:"hsl(230, 8%, 24%)"},styles:[{types:["comment","prolog","cdata"],style:{color:"hsl(230, 4%, 64%)"}},{types:["doctype","punctuation","entity"],style:{color:"hsl(230, 8%, 24%)"}},{types:["attr-name","class-name","boolean","constant","number","atrule"],style:{color:"hsl(35, 99%, 36%)"}},{types:["keyword"],style:{color:"hsl(301, 63%, 40%)"}},{types:["property","tag","symbol","deleted","important"],style:{color:"hsl(5, 74%, 59%)"}},{types:["selector","string","char","builtin","inserted","regex","attr-value","punctuation"],style:{color:"hsl(119, 34%, 47%)"}},{types:["variable","operator","function"],style:{color:"hsl(221, 87%, 60%)"}},{types:["url"],style:{color:"hsl(198, 99%, 37%)"}},{types:["deleted"],style:{textDecorationLine:"line-through"}},{types:["inserted"],style:{textDecorationLine:"underline"}},{types:["italic"],style:{fontStyle:"italic"}},{types:["important","bold"],style:{fontWeight:"bold"}},{types:["important"],style:{color:"hsl(230, 8%, 24%)"}}]},eo=(e,t)=&gt;{let{plain:r}=e,s=e.styles.reduce((e,r)=&gt;{let{languages:s,style:n}=r;return s&amp;&amp;!s.includes(t)||r.types.forEach(t=&gt;{let r=L(L({},e[t]),n);e[t]=r}),e},{});return s.root=r,s.plain=D(L({},r),{backgroundColor:void 0}),s},ec=(e,t)=&gt;{let[r,s]=(0,A.useState)(eo(t,e)),n=(0,A.useRef)(),i=(0,A.useRef)();return(0,A.useEffect)(()=&gt;{(t!==n.current||e!==i.current)&amp;&amp;(n.current=t,i.current=e,s(eo(t,e)))},[e,t]),r},ep=e=&gt;(0,A.useCallback)(t=&gt;{var{className:r,style:s,line:n}=t;let i=D(L({},B(t,["className","style","line"])),{className:(0,q.Z)("token-line",r)});return"object"==typeof e&amp;&amp;"plain"in e&amp;&amp;(i.style=e.plain),"object"==typeof s&amp;&amp;(i.style=L(L({},i.style||{}),s)),i},[e]),ed=e=&gt;{let t=(0,A.useCallback)(({types:t,empty:r})=&gt;{if(null!=e)return 1===t.length&amp;&amp;"plain"===t[0]?null!=r?{display:"inline-block"}:void 0:1===t.length&amp;&amp;null!=r?e[t[0]]:Object.assign(null!=r?{display:"inline-block"}:{},...t.map(t=&gt;e[t]))},[e]);return(0,A.useCallback)(e=&gt;{var{token:r,className:s,style:n}=e;let i=D(L({},B(e,["token","className","style"])),{className:(0,q.Z)("token",...r.types,s),children:r.content,style:t(r)});return null!=n&amp;&amp;(i.style=L(L({},i.style||{}),n)),i},[t])},eu=/\r\n|\r|\n/,el=e=&gt;{0===e.length?e.push({types:["plain"],content:"\n",empty:!0}):1===e.length&amp;&amp;""===e[0].content&amp;&amp;(e[0].content="\n",e[0].empty=!0)},em=(e,t)=&gt;{let r=e.length;return r&gt;0&amp;&amp;e[r-1]===t?e:e.concat(t)},eh=e=&gt;{let t=[[]],r=[e],s=[0],n=[e.length],i=0,a=0,o=[],c=[o];for(;a&gt;-1;){for(;(i=s[a]++)&lt;n[a];){let e;let p=t[a],d=r[a][i];if("string"==typeof d?(p=a&gt;0?p:["plain"],e=d):(p=em(p,d.type),d.alias&amp;&amp;(p=em(p,d.alias)),e=d.content),"string"!=typeof e){a++,t.push(p),r.push(e),s.push(0),n.push(e.length);continue}let u=e.split(eu),l=u.length;o.push({types:p,content:u[0]});for(let e=1;e&lt;l;e++)el(o),c.push(o=[]),o.push({types:p,content:u[e]})}a--,t.pop(),r.pop(),s.pop(),n.pop()}return el(o),c},eg=({prism:e,code:t,grammar:r,language:s})=&gt;{let n=(0,A.useRef)(e);return(0,A.useMemo)(()=&gt;{if(null==r)return eh([t]);let e={code:t,grammar:r,language:s,tokens:[]};return n.current.hooks.run("before-tokenize",e),e.tokens=n.current.tokenize(t,r),n.current.hooks.run("after-tokenize",e),eh(e.tokens)},[t,r,s])},ef=({children:e,language:t,code:r,theme:s,prism:n})=&gt;{let i=t.toLowerCase(),a=ec(i,s),o=ep(a),c=ed(a),p=n.languages[i];return e({tokens:eg({prism:n,language:i,code:r,grammar:p}),className:`prism-code language-${i}`,style:null!=a?a.root:{},getLineProps:o,getTokenProps:c})},ey=e=&gt;(0,A.createElement)(ef,D(L({},e),{prism:e.prism||N,theme:e.theme||et,code:e.code,language:e.language}))},618293:function(e,t,r){"use strict";r.d(t,{Z:function(){return s}});let s=function(){for(var e,t,r=0,s="";r&lt;arguments.length;)(e=arguments[r++])&amp;&amp;(t=function e(t){var r,s,n="";if("string"==typeof t||"number"==typeof t)n+=t;else if("object"==typeof t){if(Array.isArray(t))for(r=0;r&lt;t.length;r++)t[r]&amp;&amp;(s=e(t[r]))&amp;&amp;(n&amp;&amp;(n+=" "),n+=s);else for(r in t)t[r]&amp;&amp;(n&amp;&amp;(n+=" "),n+=r)}return n}(e))&amp;&amp;(s&amp;&amp;(s+=" "),s+=t);return s}},467239:function(e,t,r){"use strict";r.d(t,{Z:function(){return s}});let s=function(){for(var e,t,r=0,s="",n=arguments.length;r&lt;n;r++)(e=arguments[r])&amp;&amp;(t=function e(t){var r,s,n="";if("string"==typeof t||"number"==typeof t)n+=t;else if("object"==typeof t){if(Array.isArray(t)){var i=t.length;for(r=0;r&lt;i;r++)t[r]&amp;&amp;(s=e(t[r]))&amp;&amp;(n&amp;&amp;(n+=" "),n+=s)}else for(s in t)t[s]&amp;&amp;(n&amp;&amp;(n+=" "),n+=s)}return n}(e))&amp;&amp;(s&amp;&amp;(s+=" "),s+=t);return s}},444965:function(e,t,r){"use strict";r.d(t,{Z:function(){return s}});function s(e,t){if(!e)throw Error("Invariant failed")}},75150:function(e,t,r){"use strict";r.r(t),r.d(t,{default:function(){return s}});let s={title:"Service Bridge",url:"https://docs.tetrate.io",baseUrl:"/",staticDirectories:["../../statics"],customFields:{products:[{name:"agent-ops-director",title:"Tetrate Agent Operations Director",link:"/agent-ops-director",logo:"/logos/agent-ops-director-light.svg",logoDark:"/logos/agent-ops-director-dark.svg",category:"product"},{name:"istio-subscription",title:"Tetrate Istio Subscription",link:"/istio-subscription",logo:"/logos/istio-subscription-light.svg",logoDark:"/logos/istio-subscription-dark.svg",category:"product"},{name:"istio-subscription-plus",title:"Tetrate Istio Subscription Plus",link:"/istio-subscription-plus",logo:"/logos/istio-subscription-plus-light.svg",logoDark:"/logos/istio-subscription-plus-dark.svg",category:"product"},{name:"envoy-gateway",title:"Tetrate Enterprise Gateway for Envoy (TEG)",link:"/envoy-gateway",logo:"/logos/tetrate-enterprise-envoy-gateway-light.svg",logoDark:"/logos/tetrate-enterprise-envoy-gateway-dark.svg",category:"product"},{name:"service-bridge",title:"Tetrate Service Bridge",link:"/service-bridge",logo:"/logos/service-bridge-light.svg",logoDark:"/logos/service-bridge-dark.svg",category:"product"},{name:"service-express",title:"Tetrate Service Express",link:"/service-express",logo:"/logos/service-express-light.svg",logoDark:"/logos/service-express-dark.svg",category:"product"},{name:"istio-distro",title:"Istio Distro",link:"/istio-distro",logo:"/logos/istio-distro-light.svg",logoDark:"/logos/istio-distro-dark.svg",category:"project",skipBuild:!0,skipMenu:!0},{name:"istio-authservice",title:"Istio Authservice",link:"/istio-authservice",logo:"/logos/istio-distro-light.svg",logoDark:"/logos/istio-distro-dark.svg",category:"project",skipBuild:!0,skipMenu:!0},{name:"kitchen-sink",title:"Kitchen Sink",logo:"/logos/service-bridge-light.svg",logoDark:"/logos/service-bridge-dark.svg",skipBuild:!0,skipMenu:!0},{name:"envoy-gateway-project",title:"Envoy Gateway",link:"https://gateway.envoyproxy.io/",logo:"/logos/envoy-light.svg",logoDark:"/logos/envoy-dark.svg",category:"project",skipBuild:!0,skipMenu:!0}],demoButton:{text:"TALK TO AN EXPERT",url:"https://tetrate.io/talk-to-an-expert/"}},onBrokenLinks:"warn",onBrokenAnchors:"ignore",onBrokenMarkdownLinks:"ignore",future:{experimental_faster:{swcJsLoader:!0,swcJsMinimizer:!0,swcHtmlMinimizer:!0,lightningCssMinimizer:!0,mdxCrossCompilerCache:!0,rspackBundler:!0},experimental_storage:{type:"localStorage",namespace:!1},experimental_router:"browser"},presets:[["@docusaurus/preset-classic",{blog:!1,docs:{routeBasePath:"service-bridge",lastVersion:"1.12.x",includeCurrentVersion:!1,versions:{next:{banner:"unreleased"},"1.12.x":{banner:"none"},"1.11.x":{banner:"none"},"1.10.x":{banner:"none"},"1.9.x":{banner:"none"},"1.8.x":{banner:"none"},"1.7.x":{banner:"unmaintained"},"1.6.x":{banner:"unmaintained"}}},pages:{routeBasePath:"/"},theme:{customCss:"../../commons/css/global.css"},googleTagManager:{containerId:"GTM-NHGMJLN"}}],["redocusaurus",{theme:{primaryColor:"#ff5100"},specs:[{id:"next",spec:"service-bridge/generated/openapi/next/openapiv3.json",route:"/service-bridge/next/rest"},{id:"1_12_x",spec:"service-bridge/generated/openapi/1.12.x/openapiv3.json",route:"/service-bridge/rest"},{id:"1_11_x",spec:"service-bridge/generated/openapi/1.11.x/openapiv3.json",route:"/service-bridge/1.11.x/rest"},{id:"1_10_x",spec:"service-bridge/generated/openapi/1.10.x/openapiv3.json",route:"/service-bridge/1.10.x/rest"},{id:"1_9_x",spec:"service-bridge/generated/openapi/1.9.x/openapiv3.json",route:"/service-bridge/1.9.x/rest"},{id:"1_8_x",spec:"service-bridge/generated/openapi/1.8.x/openapiv3.json",route:"/service-bridge/1.8.x/rest"},{id:"1_7_x",spec:"service-bridge/generated/openapi/1.7.x/openapiv3.json",route:"/service-bridge/1.7.x/rest"},{id:"1_6_x",spec:"service-bridge/generated/openapi/1.6.x/openapiv3.json",route:"/service-bridge/1.6.x/rest"}]}]],plugins:["/runner/_work/sites/sites/node_modules/docusaurus-plugin-image-zoom/lib/index.js","@extensions/plugin-custom-webpack","@extensions/plugin-spellcheck",["@docusaurus/plugin-client-redirects",{redirects:[{from:"/service-bridge/next/concepts/operators/control_plane",to:"/service-bridge/next/concepts/operators/control-plane"},{from:"/service-bridge/next/concepts/operators/management_plane",to:"/service-bridge/next/concepts/operators/management-plane"},{from:"/service-bridge/next/concepts/service_mesh",to:"/service-bridge/next/concepts/service-mesh"},{from:"/service-bridge/next/concepts/traffic_management",to:"/service-bridge/next/concepts/traffic-management"},{from:"/service-bridge/next/howto/authorization/ingress_gateway",to:"/service-bridge/next/howto/authorization/ingress-gateway"},{from:"/service-bridge/next/howto/authorization/tier1_gateway",to:"/service-bridge/next/howto/authorization/tier1-gateway"},{from:"/service-bridge/next/howto/authorization/tls_verification",to:"/service-bridge/next/howto/authorization/tls-verification"},{from:"/service-bridge/next/howto/gateway/app_ingress",to:"/service-bridge/next/howto/gateway/app-ingress"},{from:"/service-bridge/next/howto/gateway/application_gateway_with_openapi_annotations",to:"/service-bridge/next/howto/gateway/application-gateway-with-openapi-annotations"},{from:"/service-bridge/next/howto/gateway/configure_and_route_nonhttp_traffic",to:"/service-bridge/next/howto/gateway/configure-and-route-nonhttp-traffic"},{from:"/service-bridge/next/howto/gateway/configure_oidc",to:"/service-bridge/next/howto/gateway/configure-oidc"},{from:"/service-bridge/next/howto/gateway/distributed_ingress",to:"/service-bridge/next/howto/gateway/distributed-ingress"},{from:"/service-bridge/next/howto/gateway/end_user_auth_keycloak",to:"/service-bridge/next/howto/gateway/end-user-auth-keycloak"},{from:"/service-bridge/next/howto/gateway/https_with_proxy_protocol",to:"/service-bridge/next/howto/gateway/https-with-proxy-protocol"},{from:"/service-bridge/next/howto/gateway/multi_cluster_traffic_routing_using_tier2gw",to:"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw"},{from:"/service-bridge/next/howto/gateway/multi_cluster_traffic_routing_with_eastwest_gateway",to:"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway"},{from:"/service-bridge/next/howto/gateway/service_identity_propagation",to:"/service-bridge/next/howto/gateway/service-identity-propagation"},{from:"/service-bridge/next/howto/gateway/shared_ingress",to:"/service-bridge/next/howto/gateway/shared-ingress"},{from:"/service-bridge/next/howto/rate_limiting/external_rate_limiting",to:"/service-bridge/next/howto/rate-limiting/external-rate-limiting"},{from:"/service-bridge/next/howto/rate_limiting/ingress_gateway",to:"/service-bridge/next/howto/rate-limiting/ingress-gateway"},{from:"/service-bridge/next/howto/rate_limiting/internal_rate_limiting",to:"/service-bridge/next/howto/rate-limiting/internal-rate-limiting"},{from:"/service-bridge/next/howto/rate_limiting/service_to_service",to:"/service-bridge/next/howto/rate-limiting/service-to-service"},{from:"/service-bridge/next/howto/rate_limiting/tier1_gateway",to:"/service-bridge/next/howto/rate-limiting/tier1-gateway"},{from:"/service-bridge/next/howto/rate_limiting/tls_validation",to:"/service-bridge/next/howto/rate-limiting/tls-validation"},{from:"/service-bridge/next/howto/rate_limiting/",to:"/service-bridge/next/howto/rate-limiting/"},{from:"/service-bridge/next/howto/traffic/canary_releases",to:"/service-bridge/next/howto/traffic/canary-releases"},{from:"/service-bridge/next/howto/traffic/load_balance",to:"/service-bridge/next/howto/traffic/load-balance"},{from:"/service-bridge/next/howto/traffic/migrating_VM_monoliths",to:"/service-bridge/next/howto/traffic/migrating-VM-monoliths"},{from:"/service-bridge/next/howto/traffic/splitting_service_traffic_between_k8s_vms",to:"/service-bridge/next/howto/traffic/splitting-service-traffic-between-k8s-vms"},{from:"/service-bridge/next/knowledge_base/faq",to:"/service-bridge/next/knowledge-base/faq"},{from:"/service-bridge/next/knowledge_base/gitops",to:"/service-bridge/next/knowledge-base/gitops"},{from:"/service-bridge/next/operations/configuration_promotion",to:"/service-bridge/next/operations/configuration-promotion"},{from:"/service-bridge/next/operations/configure_log_levels",to:"/service-bridge/next/operations/configure-log-levels"},{from:"/service-bridge/next/operations/elasticsearch/elasticsearch_role",to:"/service-bridge/next/operations/elasticsearch/elasticsearch-role"},{from:"/service-bridge/next/operations/elasticsearch/wipe_elastic",to:"/service-bridge/next/operations/elasticsearch/wipe-elastic"},{from:"/service-bridge/next/operations/features/configure_gitops",to:"/service-bridge/next/operations/features/configure-gitops"},{from:"/service-bridge/next/operations/features/deletion_protection",to:"/service-bridge/next/operations/features/deletion-protection"},{from:"/service-bridge/next/operations/features/enable_config_protection",to:"/service-bridge/next/operations/features/enable-config-protection"},{from:"/service-bridge/next/operations/features/gateway_deletion_webhook",to:"/service-bridge/next/operations/features/gateway-deletion-webhook"},{from:"/service-bridge/next/operations/features/internal_wasm_extensions",to:"/service-bridge/next/operations/features/internal-wasm-extensions"},{from:"/service-bridge/next/operations/features/istio_cni",to:"/service-bridge/next/operations/features/istio-cni"},{from:"/service-bridge/next/operations/features/label_annotation",to:"/service-bridge/next/operations/features/label-annotation"},{from:"/service-bridge/next/operations/features/streaming_log",to:"/service-bridge/next/operations/features/streaming-log"},{from:"/service-bridge/next/operations/kube_customization",to:"/service-bridge/next/operations/kube-customization"},{from:"/service-bridge/next/operations/lower_istio_resources",to:"/service-bridge/next/operations/lower-istio-resources"},{from:"/service-bridge/next/operations/migrate_organization",to:"/service-bridge/next/operations/migrate-organization"},{from:"/service-bridge/next/operations/multiple_iam_keys",to:"/service-bridge/next/operations/multiple-iam-keys"},{from:"/service-bridge/next/operations/telemetry/alerting_guidelines",to:"/service-bridge/next/operations/telemetry/alerting-guidelines"},{from:"/service-bridge/next/operations/telemetry/new_relic",to:"/service-bridge/next/operations/telemetry/new-relic"},{from:"/service-bridge/next/operations/telemetry/red_metrics",to:"/service-bridge/next/operations/telemetry/red-metrics"},{from:"/service-bridge/next/operations/users/admin_password",to:"/service-bridge/next/operations/users/admin-password"},{from:"/service-bridge/next/operations/users/configuring_ldap",to:"/service-bridge/next/operations/users/configuring-ldap"},{from:"/service-bridge/next/operations/users/oidc_azure",to:"/service-bridge/next/operations/users/oidc-azure"},{from:"/service-bridge/next/operations/users/roles_and_permissions",to:"/service-bridge/next/operations/users/users-roles-and-permissions"},{from:"/service-bridge/next/operations/users/user_synchronization",to:"/service-bridge/next/operations/users/user-synchronization"},{from:"/service-bridge/next/quickstart/config_groups",to:"/service-bridge/next/quickstart/config-groups"},{from:"/service-bridge/next/quickstart/deploy_sample_app",to:"/service-bridge/next/quickstart/deploy-sample-app"},{from:"/service-bridge/next/quickstart/ingress_gateway",to:"/service-bridge/next/quickstart/ingress-gateway"},{from:"/service-bridge/next/quickstart/traffic_shifting",to:"/service-bridge/next/quickstart/traffic-shifting"},{from:"/service-bridge/next/reference/samples/sleep_service",to:"/service-bridge/next/reference/samples/sleep-service"},{from:"/service-bridge/next/release_notes_announcements/feature_status",to:"/service-bridge/next/release-notes-announcements/feature-status"},{from:"/service-bridge/next/release_notes_announcements/support_policy",to:"/service-bridge/next/release-notes-announcements/support-policy"},{from:"/service-bridge/next/release_notes_announcements/",to:"/service-bridge/next/release-notes-announcements/"},{from:"/service-bridge/next/setup/aws/container_marketplace",to:"/service-bridge/next/setup/aws/container-marketplace"},{from:"/service-bridge/next/setup/firewall_information",to:"/service-bridge/next/setup/firewall-information"},{from:"/service-bridge/next/setup/migrate_tctl_to_helm",to:"/service-bridge/next/setup/migrate-tctl-to-helm"},{from:"/service-bridge/next/setup/remote_registry",to:"/service-bridge/next/setup/remote-registry"},{from:"/service-bridge/next/setup/resource_planning",to:"/service-bridge/next/setup/resource-planning"},{from:"/service-bridge/next/setup/security_context",to:"/service-bridge/next/setup/security-context"},{from:"/service-bridge/next/setup/self_managed/demo-installation",to:"/service-bridge/next/setup/self-managed/demo-installation"},{from:"/service-bridge/next/setup/self_managed/management-plane-installation",to:"/service-bridge/next/setup/self-managed/management-plane-installation"},{from:"/service-bridge/next/setup/self_managed/onboarding-clusters",to:"/service-bridge/next/setup/self-managed/onboarding-clusters"},{from:"/service-bridge/next/setup/self_managed/",to:"/service-bridge/next/setup/self-managed/"},{from:"/service-bridge/next/setup/self_managed/uninstallation",to:"/service-bridge/next/setup/self-managed/uninstallation"},{from:"/service-bridge/next/setup/self_managed/upgrade",to:"/service-bridge/next/setup/self-managed/upgrade"},{from:"/service-bridge/next/setup/tctl_connect",to:"/service-bridge/next/setup/tctl-connect"},{from:"/service-bridge/next/setup/workload_onboarding/guides/ecs-workloads",to:"/service-bridge/next/setup/workload-onboarding/guides/ecs-workloads"},{from:"/service-bridge/next/setup/workload_onboarding/guides/managing",to:"/service-bridge/next/setup/workload-onboarding/guides/managing"},{from:"/service-bridge/next/setup/workload_onboarding/guides/on-premise-workloads",to:"/service-bridge/next/setup/workload-onboarding/guides/on-premise-workloads"},{from:"/service-bridge/next/setup/workload_onboarding/guides/onboarding",to:"/service-bridge/next/setup/workload-onboarding/guides/onboarding"},{from:"/service-bridge/next/setup/workload_onboarding/guides/overview",to:"/service-bridge/next/setup/workload-onboarding/guides/overview"},{from:"/service-bridge/next/setup/workload_onboarding/guides/setup",to:"/service-bridge/next/setup/workload-onboarding/guides/setup"},{from:"/service-bridge/next/setup/workload_onboarding/guides/",to:"/service-bridge/next/setup/workload-onboarding/guides/"},{from:"/service-bridge/next/setup/workload_onboarding/guides/troubleshooting",to:"/service-bridge/next/setup/workload-onboarding/guides/troubleshooting"},{from:"/service-bridge/next/setup/workload_onboarding/onboarding-vms",to:"/service-bridge/next/setup/workload-onboarding/onboarding-vms"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/bookinfo",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/configure-vm",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/configure-workload-onboarding",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/enable-workload-onboarding",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/onboard-asg",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/onboard-vm",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ec2/",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ecs/configure-workload-onboarding",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ecs/onboard-ecs",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/aws-ecs/",to:"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/on-premise/configure-vm",to:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-vm"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/on-premise/configure-workload-onboarding",to:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/on-premise/onboard-vm",to:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/onboard-vm"},{from:"/service-bridge/next/setup/workload_onboarding/quickstart/on-premise/",to:"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/"},{from:"/service-bridge/next/troubleshooting/cluster_onboarding",to:"/service-bridge/next/troubleshooting/cluster-onboarding"},{from:"/service-bridge/next/troubleshooting/configuration_status",to:"/service-bridge/next/troubleshooting/configuration-status"},{from:"/service-bridge/next/troubleshooting/gateway_troubleshooting",to:"/service-bridge/next/troubleshooting/gateway-troubleshooting"},{from:"/service-bridge/next/troubleshooting/tsb_ui_metrics",to:"/service-bridge/next/troubleshooting/tsb-ui-metrics"},{from:"/service-bridge/concepts/operators/control_plane",to:"/service-bridge/concepts/operators/control-plane"},{from:"/service-bridge/concepts/operators/management_plane",to:"/service-bridge/concepts/operators/management-plane"},{from:"/service-bridge/concepts/service_mesh",to:"/service-bridge/concepts/service-mesh"},{from:"/service-bridge/concepts/traffic_management",to:"/service-bridge/concepts/traffic-management"},{from:"/service-bridge/howto/authorization/ingress_gateway",to:"/service-bridge/howto/authorization/ingress-gateway"},{from:"/service-bridge/howto/authorization/tier1_gateway",to:"/service-bridge/howto/authorization/tier1-gateway"},{from:"/service-bridge/howto/authorization/tls_verification",to:"/service-bridge/howto/authorization/tls-verification"},{from:"/service-bridge/howto/gateway/app_ingress",to:"/service-bridge/howto/gateway/app-ingress"},{from:"/service-bridge/howto/gateway/application_gateway_with_openapi_annotations",to:"/service-bridge/howto/gateway/application-gateway-with-openapi-annotations"},{from:"/service-bridge/howto/gateway/configure_and_route_nonhttp_traffic",to:"/service-bridge/howto/gateway/configure-and-route-nonhttp-traffic"},{from:"/service-bridge/howto/gateway/configure_oidc",to:"/service-bridge/howto/gateway/configure-oidc"},{from:"/service-bridge/howto/gateway/distributed_ingress",to:"/service-bridge/howto/gateway/distributed-ingress"},{from:"/service-bridge/howto/gateway/end_user_auth_keycloak",to:"/service-bridge/howto/gateway/end-user-auth-keycloak"},{from:"/service-bridge/howto/gateway/https_with_proxy_protocol",to:"/service-bridge/howto/gateway/https-with-proxy-protocol"},{from:"/service-bridge/howto/gateway/multi_cluster_traffic_routing_using_tier2gw",to:"/service-bridge/howto/gateway/multi-cluster-traffic-routing-using-tier2gw"},{from:"/service-bridge/howto/gateway/multi_cluster_traffic_routing_with_eastwest_gateway",to:"/service-bridge/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway"},{from:"/service-bridge/howto/gateway/service_identity_propagation",to:"/service-bridge/howto/gateway/service-identity-propagation"},{from:"/service-bridge/howto/gateway/shared_ingress",to:"/service-bridge/howto/gateway/shared-ingress"},{from:"/service-bridge/howto/rate_limiting/external_rate_limiting",to:"/service-bridge/howto/rate-limiting/external-rate-limiting"},{from:"/service-bridge/howto/rate_limiting/ingress_gateway",to:"/service-bridge/howto/rate-limiting/ingress-gateway"},{from:"/service-bridge/howto/rate_limiting/internal_rate_limiting",to:"/service-bridge/howto/rate-limiting/internal-rate-limiting"},{from:"/service-bridge/howto/rate_limiting/service_to_service",to:"/service-bridge/howto/rate-limiting/service-to-service"},{from:"/service-bridge/howto/rate_limiting/tier1_gateway",to:"/service-bridge/howto/rate-limiting/tier1-gateway"},{from:"/service-bridge/howto/rate_limiting/tls_validation",to:"/service-bridge/howto/rate-limiting/tls-validation"},{from:"/service-bridge/howto/rate_limiting/",to:"/service-bridge/howto/rate-limiting/"},{from:"/service-bridge/howto/traffic/canary_releases",to:"/service-bridge/howto/traffic/canary-releases"},{from:"/service-bridge/howto/traffic/load_balance",to:"/service-bridge/howto/traffic/load-balance"},{from:"/service-bridge/howto/traffic/migrating_VM_monoliths",to:"/service-bridge/howto/traffic/migrating-VM-monoliths"},{from:"/service-bridge/howto/traffic/splitting_service_traffic_between_k8s_vms",to:"/service-bridge/howto/traffic/splitting-service-traffic-between-k8s-vms"},{from:"/service-bridge/knowledge_base/faq",to:"/service-bridge/knowledge-base/faq"},{from:"/service-bridge/knowledge_base/gitops",to:"/service-bridge/knowledge-base/gitops"},{from:"/service-bridge/operations/configuration_promotion",to:"/service-bridge/operations/configuration-promotion"},{from:"/service-bridge/operations/configure_log_levels",to:"/service-bridge/operations/configure-log-levels"},{from:"/service-bridge/operations/elasticsearch/elasticsearch_role",to:"/service-bridge/operations/elasticsearch/elasticsearch-role"},{from:"/service-bridge/operations/elasticsearch/wipe_elastic",to:"/service-bridge/operations/elasticsearch/wipe-elastic"},{from:"/service-bridge/operations/features/configure_gitops",to:"/service-bridge/operations/features/configure-gitops"},{from:"/service-bridge/operations/features/deletion_protection",to:"/service-bridge/operations/features/deletion-protection"},{from:"/service-bridge/operations/features/enable_config_protection",to:"/service-bridge/operations/features/enable-config-protection"},{from:"/service-bridge/operations/features/gateway_deletion_webhook",to:"/service-bridge/operations/features/gateway-deletion-webhook"},{from:"/service-bridge/operations/features/internal_wasm_extensions",to:"/service-bridge/operations/features/internal-wasm-extensions"},{from:"/service-bridge/operations/features/istio_cni",to:"/service-bridge/operations/features/istio-cni"},{from:"/service-bridge/operations/features/label_annotation",to:"/service-bridge/operations/features/label-annotation"},{from:"/service-bridge/operations/features/streaming_log",to:"/service-bridge/operations/features/streaming-log"},{from:"/service-bridge/operations/kube_customization",to:"/service-bridge/operations/kube-customization"},{from:"/service-bridge/operations/lower_istio_resources",to:"/service-bridge/operations/lower-istio-resources"},{from:"/service-bridge/operations/migrate_organization",to:"/service-bridge/operations/migrate-organization"},{from:"/service-bridge/operations/multiple_iam_keys",to:"/service-bridge/operations/multiple-iam-keys"},{from:"/service-bridge/operations/telemetry/alerting_guidelines",to:"/service-bridge/operations/telemetry/alerting-guidelines"},{from:"/service-bridge/operations/telemetry/new_relic",to:"/service-bridge/operations/telemetry/new-relic"},{from:"/service-bridge/operations/telemetry/red_metrics",to:"/service-bridge/operations/telemetry/red-metrics"},{from:"/service-bridge/operations/users/admin_password",to:"/service-bridge/operations/users/admin-password"},{from:"/service-bridge/operations/users/configuring_ldap",to:"/service-bridge/operations/users/configuring-ldap"},{from:"/service-bridge/operations/users/oidc_azure",to:"/service-bridge/operations/users/oidc-azure"},{from:"/service-bridge/operations/users/user_synchronization",to:"/service-bridge/operations/users/user-synchronization"},{from:"/service-bridge/quickstart/config_groups",to:"/service-bridge/quickstart/config-groups"},{from:"/service-bridge/quickstart/deploy_sample_app",to:"/service-bridge/quickstart/deploy-sample-app"},{from:"/service-bridge/quickstart/ingress_gateway",to:"/service-bridge/quickstart/ingress-gateway"},{from:"/service-bridge/quickstart/traffic_shifting",to:"/service-bridge/quickstart/traffic-shifting"},{from:"/service-bridge/reference/samples/sleep_service",to:"/service-bridge/reference/samples/sleep-service"},{from:"/service-bridge/release_notes_announcements/feature_status",to:"/service-bridge/release-notes-announcements/feature-status"},{from:"/service-bridge/release_notes_announcements/support_policy",to:"/service-bridge/release-notes-announcements/support-policy"},{from:"/service-bridge/release_notes_announcements/",to:"/service-bridge/release-notes-announcements/"},{from:"/service-bridge/setup/aws/container_marketplace",to:"/service-bridge/setup/aws/container-marketplace"},{from:"/service-bridge/setup/firewall_information",to:"/service-bridge/setup/firewall-information"},{from:"/service-bridge/setup/migrate_tctl_to_helm",to:"/service-bridge/setup/migrate-tctl-to-helm"},{from:"/service-bridge/setup/remote_registry",to:"/service-bridge/setup/remote-registry"},{from:"/service-bridge/setup/resource_planning",to:"/service-bridge/setup/resource-planning"},{from:"/service-bridge/setup/security_context",to:"/service-bridge/setup/security-context"},{from:"/service-bridge/setup/self_managed/demo-installation",to:"/service-bridge/setup/self-managed/demo-installation"},{from:"/service-bridge/setup/self_managed/management-plane-installation",to:"/service-bridge/setup/self-managed/management-plane-installation"},{from:"/service-bridge/setup/self_managed/onboarding-clusters",to:"/service-bridge/setup/self-managed/onboarding-clusters"},{from:"/service-bridge/setup/self_managed/",to:"/service-bridge/setup/self-managed/"},{from:"/service-bridge/setup/self_managed/uninstallation",to:"/service-bridge/setup/self-managed/uninstallation"},{from:"/service-bridge/setup/self_managed/upgrade",to:"/service-bridge/setup/self-managed/upgrade"},{from:"/service-bridge/setup/tctl_connect",to:"/service-bridge/setup/tctl-connect"},{from:"/service-bridge/setup/workload_onboarding/guides/ecs-workloads",to:"/service-bridge/setup/workload-onboarding/guides/ecs-workloads"},{from:"/service-bridge/setup/workload_onboarding/guides/managing",to:"/service-bridge/setup/workload-onboarding/guides/managing"},{from:"/service-bridge/setup/workload_onboarding/guides/on-premise-workloads",to:"/service-bridge/setup/workload-onboarding/guides/on-premise-workloads"},{from:"/service-bridge/setup/workload_onboarding/guides/onboarding",to:"/service-bridge/setup/workload-onboarding/guides/onboarding"},{from:"/service-bridge/setup/workload_onboarding/guides/overview",to:"/service-bridge/setup/workload-onboarding/guides/overview"},{from:"/service-bridge/setup/workload_onboarding/guides/setup",to:"/service-bridge/setup/workload-onboarding/guides/setup"},{from:"/service-bridge/setup/workload_onboarding/guides/",to:"/service-bridge/setup/workload-onboarding/guides/"},{from:"/service-bridge/setup/workload_onboarding/guides/troubleshooting",to:"/service-bridge/setup/workload-onboarding/guides/troubleshooting"},{from:"/service-bridge/setup/workload_onboarding/onboarding-vms",to:"/service-bridge/setup/workload-onboarding/onboarding-vms"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/bookinfo",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/bookinfo"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/configure-vm",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-vm"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/configure-workload-onboarding",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/enable-workload-onboarding",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/onboard-asg",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/onboard-vm",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ec2/",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ecs/configure-workload-onboarding",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ecs/onboard-ecs",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs"},{from:"/service-bridge/setup/workload_onboarding/quickstart/aws-ecs/",to:"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/"},{from:"/service-bridge/setup/workload_onboarding/quickstart/on-premise/configure-vm",to:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-vm"},{from:"/service-bridge/setup/workload_onboarding/quickstart/on-premise/configure-workload-onboarding",to:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding"},{from:"/service-bridge/setup/workload_onboarding/quickstart/on-premise/onboard-vm",to:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/onboard-vm"},{from:"/service-bridge/setup/workload_onboarding/quickstart/on-premise/",to:"/service-bridge/setup/workload-onboarding/quickstart/on-premise/"},{from:"/service-bridge/troubleshooting/cluster_onboarding",to:"/service-bridge/troubleshooting/cluster-onboarding"},{from:"/service-bridge/troubleshooting/configuration_status",to:"/service-bridge/troubleshooting/configuration-status"},{from:"/service-bridge/troubleshooting/gateway_troubleshooting",to:"/service-bridge/troubleshooting/gateway-troubleshooting"},{from:"/service-bridge/troubleshooting/tsb_ui_metrics",to:"/service-bridge/troubleshooting/tsb-ui-metrics"},{from:"/service-bridge/1.7.x/concepts/operators/control_plane",to:"/service-bridge/1.7.x/concepts/operators/control-plane"},{from:"/service-bridge/1.7.x/concepts/operators/data_plane",to:"/service-bridge/1.7.x/concepts/operators/data-plane"},{from:"/service-bridge/1.7.x/concepts/operators/management_plane",to:"/service-bridge/1.7.x/concepts/operators/management-plane"},{from:"/service-bridge/1.7.x/concepts/service_mesh",to:"/service-bridge/1.7.x/concepts/service-mesh"},{from:"/service-bridge/1.7.x/concepts/traffic_management",to:"/service-bridge/1.7.x/concepts/traffic-management"},{from:"/service-bridge/1.7.x/howto/authorization/ingress_gateway",to:"/service-bridge/1.7.x/howto/authorization/ingress-gateway"},{from:"/service-bridge/1.7.x/howto/authorization/tier1_gateway",to:"/service-bridge/1.7.x/howto/authorization/tier1-gateway"},{from:"/service-bridge/1.7.x/howto/authorization/tls_verification",to:"/service-bridge/1.7.x/howto/authorization/tls-verification"},{from:"/service-bridge/1.7.x/howto/gateway/app_ingress",to:"/service-bridge/1.7.x/howto/gateway/app-ingress"},{from:"/service-bridge/1.7.x/howto/gateway/application_gateway_with_openapi_annotations",to:"/service-bridge/1.7.x/howto/gateway/application-gateway-with-openapi-annotations"},{from:"/service-bridge/1.7.x/howto/gateway/configure_and_route_nonhttp_traffic",to:"/service-bridge/1.7.x/howto/gateway/configure-and-route-nonhttp-traffic"},{from:"/service-bridge/1.7.x/howto/gateway/distributed_ingress",to:"/service-bridge/1.7.x/howto/gateway/distributed-ingress"},{from:"/service-bridge/1.7.x/howto/gateway/egress_gateways",to:"/service-bridge/1.7.x/howto/gateway/egress-gateways"},{from:"/service-bridge/1.7.x/howto/gateway/end_user_auth_keycloak",to:"/service-bridge/1.7.x/howto/gateway/end-user-auth-keycloak"},{from:"/service-bridge/1.7.x/howto/gateway/https_with_proxy_protocol",to:"/service-bridge/1.7.x/howto/gateway/https-with-proxy-protocol"},{from:"/service-bridge/1.7.x/howto/gateway/multi_cluster_traffic_routing_using_tier2gw",to:"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw"},{from:"/service-bridge/1.7.x/howto/gateway/multi_cluster_traffic_routing_with_eastwest_gateway",to:"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway"},{from:"/service-bridge/1.7.x/howto/gateway/service_identity_propagation",to:"/service-bridge/1.7.x/howto/gateway/service-identity-propagation"},{from:"/service-bridge/1.7.x/howto/gateway/shared_ingress",to:"/service-bridge/1.7.x/howto/gateway/shared-ingress"},{from:"/service-bridge/1.7.x/howto/rate_limiting/external_rate_limiting",to:"/service-bridge/1.7.x/howto/rate-limiting/external-rate-limiting"},{from:"/service-bridge/1.7.x/howto/rate_limiting/ingress_gateway",to:"/service-bridge/1.7.x/howto/rate-limiting/ingress-gateway"},{from:"/service-bridge/1.7.x/howto/rate_limiting/internal_rate_limiting",to:"/service-bridge/1.7.x/howto/rate-limiting/internal-rate-limiting"},{from:"/service-bridge/1.7.x/howto/rate_limiting/service_to_service",to:"/service-bridge/1.7.x/howto/rate-limiting/service-to-service"},{from:"/service-bridge/1.7.x/howto/rate_limiting/tier1_gateway",to:"/service-bridge/1.7.x/howto/rate-limiting/tier1-gateway"},{from:"/service-bridge/1.7.x/howto/rate_limiting/tls_validation",to:"/service-bridge/1.7.x/howto/rate-limiting/tls-validation"},{from:"/service-bridge/1.7.x/howto/rate_limiting/",to:"/service-bridge/1.7.x/howto/rate-limiting/"},{from:"/service-bridge/1.7.x/howto/traffic/canary_releases",to:"/service-bridge/1.7.x/howto/traffic/canary-releases"},{from:"/service-bridge/1.7.x/howto/traffic/load_balance",to:"/service-bridge/1.7.x/howto/traffic/load-balance"},{from:"/service-bridge/1.7.x/howto/traffic/migrating_VM_monoliths",to:"/service-bridge/1.7.x/howto/traffic/migrating-VM-monoliths"},{from:"/service-bridge/1.7.x/howto/traffic/splitting_service_traffic_between_k8s_vms",to:"/service-bridge/1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms"},{from:"/service-bridge/1.7.x/knowledge_base/faq",to:"/service-bridge/1.7.x/knowledge-base/faq"},{from:"/service-bridge/1.7.x/knowledge_base/gitops",to:"/service-bridge/1.7.x/knowledge-base/gitops"},{from:"/service-bridge/1.7.x/operations/configuration_promotion",to:"/service-bridge/1.7.x/operations/configuration-promotion"},{from:"/service-bridge/1.7.x/operations/configure_log_levels",to:"/service-bridge/1.7.x/operations/configure-log-levels"},{from:"/service-bridge/1.7.x/operations/elasticsearch/elasticsearch_role",to:"/service-bridge/1.7.x/operations/elasticsearch/elasticsearch-role"},{from:"/service-bridge/1.7.x/operations/elasticsearch/wipe_elastic",to:"/service-bridge/1.7.x/operations/elasticsearch/wipe-elastic"},{from:"/service-bridge/1.7.x/operations/features/configure_gitops",to:"/service-bridge/1.7.x/operations/features/configure-gitops"},{from:"/service-bridge/1.7.x/operations/features/deletion_protection",to:"/service-bridge/1.7.x/operations/features/deletion-protection"},{from:"/service-bridge/1.7.x/operations/features/enable_config_protection",to:"/service-bridge/1.7.x/operations/features/enable-config-protection"},{from:"/service-bridge/1.7.x/operations/features/gateway_deletion_webhook",to:"/service-bridge/1.7.x/operations/features/gateway-deletion-webhook"},{from:"/service-bridge/1.7.x/operations/features/internal_wasm_extensions",to:"/service-bridge/1.7.x/operations/features/internal-wasm-extensions"},{from:"/service-bridge/1.7.x/operations/features/istio_cni",to:"/service-bridge/1.7.x/operations/features/istio-cni"},{from:"/service-bridge/1.7.x/operations/features/label_annotation",to:"/service-bridge/1.7.x/operations/features/label-annotation"},{from:"/service-bridge/1.7.x/operations/features/streaming_log",to:"/service-bridge/1.7.x/operations/features/streaming-log"},{from:"/service-bridge/1.7.x/operations/kube_customization",to:"/service-bridge/1.7.x/operations/kube-customization"},{from:"/service-bridge/1.7.x/operations/lower_istio_resources",to:"/service-bridge/1.7.x/operations/lower-istio-resources"},{from:"/service-bridge/1.7.x/operations/migrate_organization",to:"/service-bridge/1.7.x/operations/migrate-organization"},{from:"/service-bridge/1.7.x/operations/multiple_iam_keys",to:"/service-bridge/1.7.x/operations/multiple-iam-keys"},{from:"/service-bridge/1.7.x/operations/telemetry/alerting_guidelines",to:"/service-bridge/1.7.x/operations/telemetry/alerting-guidelines"},{from:"/service-bridge/1.7.x/operations/telemetry/new_relic",to:"/service-bridge/1.7.x/operations/telemetry/new-relic"},{from:"/service-bridge/1.7.x/operations/telemetry/red_metrics",to:"/service-bridge/1.7.x/operations/telemetry/red-metrics"},{from:"/service-bridge/1.7.x/operations/users/admin_password",to:"/service-bridge/1.7.x/operations/users/admin-password"},{from:"/service-bridge/1.7.x/operations/users/configuring_ldap",to:"/service-bridge/1.7.x/operations/users/configuring-ldap"},{from:"/service-bridge/1.7.x/operations/users/oidc_azure",to:"/service-bridge/1.7.x/operations/users/oidc-azure"},{from:"/service-bridge/1.7.x/operations/users/roles_and_permissions",to:"/service-bridge/1.7.x/operations/users/roles-and-permissions"},{from:"/service-bridge/1.7.x/operations/users/user_synchronization",to:"/service-bridge/1.7.x/operations/users/user-synchronization"},{from:"/service-bridge/1.7.x/quickstart/config_groups",to:"/service-bridge/1.7.x/quickstart/config-groups"},{from:"/service-bridge/1.7.x/quickstart/deploy_sample_app",to:"/service-bridge/1.7.x/quickstart/deploy-sample-app"},{from:"/service-bridge/1.7.x/quickstart/ingress_gateway",to:"/service-bridge/1.7.x/quickstart/ingress-gateway"},{from:"/service-bridge/1.7.x/quickstart/traffic_shifting",to:"/service-bridge/1.7.x/quickstart/traffic-shifting"},{from:"/service-bridge/1.7.x/reference/samples/sleep_service",to:"/service-bridge/1.7.x/reference/samples/sleep-service"},{from:"/service-bridge/1.7.x/release_notes_announcements/feature_status",to:"/service-bridge/1.7.x/release-notes-announcements/feature-status"},{from:"/service-bridge/1.7.x/release_notes_announcements/support_policy",to:"/service-bridge/1.7.x/release-notes-announcements/support-policy"},{from:"/service-bridge/1.7.x/release_notes_announcements/",to:"/service-bridge/1.7.x/release-notes-announcements/"},{from:"/service-bridge/1.7.x/setup/aws/container_marketplace",to:"/service-bridge/1.7.x/setup/aws/container-marketplace"},{from:"/service-bridge/1.7.x/setup/firewall_information",to:"/service-bridge/1.7.x/setup/firewall-information"},{from:"/service-bridge/1.7.x/setup/migrate_tctl_to_helm",to:"/service-bridge/1.7.x/setup/migrate-tctl-to-helm"},{from:"/service-bridge/1.7.x/setup/remote_registry",to:"/service-bridge/1.7.x/setup/remote-registry"},{from:"/service-bridge/1.7.x/setup/resource_planning",to:"/service-bridge/1.7.x/setup/resource-planning"},{from:"/service-bridge/1.7.x/setup/security_context",to:"/service-bridge/1.7.x/setup/security-context"},{from:"/service-bridge/1.7.x/setup/self_managed/demo-installation",to:"/service-bridge/1.7.x/setup/self-managed/demo-installation"},{from:"/service-bridge/1.7.x/setup/self_managed/management-plane-installation",to:"/service-bridge/1.7.x/setup/self-managed/management-plane-installation"},{from:"/service-bridge/1.7.x/setup/self_managed/onboarding-clusters",to:"/service-bridge/1.7.x/setup/self-managed/onboarding-clusters"},{from:"/service-bridge/1.7.x/setup/self_managed/",to:"/service-bridge/1.7.x/setup/self-managed/"},{from:"/service-bridge/1.7.x/setup/self_managed/uninstallation",to:"/service-bridge/1.7.x/setup/self-managed/uninstallation"},{from:"/service-bridge/1.7.x/setup/self_managed/upgrade",to:"/service-bridge/1.7.x/setup/self-managed/upgrade"},{from:"/service-bridge/1.7.x/setup/tctl_connect",to:"/service-bridge/1.7.x/setup/tctl-connect"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/ecs-workloads",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/ecs-workloads"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/managing",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/managing"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/on-premise-workloads",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/on-premise-workloads"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/onboarding",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/onboarding"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/overview",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/overview"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/setup",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/setup"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/guides/troubleshooting",to:"/service-bridge/1.7.x/setup/workload-onboarding/guides/troubleshooting"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/onboarding-vms",to:"/service-bridge/1.7.x/setup/workload-onboarding/onboarding-vms"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/bookinfo",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/configure-vm",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/configure-workload-onboarding",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/enable-workload-onboarding",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/onboard-asg",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/onboard-vm",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ec2/",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ecs/configure-workload-onboarding",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ecs/onboard-ecs",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/aws-ecs/",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/on-premise/configure-vm",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/on-premise/configure-workload-onboarding",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/on-premise/onboard-vm",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm"},{from:"/service-bridge/1.7.x/setup/workload_onboarding/quickstart/on-premise/",to:"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/"},{from:"/service-bridge/1.7.x/troubleshooting/cluster_onboarding",to:"/service-bridge/1.7.x/troubleshooting/cluster-onboarding"},{from:"/service-bridge/1.7.x/troubleshooting/configuration_status",to:"/service-bridge/1.7.x/troubleshooting/configuration-status"},{from:"/service-bridge/1.7.x/troubleshooting/gateway_troubleshooting",to:"/service-bridge/1.7.x/troubleshooting/gateway-troubleshooting"},{from:"/service-bridge/1.7.x/troubleshooting/tsb_ui_metrics",to:"/service-bridge/1.7.x/troubleshooting/tsb-ui-metrics"},{from:"/service-bridge/1.6.x/concepts/operators/control_plane",to:"/service-bridge/1.6.x/concepts/operators/control-plane"},{from:"/service-bridge/1.6.x/concepts/operators/data_plane",to:"/service-bridge/1.6.x/concepts/operators/data-plane"},{from:"/service-bridge/1.6.x/concepts/operators/management_plane",to:"/service-bridge/1.6.x/concepts/operators/management-plane"},{from:"/service-bridge/1.6.x/concepts/service_mesh",to:"/service-bridge/1.6.x/concepts/service-mesh"},{from:"/service-bridge/1.6.x/concepts/traffic_management",to:"/service-bridge/1.6.x/concepts/traffic-management"},{from:"/service-bridge/1.6.x/howto/authorization/ingress_gateway",to:"/service-bridge/1.6.x/howto/authorization/ingress-gateway"},{from:"/service-bridge/1.6.x/howto/authorization/tier1_gateway",to:"/service-bridge/1.6.x/howto/authorization/tier1-gateway"},{from:"/service-bridge/1.6.x/howto/authorization/tls_verification",to:"/service-bridge/1.6.x/howto/authorization/tls-verification"},{from:"/service-bridge/1.6.x/howto/gateway/app_ingress",to:"/service-bridge/1.6.x/howto/gateway/app-ingress"},{from:"/service-bridge/1.6.x/howto/gateway/application_gateway_with_openapi_annotations",to:"/service-bridge/1.6.x/howto/gateway/application-gateway-with-openapi-annotations"},{from:"/service-bridge/1.6.x/howto/gateway/configure_and_route_nonhttp_traffic",to:"/service-bridge/1.6.x/howto/gateway/configure-and-route-nonhttp-traffic"},{from:"/service-bridge/1.6.x/howto/gateway/distributed_ingress",to:"/service-bridge/1.6.x/howto/gateway/distributed-ingress"},{from:"/service-bridge/1.6.x/howto/gateway/egress_gateways",to:"/service-bridge/1.6.x/howto/gateway/egress-gateways"},{from:"/service-bridge/1.6.x/howto/gateway/end_user_auth_keycloak",to:"/service-bridge/1.6.x/howto/gateway/end-user-auth-keycloak"},{from:"/service-bridge/1.6.x/howto/gateway/multi_cluster_traffic_routing_using_tier2gw",to:"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw"},{from:"/service-bridge/1.6.x/howto/gateway/multi_cluster_traffic_routing_with_eastwest_gateway",to:"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway"},{from:"/service-bridge/1.6.x/howto/gateway/service_identity_propagation",to:"/service-bridge/1.6.x/howto/gateway/service-identity-propagation"},{from:"/service-bridge/1.6.x/howto/rate_limiting/external_rate_limiting",to:"/service-bridge/1.6.x/howto/rate-limiting/external-rate-limiting"},{from:"/service-bridge/1.6.x/howto/rate_limiting/ingress_gateway",to:"/service-bridge/1.6.x/howto/rate-limiting/ingress-gateway"},{from:"/service-bridge/1.6.x/howto/rate_limiting/internal_rate_limiting",to:"/service-bridge/1.6.x/howto/rate-limiting/internal-rate-limiting"},{from:"/service-bridge/1.6.x/howto/rate_limiting/service_to_service",to:"/service-bridge/1.6.x/howto/rate-limiting/service-to-service"},{from:"/service-bridge/1.6.x/howto/rate_limiting/tier1_gateway",to:"/service-bridge/1.6.x/howto/rate-limiting/tier1-gateway"},{from:"/service-bridge/1.6.x/howto/rate_limiting/tls_validation",to:"/service-bridge/1.6.x/howto/rate-limiting/tls-validation"},{from:"/service-bridge/1.6.x/howto/rate_limiting/",to:"/service-bridge/1.6.x/howto/rate-limiting/"},{from:"/service-bridge/1.6.x/howto/traffic/canary_releases",to:"/service-bridge/1.6.x/howto/traffic/canary-releases"},{from:"/service-bridge/1.6.x/howto/traffic/load_balance",to:"/service-bridge/1.6.x/howto/traffic/load-balance"},{from:"/service-bridge/1.6.x/howto/traffic/migrating_VM_monoliths",to:"/service-bridge/1.6.x/howto/traffic/migrating-VM-monoliths"},{from:"/service-bridge/1.6.x/howto/traffic/splitting_service_traffic_between_k8s_vms",to:"/service-bridge/1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms"},{from:"/service-bridge/1.6.x/knowledge_base/faq",to:"/service-bridge/1.6.x/knowledge-base/faq"},{from:"/service-bridge/1.6.x/knowledge_base/gitops",to:"/service-bridge/1.6.x/knowledge-base/gitops"},{from:"/service-bridge/1.6.x/operations/configuration_promotion",to:"/service-bridge/1.6.x/operations/configuration-promotion"},{from:"/service-bridge/1.6.x/operations/configure_log_levels",to:"/service-bridge/1.6.x/operations/configure-log-levels"},{from:"/service-bridge/1.6.x/operations/elasticsearch/elasticsearch_role",to:"/service-bridge/1.6.x/operations/elasticsearch/elasticsearch-role"},{from:"/service-bridge/1.6.x/operations/elasticsearch/wipe_elastic",to:"/service-bridge/1.6.x/operations/elasticsearch/wipe-elastic"},{from:"/service-bridge/1.6.x/operations/features/configure_gitops",to:"/service-bridge/1.6.x/operations/features/configure-gitops"},{from:"/service-bridge/1.6.x/operations/features/enable_config_protection",to:"/service-bridge/1.6.x/operations/features/enable-config-protection"},{from:"/service-bridge/1.6.x/operations/features/gateway_deletion_webhook",to:"/service-bridge/1.6.x/operations/features/gateway-deletion-webhook"},{from:"/service-bridge/1.6.x/operations/features/istio_cni",to:"/service-bridge/1.6.x/operations/features/istio-cni"},{from:"/service-bridge/1.6.x/operations/features/streaming_log",to:"/service-bridge/1.6.x/operations/features/streaming-log"},{from:"/service-bridge/1.6.x/operations/kube_customization",to:"/service-bridge/1.6.x/operations/kube-customization"},{from:"/service-bridge/1.6.x/operations/lower_istio_resources",to:"/service-bridge/1.6.x/operations/lower-istio-resources"},{from:"/service-bridge/1.6.x/operations/migrate_organization",to:"/service-bridge/1.6.x/operations/migrate-organization"},{from:"/service-bridge/1.6.x/operations/multiple_iam_keys",to:"/service-bridge/1.6.x/operations/multiple-iam-keys"},{from:"/service-bridge/1.6.x/operations/telemetry/alerting_guidelines",to:"/service-bridge/1.6.x/operations/telemetry/alerting-guidelines"},{from:"/service-bridge/1.6.x/operations/telemetry/red_metrics",to:"/service-bridge/1.6.x/operations/telemetry/red-metrics"},{from:"/service-bridge/1.6.x/operations/users/admin_password",to:"/service-bridge/1.6.x/operations/users/admin-password"},{from:"/service-bridge/1.6.x/operations/users/configuring_ldap",to:"/service-bridge/1.6.x/operations/users/configuring-ldap"},{from:"/service-bridge/1.6.x/operations/users/oidc_azure",to:"/service-bridge/1.6.x/operations/users/oidc-azure"},{from:"/service-bridge/1.6.x/operations/users/roles_and_permissions",to:"/service-bridge/1.6.x/operations/users/roles-and-permissions"},{from:"/service-bridge/1.6.x/operations/users/user_synchronization",to:"/service-bridge/1.6.x/operations/users/user-synchronization"},{from:"/service-bridge/1.6.x/operations/xcp_to_edge_jwt_authentication",to:"/service-bridge/1.6.x/operations/xcp-to-edge-jwt-authentication"},{from:"/service-bridge/1.6.x/quickstart/config_groups",to:"/service-bridge/1.6.x/quickstart/config-groups"},{from:"/service-bridge/1.6.x/quickstart/deploy_sample_app",to:"/service-bridge/1.6.x/quickstart/deploy-sample-app"},{from:"/service-bridge/1.6.x/quickstart/ingress_gateway",to:"/service-bridge/1.6.x/quickstart/ingress-gateway"},{from:"/service-bridge/1.6.x/quickstart/traffic_shifting",to:"/service-bridge/1.6.x/quickstart/traffic-shifting"},{from:"/service-bridge/1.6.x/reference/samples/sleep_service",to:"/service-bridge/1.6.x/reference/samples/sleep-service"},{from:"/service-bridge/1.6.x/release_notes_announcements/feature_status",to:"/service-bridge/1.6.x/release-notes-announcements/feature-status"},{from:"/service-bridge/1.6.x/release_notes_announcements/support_policy",to:"/service-bridge/1.6.x/release-notes-announcements/support-policy"},{from:"/service-bridge/1.6.x/release_notes_announcements/",to:"/service-bridge/1.6.x/release-notes-announcements/"},{from:"/service-bridge/1.6.x/setup/aws/container_marketplace",to:"/service-bridge/1.6.x/setup/aws/container-marketplace"},{from:"/service-bridge/1.6.x/setup/firewall_information",to:"/service-bridge/1.6.x/setup/firewall-information"},{from:"/service-bridge/1.6.x/setup/migrate_tctl_to_helm",to:"/service-bridge/1.6.x/setup/migrate-tctl-to-helm"},{from:"/service-bridge/1.6.x/setup/remote_registry",to:"/service-bridge/1.6.x/setup/remote-registry"},{from:"/service-bridge/1.6.x/setup/resource_planning",to:"/service-bridge/1.6.x/setup/resource-planning"},{from:"/service-bridge/1.6.x/setup/self_managed/demo-installation",to:"/service-bridge/1.6.x/setup/self-managed/demo-installation"},{from:"/service-bridge/1.6.x/setup/self_managed/management-plane-installation",to:"/service-bridge/1.6.x/setup/self-managed/management-plane-installation"},{from:"/service-bridge/1.6.x/setup/self_managed/onboarding-clusters",to:"/service-bridge/1.6.x/setup/self-managed/onboarding-clusters"},{from:"/service-bridge/1.6.x/setup/self_managed/",to:"/service-bridge/1.6.x/setup/self-managed/"},{from:"/service-bridge/1.6.x/setup/self_managed/uninstallation",to:"/service-bridge/1.6.x/setup/self-managed/uninstallation"},{from:"/service-bridge/1.6.x/setup/self_managed/upgrade",to:"/service-bridge/1.6.x/setup/self-managed/upgrade"},{from:"/service-bridge/1.6.x/setup/self_managed/zipkin-cleanup",to:"/service-bridge/1.6.x/setup/self-managed/zipkin-cleanup"},{from:"/service-bridge/1.6.x/setup/tctl_connect",to:"/service-bridge/1.6.x/setup/tctl-connect"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/ecs-workloads",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/ecs-workloads"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/managing",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/managing"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/on-premise-workloads",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/on-premise-workloads"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/onboarding",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/onboarding"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/overview",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/overview"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/setup",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/setup"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/guides/troubleshooting",to:"/service-bridge/1.6.x/setup/workload-onboarding/guides/troubleshooting"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/onboarding-vms",to:"/service-bridge/1.6.x/setup/workload-onboarding/onboarding-vms"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/bookinfo",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/configure-vm",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/configure-workload-onboarding",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/enable-workload-onboarding",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/onboard-asg",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/onboard-vm",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ec2/",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ecs/configure-workload-onboarding",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ecs/onboard-ecs",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/aws-ecs/",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/on-premise/configure-vm",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/on-premise/configure-workload-onboarding",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/on-premise/onboard-vm",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm"},{from:"/service-bridge/1.6.x/setup/workload_onboarding/quickstart/on-premise/",to:"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/"},{from:"/service-bridge/1.6.x/troubleshooting/cluster_onboarding",to:"/service-bridge/1.6.x/troubleshooting/cluster-onboarding"},{from:"/service-bridge/1.6.x/troubleshooting/configuration_status",to:"/service-bridge/1.6.x/troubleshooting/configuration-status"},{from:"/service-bridge/1.6.x/troubleshooting/gateway_troubleshooting",to:"/service-bridge/1.6.x/troubleshooting/gateway-troubleshooting"},{from:"/service-bridge/1.6.x/troubleshooting/tsb_ui_metrics",to:"/service-bridge/1.6.x/troubleshooting/tsb-ui-metrics"}]}],["@extensions/plugin-tetrate-versionmatrix",{versions:["next","1.12.x","1.11.x","1.10.x","1.9.x","1.8.x","1.7.x","1.6.x"]}],["@extensions/plugin-service-bridge-api-docs",{versions:["next","1.12.x","1.11.x","1.10.x","1.9.x","1.8.x","1.7.x","1.6.x"],hideProtos:["install/helm"],descriptionRegexReplace:[{from:{},to:" "},{from:{},to:" OAP "},{from:{},to:" (OAP-"}]}],["@extensions/plugin-tctl-docs",{versions:["next","1.12.x","1.11.x","1.10.x","1.9.x","1.8.x","1.7.x","1.6.x"]}],["@extensions/plugin-service-bridge-release-notes",{versions:["next","1.12.x","1.11.x","1.10.x","1.9.x","1.8.x","1.7.x","1.6.x"]}],["@extensions/plugin-repo-copy",{operations:[{gitRepo:"https://github.com/tetrateio/tetrate.git",branches:[{branch:"master",versionedDocsDir:"version-next"},{branch:"release-1.12.x",versionedDocsDir:"version-1.12.x"},{branch:"release-1.11.x",versionedDocsDir:"version-1.11.x"},{branch:"release-1.10.x",versionedDocsDir:"version-1.10.x"},{branch:"release-1.9.x",versionedDocsDir:"version-1.9.x"},{branch:"release-1.8.x",versionedDocsDir:"version-1.8.x"},{branch:"release-1.7.x",versionedDocsDir:"version-1.7.x"},{branch:"release-1.6.x",versionedDocsDir:"version-1.6.x"}],files:[{src:"cloud/libraries/tsb/dashboards/tsb/key-metrics.md",dst:"operations/telemetry/key-metrics.md"},{src:"cloud/libraries/tsb/dashboards/tsb/tsb-dashboards.zip",dst:"assets/operations/tsb-dashboards.zip"},{src:"cloud/projects/operations/application/dashboards/tsb/key-metrics.md",dst:"operations/telemetry/key-metrics.md"}]}]}],["@extensions/plugin-cheat-sheets",{versions:["next","1.12.x","1.11.x","1.10.x","1.9.x","1.8.x","1.7.x","1.6.x"]}]],scripts:[{src:"/reo.js",defer:!0}],themes:["@extensions/theme-tetrate","docusaurus-theme-search-typesense"],themeConfig:{docs:{sidebar:{hideable:!0,autoCollapseCategories:!0},versionPersistence:"localStorage"},navbar:{hideOnScroll:!0,logo:{alt:"Tetrate logo",href:"https://docs.tetrate.io",src:"/logos/tetrate.svg",width:156,height:36},items:[{type:"custom-productDropdown",position:"left"},{type:"docsVersionDropdown",position:"right",dropdownItemsBefore:[],dropdownItemsAfter:[]}]},footer:{links:[{title:"Resources",items:[{label:"Tetrate Academy",href:"https://academy.tetrate.io"},{label:"Blog",href:"https://tetrate.io/blog/"}]},{title:"Company",items:[{label:"Tetrate.io",href:"https://tetrate.io"},{label:"Press",href:"https://tetrate.io/press/"},{label:"Contact Us",href:"https://tetrate.io/contact-us/"}]}],style:"light"},typesense:{typesenseCollectionName:"service-bridge-index",typesenseServerConfig:{nodes:[{host:"docsearch.tetrate.io",port:443,protocol:"https"}],apiKey:"WkYGy1YRp1IOA2tqkKNa7bpkBBvgIyMn"},typesenseSearchParameters:{sort_by:"item_priority:asc,_text_match:desc"},contextualSearch:!0,searchPagePath:"search"},prism:{theme:{plain:{color:"#393A34",backgroundColor:"#f6f8fa"},styles:[{types:["comment","prolog","doctype","cdata"],style:{color:"#999988",fontStyle:"italic"}},{types:["namespace"],style:{opacity:.7}},{types:["string","attr-value"],style:{color:"#e3116c"}},{types:["punctuation","operator"],style:{color:"#393A34"}},{types:["entity","url","symbol","number","boolean","variable","constant","property","regex","inserted"],style:{color:"#36acaa"}},{types:["atrule","keyword","attr-name","selector"],style:{color:"#00a4db"}},{types:["function","deleted","tag"],style:{color:"#d73a49"}},{types:["function-variable"],style:{color:"#6f42c1"}},{types:["tag","selector","keyword"],style:{color:"#00009f"}}]},darkTheme:{plain:{color:"#F8F8F2",backgroundColor:"#282A36"},styles:[{types:["prolog","constant","builtin"],style:{color:"rgb(189, 147, 249)"}},{types:["inserted","function"],style:{color:"rgb(80, 250, 123)"}},{types:["deleted"],style:{color:"rgb(255, 85, 85)"}},{types:["changed"],style:{color:"rgb(255, 184, 108)"}},{types:["punctuation","symbol"],style:{color:"rgb(248, 248, 242)"}},{types:["string","char","tag","selector"],style:{color:"rgb(255, 121, 198)"}},{types:["keyword","variable"],style:{color:"rgb(189, 147, 249)",fontStyle:"italic"}},{types:["comment"],style:{color:"rgb(98, 114, 164)"}},{types:["attr-name"],style:{color:"rgb(241, 250, 140)"}}]},additionalLanguages:["ruby","csharp","php"],magicComments:[{className:"theme-code-block-highlighted-line",line:"highlight-next-line",block:{start:"highlight-start",end:"highlight-end"}}]},zoom:{selector:".markdown :not(em) &gt; img",background:{light:"rgb(0, 0, 0, 0.8)",dark:"rgb(0, 0, 0, 0.8)"}},image:"logos/service-bridge-og.png",colorMode:{defaultMode:"light",disableSwitch:!1,respectPrefersColorScheme:!1},blog:{sidebar:{groupByYear:!0}},metadata:[],tableOfContents:{minHeadingLevel:2,maxHeadingLevel:3}},baseUrlIssueBanner:!0,i18n:{defaultLocale:"en",path:"i18n",locales:["en"],localeConfigs:{}},onDuplicateRoutes:"warn",headTags:[],stylesheets:[],clientModules:[],tagline:"",titleDelimiter:"|",noIndex:!1,markdown:{format:"mdx",mermaid:!1,mdx1Compat:{comments:!0,admonitions:!0,headingIds:!0},anchors:{maintainCase:!1}}}},862627:function(e){"use strict";e.exports={}},637138:function(e){"use strict";e.exports=JSON.parse('{"/search-543":{"__comp":"1a4e3797","__context":{"plugin":"e9972098"}},"/service-bridge/1.10.x/rest-f92":{"__comp":"f0ad3fbb","__context":{"plugin":"e94ba5e6"},"specProps":"c550ea99","layoutProps":"e6058e39"},"/service-bridge/1.11.x/rest-c4e":{"__comp":"f0ad3fbb","__context":{"plugin":"21c4a7f9"},"specProps":"91bf4bd9","layoutProps":"ac34c264"},"/service-bridge/1.6.x/rest-0a5":{"__comp":"f0ad3fbb","__context":{"plugin":"dec7dcab"},"specProps":"b62353c4","layoutProps":"619b80d4"},"/service-bridge/1.7.x/rest-908":{"__comp":"f0ad3fbb","__context":{"plugin":"410b86d5"},"specProps":"290e21cc","layoutProps":"05a33b36"},"/service-bridge/1.8.x/rest-6e6":{"__comp":"f0ad3fbb","__context":{"plugin":"72e9b833"},"specProps":"e09ff68f","layoutProps":"e1f29e56"},"/service-bridge/1.9.x/rest-3be":{"__comp":"f0ad3fbb","__context":{"plugin":"8cb59263"},"specProps":"da8ad1e6","layoutProps":"474fe745"},"/service-bridge/next/rest-20e":{"__comp":"f0ad3fbb","__context":{"plugin":"a2a9b866"},"specProps":"38db640b","layoutProps":"223d7bd6"},"/service-bridge/rest-6a0":{"__comp":"f0ad3fbb","__context":{"plugin":"5e3d57d7"},"specProps":"97c84944","layoutProps":"316f1bcc"},"/service-bridge-d46":{"__comp":"5e95c892","__context":{"plugin":"aba21aa0"}},"/service-bridge/1.10.x-1d4":{"__comp":"a7bd4aaa","__props":"eec334dd"},"/service-bridge/1.10.x/tags-fd2":{"__comp":"3720c009","__props":"1dedf48b"},"/service-bridge/1.10.x/tags/featured-101":{"__comp":"df203c0f","__props":"13b27692"},"/service-bridge/1.10.x/tags/tsb-concepts-b67":{"__comp":"df203c0f","__props":"573ca8c5"},"/service-bridge/1.10.x/tags/tsb-quickstart-79c":{"__comp":"df203c0f","__props":"aa7d56d7"},"/service-bridge/1.10.x-1c5":{"__comp":"a94703ab"},"/service-bridge/1.10.x/-fa1":{"__comp":"17896441","content":"435dc9de"},"/service-bridge/1.10.x/category/working-with-tetrate-customer-support-40f":{"__comp":"14eb3368","__props":"090bfce0"},"/service-bridge/1.10.x/cheatsheet/-cd7":{"__comp":"17896441","content":"672a7e5b"},"/service-bridge/1.10.x/cheatsheet/sheets/gateways-management-7c4":{"__comp":"17896441","content":"02bd2947"},"/service-bridge/1.10.x/cheatsheet/sheets/kubectl-cec":{"__comp":"17896441","content":"d13415a6"},"/service-bridge/1.10.x/cheatsheet/sheets/security-management-f68":{"__comp":"17896441","content":"5e64c170"},"/service-bridge/1.10.x/cheatsheet/sheets/tctl-7c7":{"__comp":"17896441","content":"3ba0d7cf"},"/service-bridge/1.10.x/cheatsheet/sheets/traffic-management-962":{"__comp":"17896441","content":"f7685f93"},"/service-bridge/1.10.x/cheatsheet/sheets/tsb-concepts-9dd":{"__comp":"17896441","content":"aaac0c03"},"/service-bridge/1.10.x/cheatsheet/sheets/tsb-quickstart-c73":{"__comp":"17896441","content":"337ae2de"},"/service-bridge/1.10.x/cheatsheet/sheets/tsb-terminology-bed":{"__comp":"17896441","content":"47b1a6b7"},"/service-bridge/1.10.x/concepts/-003":{"__comp":"17896441","content":"b39143d1"},"/service-bridge/1.10.x/concepts/architecture-285":{"__comp":"17896441","content":"eac22da9"},"/service-bridge/1.10.x/concepts/configuration-dataflow-e04":{"__comp":"17896441","content":"4179bce1"},"/service-bridge/1.10.x/concepts/configuration-inheritance-3be":{"__comp":"17896441","content":"ce32b962"},"/service-bridge/1.10.x/concepts/glossary-f5c":{"__comp":"17896441","content":"31ce2228"},"/service-bridge/1.10.x/concepts/observability-7e8":{"__comp":"17896441","content":"e59a4bd9"},"/service-bridge/1.10.x/concepts/operators/-fda":{"__comp":"17896441","content":"7daa3d2a"},"/service-bridge/1.10.x/concepts/operators/control-plane-532":{"__comp":"17896441","content":"b74b3012"},"/service-bridge/1.10.x/concepts/operators/data-plane-bc3":{"__comp":"17896441","content":"459a3b2c"},"/service-bridge/1.10.x/concepts/operators/management-plane-337":{"__comp":"17896441","content":"9478a588"},"/service-bridge/1.10.x/concepts/security-501":{"__comp":"17896441","content":"c30f3d2a"},"/service-bridge/1.10.x/concepts/service-mesh-9e0":{"__comp":"17896441","content":"5b9ec439"},"/service-bridge/1.10.x/concepts/terminology-297":{"__comp":"17896441","content":"afee03a9"},"/service-bridge/1.10.x/concepts/traffic-management-0e3":{"__comp":"17896441","content":"ef4c054c"},"/service-bridge/1.10.x/concepts/tsb-and-istio-0d0":{"__comp":"17896441","content":"62c88e9f"},"/service-bridge/1.10.x/design-guides/-e02":{"__comp":"17896441","content":"4e433d6f"},"/service-bridge/1.10.x/design-guides/app-onboarding/-9bf":{"__comp":"17896441","content":"944f7a68"},"/service-bridge/1.10.x/design-guides/app-onboarding/cross-cluster-492":{"__comp":"17896441","content":"27e69b82"},"/service-bridge/1.10.x/design-guides/app-onboarding/deploy-service-8de":{"__comp":"17896441","content":"aab8ec50"},"/service-bridge/1.10.x/design-guides/app-onboarding/gateway-security-bdd":{"__comp":"17896441","content":"b0f4cd6d"},"/service-bridge/1.10.x/design-guides/app-onboarding/high-availability-a4b":{"__comp":"17896441","content":"e8298bbd"},"/service-bridge/1.10.x/design-guides/app-onboarding/introduction-f47":{"__comp":"17896441","content":"6765e701"},"/service-bridge/1.10.x/design-guides/app-onboarding/monitor-0a6":{"__comp":"17896441","content":"811260b0"},"/service-bridge/1.10.x/design-guides/app-onboarding/prepare-cf4":{"__comp":"17896441","content":"7233abc0"},"/service-bridge/1.10.x/design-guides/app-onboarding/promote-service-186":{"__comp":"17896441","content":"b65e532d"},"/service-bridge/1.10.x/design-guides/app-onboarding/security-734":{"__comp":"17896441","content":"7d36be90"},"/service-bridge/1.10.x/design-guides/ha-dr-mp/-641":{"__comp":"17896441","content":"cd93c295"},"/service-bridge/1.10.x/design-guides/ha-dr-mp/dr-managementplane-021":{"__comp":"17896441","content":"6fa3c1ae"},"/service-bridge/1.10.x/design-guides/ha-dr-mp/ha-managementplane-f9f":{"__comp":"17896441","content":"be1d9f06"},"/service-bridge/1.10.x/design-guides/ha-dr-mp/introduction-19f":{"__comp":"17896441","content":"76d545b9"},"/service-bridge/1.10.x/design-guides/ha-dr-mp/scenarios-2c7":{"__comp":"17896441","content":"16ab9b91"},"/service-bridge/1.10.x/design-guides/ha-multicluster/-04a":{"__comp":"17896441","content":"8d5682c9"},"/service-bridge/1.10.x/design-guides/ha-multicluster/cluster-failover-1e5":{"__comp":"17896441","content":"e5808934"},"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-1-b10":{"__comp":"17896441","content":"6bb28324"},"/service-bridge/1.10.x/design-guides/ha-multicluster/demo-2-4c2":{"__comp":"17896441","content":"b414d0fb"},"/service-bridge/1.10.x/design-guides/ha-multicluster/edge-failover-193":{"__comp":"17896441","content":"cb21b243"},"/service-bridge/1.10.x/design-guides/ha-multicluster/introduction-be4":{"__comp":"17896441","content":"1e573f9d"},"/service-bridge/1.10.x/design-guides/ha-multicluster/operations-9b5":{"__comp":"17896441","content":"68c5cbf2"},"/service-bridge/1.10.x/howto-3e4":{"__comp":"14eb3368","__props":"8b17df5d"},"/service-bridge/1.10.x/howto/authorization/-8f0":{"__comp":"17896441","content":"ca7f418b"},"/service-bridge/1.10.x/howto/authorization/ingress-gateway-4e2":{"__comp":"17896441","content":"35940f1c"},"/service-bridge/1.10.x/howto/authorization/sidecar-d24":{"__comp":"17896441","content":"01a4210d"},"/service-bridge/1.10.x/howto/authorization/tier1-gateway-e12":{"__comp":"17896441","content":"5e401086"},"/service-bridge/1.10.x/howto/authorization/tls-verification-935":{"__comp":"17896441","content":"0805b6d5"},"/service-bridge/1.10.x/howto/gateway-224":{"__comp":"14eb3368","__props":"9b1471df"},"/service-bridge/1.10.x/howto/gateway/app-ingress-4b8":{"__comp":"17896441","content":"c0232a03"},"/service-bridge/1.10.x/howto/gateway/application-gateway-with-openapi-annotations-506":{"__comp":"17896441","content":"31660001"},"/service-bridge/1.10.x/howto/gateway/configure-and-route-nonhttp-traffic-61b":{"__comp":"17896441","content":"aa246375"},"/service-bridge/1.10.x/howto/gateway/configure-oidc-17e":{"__comp":"17896441","content":"4fb371e4"},"/service-bridge/1.10.x/howto/gateway/distributed-ingress-c29":{"__comp":"17896441","content":"2e497cee"},"/service-bridge/1.10.x/howto/gateway/end-user-auth-keycloak-4a9":{"__comp":"17896441","content":"7e5832c7"},"/service-bridge/1.10.x/howto/gateway/host-based-egress-access-control-cb7":{"__comp":"17896441","content":"ac2293a9"},"/service-bridge/1.10.x/howto/gateway/https-with-proxy-protocol-2ef":{"__comp":"17896441","content":"acef92f0"},"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-failover-priority-047":{"__comp":"17896441","content":"783e66d2"},"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-50a":{"__comp":"17896441","content":"7fd0a627"},"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-8c3":{"__comp":"17896441","content":"5107d2f6"},"/service-bridge/1.10.x/howto/gateway/multi-cluster-traffic-shifting-b3f":{"__comp":"17896441","content":"c55691f9"},"/service-bridge/1.10.x/howto/gateway/service-identity-propagation-2af":{"__comp":"17896441","content":"40730a4a"},"/service-bridge/1.10.x/howto/gateway/shared-ingress-f14":{"__comp":"17896441","content":"5da45d9a"},"/service-bridge/1.10.x/howto/gateway/subset-based-routing-using-igw-and-service-route-8ee":{"__comp":"17896441","content":"f3375f89"},"/service-bridge/1.10.x/howto/gateway/unified-gateway-148":{"__comp":"17896441","content":"126510ed"},"/service-bridge/1.10.x/howto/gateway/unified-gateway-upgrade-a19":{"__comp":"17896441","content":"8ce0ba4b"},"/service-bridge/1.10.x/howto/gitops-786":{"__comp":"14eb3368","__props":"7a6c7754"},"/service-bridge/1.10.x/howto/gitops/argo-rollouts-e1a":{"__comp":"17896441","content":"55c2b368"},"/service-bridge/1.10.x/howto/gitops/flagger-595":{"__comp":"17896441","content":"5f238620"},"/service-bridge/1.10.x/howto/gitops/flux-706":{"__comp":"17896441","content":"b02b53a4"},"/service-bridge/1.10.x/howto/gitops/gitops-228":{"__comp":"17896441","content":"dfbc2035"},"/service-bridge/1.10.x/howto/hpa-using-skywalking-c21":{"__comp":"17896441","content":"95e4e40c"},"/service-bridge/1.10.x/howto/network-policies-b80":{"__comp":"17896441","content":"35901fb5"},"/service-bridge/1.10.x/howto/promql-using-skywalking-dbf":{"__comp":"17896441","content":"9de5ffbe"},"/service-bridge/1.10.x/howto/rate-limiting/-7cb":{"__comp":"17896441","content":"3f3b39d0"},"/service-bridge/1.10.x/howto/rate-limiting/external-rate-limiting-c9a":{"__comp":"17896441","content":"8d8868a1"},"/service-bridge/1.10.x/howto/rate-limiting/ingress-gateway-382":{"__comp":"17896441","content":"6cb5fc5a"},"/service-bridge/1.10.x/howto/rate-limiting/internal-rate-limiting-f70":{"__comp":"17896441","content":"5ab783db"},"/service-bridge/1.10.x/howto/rate-limiting/service-to-service-6c8":{"__comp":"17896441","content":"4caee71a"},"/service-bridge/1.10.x/howto/rate-limiting/tier1-gateway-6c2":{"__comp":"17896441","content":"8453be38"},"/service-bridge/1.10.x/howto/rate-limiting/tls-validation-9b0":{"__comp":"17896441","content":"3b84783e"},"/service-bridge/1.10.x/howto/security-domains-86a":{"__comp":"17896441","content":"24495415"},"/service-bridge/1.10.x/howto/service-accounts-cf4":{"__comp":"17896441","content":"a55da15e"},"/service-bridge/1.10.x/howto/traffic-600":{"__comp":"14eb3368","__props":"1c238706"},"/service-bridge/1.10.x/howto/traffic/canary-releases-099":{"__comp":"17896441","content":"7fac1838"},"/service-bridge/1.10.x/howto/traffic/configure-multi-port-service-route-641":{"__comp":"17896441","content":"3813cd29"},"/service-bridge/1.10.x/howto/traffic/gateway-mtls-65a":{"__comp":"17896441","content":"a901f6ec"},"/service-bridge/1.10.x/howto/traffic/load-balance-828":{"__comp":"17896441","content":"c1283019"},"/service-bridge/1.10.x/howto/traffic/migrating-VM-monoliths-daa":{"__comp":"17896441","content":"2a937b25"},"/service-bridge/1.10.x/howto/traffic/splitting-service-traffic-between-k8s-vms-0c6":{"__comp":"17896441","content":"88e62106"},"/service-bridge/1.10.x/howto/waf-c6d":{"__comp":"17896441","content":"23f213ee"},"/service-bridge/1.10.x/howto/wasm-3c1":{"__comp":"14eb3368","__props":"b86cdb0e"},"/service-bridge/1.10.x/howto/wasm/wasm-extension-0ac":{"__comp":"17896441","content":"4f62dceb"},"/service-bridge/1.10.x/howto/wasm/wasm-overview-d9c":{"__comp":"17896441","content":"4f02b98e"},"/service-bridge/1.10.x/howto/wasm/wasm-proxy-a5f":{"__comp":"17896441","content":"223d6662"},"/service-bridge/1.10.x/howto/wasm/wasm-try-852":{"__comp":"17896441","content":"15027c2a"},"/service-bridge/1.10.x/knowledge-base-057":{"__comp":"14eb3368","__props":"68e15208"},"/service-bridge/1.10.x/knowledge-base/faq-900":{"__comp":"17896441","content":"4273c0f6"},"/service-bridge/1.10.x/knowledge-base/gitops-410":{"__comp":"17896441","content":"7193dae0"},"/service-bridge/1.10.x/operations-feb":{"__comp":"14eb3368","__props":"593c749e"},"/service-bridge/1.10.x/operations/configuration-promotion-4da":{"__comp":"17896441","content":"10ff1f4d"},"/service-bridge/1.10.x/operations/configure-log-levels-9d2":{"__comp":"17896441","content":"3be89bfc"},"/service-bridge/1.10.x/operations/elasticsearch-051":{"__comp":"14eb3368","__props":"e2b18058"},"/service-bridge/1.10.x/operations/elasticsearch/elasticsearch-role-0c9":{"__comp":"17896441","content":"31fc3026"},"/service-bridge/1.10.x/operations/elasticsearch/wipe-elastic-e0d":{"__comp":"17896441","content":"d71f49b9"},"/service-bridge/1.10.x/operations/features-5a2":{"__comp":"14eb3368","__props":"3b9873a9"},"/service-bridge/1.10.x/operations/features/configure-cluster-external-addresses-db5":{"__comp":"17896441","content":"f7594017"},"/service-bridge/1.10.x/operations/features/configure-gitops-69e":{"__comp":"17896441","content":"2ae13922"},"/service-bridge/1.10.x/operations/features/deletion-protection-83b":{"__comp":"17896441","content":"92fac20d"},"/service-bridge/1.10.x/operations/features/edge-dns-resolution-013":{"__comp":"17896441","content":"f6e976c6"},"/service-bridge/1.10.x/operations/features/enable-config-protection-249":{"__comp":"17896441","content":"66af4876"},"/service-bridge/1.10.x/operations/features/gateway-deletion-webhook-4f6":{"__comp":"17896441","content":"8f7aca99"},"/service-bridge/1.10.x/operations/features/internal-wasm-extensions-d86":{"__comp":"17896441","content":"3bd64d97"},"/service-bridge/1.10.x/operations/features/istio-cni-f51":{"__comp":"17896441","content":"f849ca0a"},"/service-bridge/1.10.x/operations/features/label-annotation-fd4":{"__comp":"17896441","content":"0de24eeb"},"/service-bridge/1.10.x/operations/features/streaming-log-04b":{"__comp":"17896441","content":"49d013d4"},"/service-bridge/1.10.x/operations/features/tier1-in-app-cluster-1d4":{"__comp":"17896441","content":"8b3efbc9"},"/service-bridge/1.10.x/operations/features/tls-origin-multi-cluster-2c5":{"__comp":"17896441","content":"e6613500"},"/service-bridge/1.10.x/operations/graceful-connection-drain-e88":{"__comp":"17896441","content":"16b5b7d9"},"/service-bridge/1.10.x/operations/kube-customization-c2f":{"__comp":"17896441","content":"7990b5df"},"/service-bridge/1.10.x/operations/lower-istio-resources-d38":{"__comp":"17896441","content":"e8a2c011"},"/service-bridge/1.10.x/operations/migrate-organization-6fd":{"__comp":"17896441","content":"68d6b3a0"},"/service-bridge/1.10.x/operations/multiple-iam-keys-89e":{"__comp":"17896441","content":"ce29f77e"},"/service-bridge/1.10.x/operations/postgresql-177":{"__comp":"14eb3368","__props":"a312e0fd"},"/service-bridge/1.10.x/operations/postgresql/auditlog-retention-3fe":{"__comp":"17896441","content":"5418518e"},"/service-bridge/1.10.x/operations/postgresql/azure-credentials-d68":{"__comp":"17896441","content":"a75fb1be"},"/service-bridge/1.10.x/operations/postgresql/backup-and-restore-c3d":{"__comp":"17896441","content":"8e07aac6"},"/service-bridge/1.10.x/operations/postgresql/managing-kubegres-36b":{"__comp":"17896441","content":"96375a98"},"/service-bridge/1.10.x/operations/telemetry-f2e":{"__comp":"14eb3368","__props":"65a6cd70"},"/service-bridge/1.10.x/operations/telemetry/alerting-guidelines-83b":{"__comp":"17896441","content":"f5662a8a"},"/service-bridge/1.10.x/operations/telemetry/distributed-tracing-2e2":{"__comp":"17896441","content":"015ad18a"},"/service-bridge/1.10.x/operations/telemetry/key-metrics-7dd":{"__comp":"17896441","content":"2a98eed2"},"/service-bridge/1.10.x/operations/telemetry/new-relic-d71":{"__comp":"17896441","content":"6cf6cabc"},"/service-bridge/1.10.x/operations/telemetry/red-metrics-ab5":{"__comp":"17896441","content":"e5640064"},"/service-bridge/1.10.x/operations/telemetry/telemetry-architecture-2f7":{"__comp":"17896441","content":"368c6786"},"/service-bridge/1.10.x/operations/users-1f6":{"__comp":"14eb3368","__props":"fd002e3b"},"/service-bridge/1.10.x/operations/users/admin-password-cea":{"__comp":"17896441","content":"0b919a47"},"/service-bridge/1.10.x/operations/users/configuring-ldap-7d3":{"__comp":"17896441","content":"fb579644"},"/service-bridge/1.10.x/operations/users/new-user-local-idp-b0f":{"__comp":"17896441","content":"635bc93a"},"/service-bridge/1.10.x/operations/users/oidc-azure-424":{"__comp":"17896441","content":"1c670bf1"},"/service-bridge/1.10.x/operations/users/tsb-fqns-03e":{"__comp":"17896441","content":"7716e76e"},"/service-bridge/1.10.x/operations/users/user-synchronization-af4":{"__comp":"17896441","content":"732e1c15"},"/service-bridge/1.10.x/operations/users/users-roles-and-permissions-6c4":{"__comp":"17896441","content":"31d4fc86"},"/service-bridge/1.10.x/operations/vault-9c2":{"__comp":"14eb3368","__props":"365bc771"},"/service-bridge/1.10.x/operations/vault/elasticsearch-cbe":{"__comp":"17896441","content":"907e894b"},"/service-bridge/1.10.x/operations/vault/istiod-ca-54b":{"__comp":"17896441","content":"f206def0"},"/service-bridge/1.10.x/operations/vault/postgresql-3fe":{"__comp":"17896441","content":"2614d2f2"},"/service-bridge/1.10.x/quickstart-d5f":{"__comp":"14eb3368","__props":"9b384b39"},"/service-bridge/1.10.x/quickstart/apps-55e":{"__comp":"17896441","content":"0cc843d8"},"/service-bridge/1.10.x/quickstart/config-groups-bd8":{"__comp":"17896441","content":"f306e76e"},"/service-bridge/1.10.x/quickstart/deploy-sample-app-174":{"__comp":"17896441","content":"3456e8fc"},"/service-bridge/1.10.x/quickstart/ingress-gateway-3a7":{"__comp":"17896441","content":"799390e9"},"/service-bridge/1.10.x/quickstart/introduction-c8a":{"__comp":"17896441","content":"c96d16d0"},"/service-bridge/1.10.x/quickstart/observability-195":{"__comp":"17896441","content":"6b22ef8c"},"/service-bridge/1.10.x/quickstart/permissions-11c":{"__comp":"17896441","content":"4dd99cbf"},"/service-bridge/1.10.x/quickstart/security-345":{"__comp":"17896441","content":"b3c388af"},"/service-bridge/1.10.x/quickstart/tenant-f53":{"__comp":"17896441","content":"3c30e7f9"},"/service-bridge/1.10.x/quickstart/traffic-shifting-248":{"__comp":"17896441","content":"f6fc730c"},"/service-bridge/1.10.x/quickstart/workspace-665":{"__comp":"17896441","content":"5d710a71"},"/service-bridge/1.10.x/reference-ba6":{"__comp":"14eb3368","__props":"6c7380ed"},"/service-bridge/1.10.x/reference/cli-97b":{"__comp":"14eb3368","__props":"559630f5"},"/service-bridge/1.10.x/reference/cli/guide/index-c61":{"__comp":"17896441","content":"d66627c9"},"/service-bridge/1.10.x/reference/cli/guide/toc-821":{"__comp":"14eb3368","__props":"91aa9743"},"/service-bridge/1.10.x/reference/cli/reference-4d5":{"__comp":"14eb3368","__props":"9a59015f"},"/service-bridge/1.10.x/reference/cli/reference/apply-b7a":{"__comp":"17896441","content":"a6b545f8"},"/service-bridge/1.10.x/reference/cli/reference/collect-535":{"__comp":"17896441","content":"bcf0ea1f"},"/service-bridge/1.10.x/reference/cli/reference/completion-c35":{"__comp":"17896441","content":"277024ec"},"/service-bridge/1.10.x/reference/cli/reference/config-a03":{"__comp":"17896441","content":"8a9c239f"},"/service-bridge/1.10.x/reference/cli/reference/delete-06b":{"__comp":"17896441","content":"28ed33e2"},"/service-bridge/1.10.x/reference/cli/reference/edit-4c1":{"__comp":"17896441","content":"1137f0ac"},"/service-bridge/1.10.x/reference/cli/reference/experimental-dc2":{"__comp":"17896441","content":"e1a33887"},"/service-bridge/1.10.x/reference/cli/reference/get-e86":{"__comp":"17896441","content":"55fa2362"},"/service-bridge/1.10.x/reference/cli/reference/index-679":{"__comp":"17896441","content":"33082e5a"},"/service-bridge/1.10.x/reference/cli/reference/install-e50":{"__comp":"17896441","content":"9e262c49"},"/service-bridge/1.10.x/reference/cli/reference/login-d25":{"__comp":"17896441","content":"a9448ecd"},"/service-bridge/1.10.x/reference/cli/reference/status-7c0":{"__comp":"17896441","content":"77e93e6f"},"/service-bridge/1.10.x/reference/cli/reference/ui-043":{"__comp":"17896441","content":"0cdca835"},"/service-bridge/1.10.x/reference/cli/reference/validate-f4c":{"__comp":"17896441","content":"71e266b2"},"/service-bridge/1.10.x/reference/cli/reference/version-fc6":{"__comp":"17896441","content":"2391664a"},"/service-bridge/1.10.x/reference/cli/reference/whoami-0f4":{"__comp":"17896441","content":"8d6cf3a2"},"/service-bridge/1.10.x/reference/cli/reference/workload-entry-annotations-311":{"__comp":"17896441","content":"fe01494d"},"/service-bridge/1.10.x/reference/grpc-api-389":{"__comp":"14eb3368","__props":"0126a8bd"},"/service-bridge/1.10.x/reference/grpc-api/guide-701":{"__comp":"17896441","content":"d1d30239"},"/service-bridge/1.10.x/reference/grpc-api/reference-8c3":{"__comp":"14eb3368","__props":"023bf392"},"/service-bridge/1.10.x/reference/k8s-api-2c9":{"__comp":"14eb3368","__props":"c7a48c6c"},"/service-bridge/1.10.x/reference/k8s-api/guide-fa5":{"__comp":"17896441","content":"285aab29"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen-4db":{"__comp":"14eb3368","__props":"a951bbc2"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-1d2":{"__comp":"17896441","content":"bbe98802"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-1d2":{"__comp":"17896441","content":"132f70b5"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-2b0":{"__comp":"17896441","content":"2d751208"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-bf6":{"__comp":"17896441","content":"dd264a88"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io-4f8":{"__comp":"17896441","content":"f5de16fe"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-fee":{"__comp":"17896441","content":"a9ee99db"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-38b":{"__comp":"17896441","content":"5a0642bd"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-535":{"__comp":"17896441","content":"08f4169f"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-b86":{"__comp":"17896441","content":"4679083d"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-34a":{"__comp":"17896441","content":"02f34170"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-083":{"__comp":"17896441","content":"88ecd9b0"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-b68":{"__comp":"17896441","content":"54b0caff"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-ebc":{"__comp":"17896441","content":"c6df81a0"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-a3d":{"__comp":"17896441","content":"3502e2ba"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-add":{"__comp":"17896441","content":"88414435"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user-9e2":{"__comp":"17896441","content":"58a132f7"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-43d":{"__comp":"17896441","content":"0d09d517"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-edb":{"__comp":"17896441","content":"d84290f8"},"/service-bridge/1.10.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-95a":{"__comp":"14eb3368","__props":"6e28b389"},"/service-bridge/1.10.x/reference/operators-f64":{"__comp":"14eb3368","__props":"b8c640e8"},"/service-bridge/1.10.x/reference/rest-api/guide-0d4":{"__comp":"17896441","content":"0956657c"},"/service-bridge/1.10.x/reference/samples-e76":{"__comp":"14eb3368","__props":"84b53af0"},"/service-bridge/1.10.x/reference/samples/httpbin-c69":{"__comp":"17896441","content":"60abf080"},"/service-bridge/1.10.x/reference/samples/opa-74a":{"__comp":"17896441","content":"8d22ba06"},"/service-bridge/1.10.x/reference/samples/sleep-service-125":{"__comp":"17896441","content":"2e1d658b"},"/service-bridge/1.10.x/reference/workload-onboarding-219":{"__comp":"14eb3368","__props":"41043b99"},"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-agent-b9c":{"__comp":"14eb3368","__props":"cfba3d73"},"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-authorization-393":{"__comp":"14eb3368","__props":"21dd80d6"},"/service-bridge/1.10.x/reference/workload-onboarding/onboarding-runtime-2c3":{"__comp":"14eb3368","__props":"c3473eb6"},"/service-bridge/1.10.x/reference/yaml-api-b4f":{"__comp":"14eb3368","__props":"68ea3bd8"},"/service-bridge/1.10.x/reference/yaml-api/guide-ae5":{"__comp":"17896441","content":"db92dce0"},"/service-bridge/1.10.x/reference/yaml-api/reference-273":{"__comp":"14eb3368","__props":"7c1c8a8c"},"/service-bridge/1.10.x/refs/audit/v1/audit-4cb":{"__comp":"17896441","content":"c13756e9"},"/service-bridge/1.10.x/refs/audit/v1/grpc-d17":{"__comp":"14eb3368","__props":"c1ed5ed1"},"/service-bridge/1.10.x/refs/iam/v2/grpc-f86":{"__comp":"14eb3368","__props":"311c032f"},"/service-bridge/1.10.x/refs/iam/v2/oauth_service-f1e":{"__comp":"17896441","content":"e92c15fb"},"/service-bridge/1.10.x/refs/iam/v2/oidc_service-6bc":{"__comp":"17896441","content":"0d6c26e3"},"/service-bridge/1.10.x/refs/install-0b8":{"__comp":"14eb3368","__props":"a878f37e"},"/service-bridge/1.10.x/refs/install/common/common_config-9b4":{"__comp":"17896441","content":"955132eb"},"/service-bridge/1.10.x/refs/install/controlplane/v1alpha1/spec-d97":{"__comp":"17896441","content":"67db141a"},"/service-bridge/1.10.x/refs/install/dataplane/v1alpha1/spec-dad":{"__comp":"17896441","content":"f81a4009"},"/service-bridge/1.10.x/refs/install/kubernetes/k8s-c8f":{"__comp":"17896441","content":"90aba2e7"},"/service-bridge/1.10.x/refs/install/managementplane/v1alpha1/spec-b50":{"__comp":"17896441","content":"cd47d10c"},"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-da4":{"__comp":"17896441","content":"3078d164"},"/service-bridge/1.10.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-5aa":{"__comp":"17896441","content":"e278ad7e"},"/service-bridge/1.10.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-a98":{"__comp":"17896441","content":"c22fd776"},"/service-bridge/1.10.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-73b":{"__comp":"17896441","content":"7154a2f9"},"/service-bridge/1.10.x/refs/onboarding/config/authorization/v1alpha1/policy-17a":{"__comp":"17896441","content":"75b10b50"},"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-508":{"__comp":"17896441","content":"e6bb88d8"},"/service-bridge/1.10.x/refs/onboarding/config/install/v1alpha1/workload_configuration-de9":{"__comp":"17896441","content":"602b3835"},"/service-bridge/1.10.x/refs/onboarding/config/runtime/v1alpha1/registration-236":{"__comp":"17896441","content":"5b4a6b9b"},"/service-bridge/1.10.x/refs/onboarding/config/types/config/v1alpha1/transport_security-954":{"__comp":"17896441","content":"9484a8a0"},"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/condition-cbe":{"__comp":"17896441","content":"b0482a3d"},"/service-bridge/1.10.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-2b7":{"__comp":"17896441","content":"773a5575"},"/service-bridge/1.10.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-e9f":{"__comp":"17896441","content":"eeab1c5f"},"/service-bridge/1.10.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-e3e":{"__comp":"17896441","content":"33548d09"},"/service-bridge/1.10.x/refs/onboarding/config/types/identity/v1alpha1/identity-2cd":{"__comp":"17896441","content":"01bbc235"},"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-eb1":{"__comp":"17896441","content":"df6bd70c"},"/service-bridge/1.10.x/refs/onboarding/config/types/registration/v1alpha1/registration-b00":{"__comp":"17896441","content":"0786182c"},"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin-f69":{"__comp":"17896441","content":"adf0a257"},"/service-bridge/1.10.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin-441":{"__comp":"17896441","content":"97f10926"},"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service-0f1":{"__comp":"17896441","content":"36d9f456"},"/service-bridge/1.10.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service-2cb":{"__comp":"17896441","content":"92a8c238"},"/service-bridge/1.10.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration-06f":{"__comp":"17896441","content":"e3d928f3"},"/service-bridge/1.10.x/refs/onboarding/private/component/plane/generator/v1alpha1/version-8ac":{"__comp":"17896441","content":"c8f4aa12"},"/service-bridge/1.10.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token-656":{"__comp":"17896441","content":"04b2d774"},"/service-bridge/1.10.x/refs/onboarding/private/install/v1alpha1/spec-d94":{"__comp":"17896441","content":"ca60c0f9"},"/service-bridge/1.10.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service-7e5":{"__comp":"17896441","content":"b0e28972"},"/service-bridge/1.10.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service-c15":{"__comp":"17896441","content":"957bec69"},"/service-bridge/1.10.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service-22d":{"__comp":"17896441","content":"4534c600"},"/service-bridge/1.10.x/refs/onboarding/private/protocol/session/v1alpha1/session_service-e8d":{"__comp":"17896441","content":"59cc2ce9"},"/service-bridge/1.10.x/refs/onboarding/private/types/config/v1alpha1/transport_security-b15":{"__comp":"17896441","content":"8d865caf"},"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2-cdf":{"__comp":"17896441","content":"bc51af11"},"/service-bridge/1.10.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts-655":{"__comp":"17896441","content":"f3d3da2e"},"/service-bridge/1.10.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt-911":{"__comp":"17896441","content":"a997d86e"},"/service-bridge/1.10.x/refs/onboarding/private/types/discovery/v1alpha1/discovery-6ea":{"__comp":"17896441","content":"7321957a"},"/service-bridge/1.10.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration-9fc":{"__comp":"17896441","content":"41e08b25"},"/service-bridge/1.10.x/refs/private/iam/v1/iam-d03":{"__comp":"17896441","content":"537a299d"},"/service-bridge/1.10.x/refs/test/v1/echo-58e":{"__comp":"17896441","content":"82f8d9d1"},"/service-bridge/1.10.x/refs/tsb/application/v2/api-2cd":{"__comp":"17896441","content":"8baba255"},"/service-bridge/1.10.x/refs/tsb/application/v2/application-769":{"__comp":"17896441","content":"6a6af04d"},"/service-bridge/1.10.x/refs/tsb/application/v2/application_service-32c":{"__comp":"17896441","content":"df34fcb6"},"/service-bridge/1.10.x/refs/tsb/application/v2/grpc-7ca":{"__comp":"14eb3368","__props":"5beac6a7"},"/service-bridge/1.10.x/refs/tsb/application/v2/openapi_extensions-8c3":{"__comp":"17896441","content":"2b515a58"},"/service-bridge/1.10.x/refs/tsb/application/v2/yaml-700":{"__comp":"14eb3368","__props":"b996df9a"},"/service-bridge/1.10.x/refs/tsb/auth/v2/auth-e42":{"__comp":"17896441","content":"691626e7"},"/service-bridge/1.10.x/refs/tsb/auth/v2/yaml-7da":{"__comp":"14eb3368","__props":"8fcf3ad2"},"/service-bridge/1.10.x/refs/tsb/extension/v2/grpc-90f":{"__comp":"14eb3368","__props":"8bff8d0a"},"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_extension-c9e":{"__comp":"17896441","content":"4bca3d80"},"/service-bridge/1.10.x/refs/tsb/extension/v2/wasm_service-507":{"__comp":"17896441","content":"bd3cb94d"},"/service-bridge/1.10.x/refs/tsb/extension/v2/yaml-6e0":{"__comp":"14eb3368","__props":"b022a781"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/auth-bba":{"__comp":"17896441","content":"798b4c93"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/eastwest_gateway-fb0":{"__comp":"17896441","content":"c242664e"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/egress_gateway-bd5":{"__comp":"17896441","content":"37805045"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway-0b4":{"__comp":"17896441","content":"f7f3c6a4"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_common-0a2":{"__comp":"17896441","content":"48aedf3c"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_group-bb1":{"__comp":"17896441","content":"111e8f7b"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/gateway_service-6ff":{"__comp":"17896441","content":"2008963e"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/grpc-315":{"__comp":"14eb3368","__props":"e3d8e4d8"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/ingress_gateway-992":{"__comp":"17896441","content":"196fd1b4"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/istio_gateway_direct-541":{"__comp":"17896441","content":"6fa89d65"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/tier1_gateway-22e":{"__comp":"17896441","content":"4b16773f"},"/service-bridge/1.10.x/refs/tsb/gateway/v2/yaml-189":{"__comp":"14eb3368","__props":"9101b799"},"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/grpc-61a":{"__comp":"14eb3368","__props":"220ec72b"},"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_internal_group-8a0":{"__comp":"17896441","content":"84c91caf"},"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-420":{"__comp":"17896441","content":"044e888e"},"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/istiointernal_service-282":{"__comp":"17896441","content":"119a321e"},"/service-bridge/1.10.x/refs/tsb/istiointernal/v2/yaml-19f":{"__comp":"14eb3368","__props":"c7e5a193"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/grpc-29d":{"__comp":"14eb3368","__props":"a64bf4a7"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric-081":{"__comp":"17896441","content":"f69da338"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/metric_service-d41":{"__comp":"17896441","content":"c5215ea4"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source-99a":{"__comp":"17896441","content":"d28f06f0"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/source_service-8b6":{"__comp":"17896441","content":"2a048c55"},"/service-bridge/1.10.x/refs/tsb/observability/telemetry/v2/yaml-b3c":{"__comp":"14eb3368","__props":"3245c80d"},"/service-bridge/1.10.x/refs/tsb/profile/v2/grpc-2d0":{"__comp":"14eb3368","__props":"a125c0aa"},"/service-bridge/1.10.x/refs/tsb/profile/v2/profile-dd6":{"__comp":"17896441","content":"eca906d6"},"/service-bridge/1.10.x/refs/tsb/profile/v2/profile_service-94d":{"__comp":"17896441","content":"c4da7417"},"/service-bridge/1.10.x/refs/tsb/profile/v2/yaml-f7a":{"__comp":"14eb3368","__props":"fba258d8"},"/service-bridge/1.10.x/refs/tsb/q/v2/approvals_service-403":{"__comp":"17896441","content":"25e670c9"},"/service-bridge/1.10.x/refs/tsb/q/v2/grpc-144":{"__comp":"14eb3368","__props":"5dfd159c"},"/service-bridge/1.10.x/refs/tsb/q/v2/permissions_service-cc7":{"__comp":"17896441","content":"ba7e6c03"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/access_bindings-a48":{"__comp":"17896441","content":"a5b975a6"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/api_access_bindings-7d1":{"__comp":"17896441","content":"c4fd2ca4"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/application_access_bindings-38f":{"__comp":"17896441","content":"9e78723e"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/binding-a6b":{"__comp":"17896441","content":"ebc17769"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/gateway_access_bindings-c70":{"__comp":"17896441","content":"d629df33"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/grpc-b7b":{"__comp":"14eb3368","__props":"aa28612a"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/istio_internal_access_bindings-841":{"__comp":"17896441","content":"aefb46d8"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/organization_access_bindings-f11":{"__comp":"17896441","content":"f19e1855"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/permissions-fa0":{"__comp":"17896441","content":"32fe92c2"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/policy_service-f1f":{"__comp":"17896441","content":"ff143e6a"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/role-2f9":{"__comp":"17896441","content":"14269a81"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/role_service-82f":{"__comp":"17896441","content":"a4f1cff7"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/security_access_bindings-68b":{"__comp":"17896441","content":"41e96dea"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/tenant_access_bindings-06a":{"__comp":"17896441","content":"c08d45d6"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/traffic_access_bindings-0a8":{"__comp":"17896441","content":"dd7ede60"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/workspace_access_bindings-06b":{"__comp":"17896441","content":"3c090b15"},"/service-bridge/1.10.x/refs/tsb/rbac/v2/yaml-27c":{"__comp":"14eb3368","__props":"26bf84e3"},"/service-bridge/1.10.x/refs/tsb/registry/v2/grpc-281":{"__comp":"14eb3368","__props":"7b1eed8c"},"/service-bridge/1.10.x/refs/tsb/registry/v2/lookup_service-34c":{"__comp":"17896441","content":"b72d7afa"},"/service-bridge/1.10.x/refs/tsb/registry/v2/registration_service-f76":{"__comp":"17896441","content":"29bbf4c9"},"/service-bridge/1.10.x/refs/tsb/registry/v2/service-6ed":{"__comp":"17896441","content":"bfc5f054"},"/service-bridge/1.10.x/refs/tsb/registry/v2/yaml-8ad":{"__comp":"14eb3368","__props":"dd0b7dd4"},"/service-bridge/1.10.x/refs/tsb/security/v2/grpc-eba":{"__comp":"14eb3368","__props":"70f35080"},"/service-bridge/1.10.x/refs/tsb/security/v2/istio_security_direct-6de":{"__comp":"17896441","content":"f84e30fb"},"/service-bridge/1.10.x/refs/tsb/security/v2/security_group-41f":{"__comp":"17896441","content":"c2aea5fa"},"/service-bridge/1.10.x/refs/tsb/security/v2/security_service-faa":{"__comp":"17896441","content":"1759af17"},"/service-bridge/1.10.x/refs/tsb/security/v2/security_setting-397":{"__comp":"17896441","content":"f9172bd1"},"/service-bridge/1.10.x/refs/tsb/security/v2/service_security_setting-8fb":{"__comp":"17896441","content":"060b8ffa"},"/service-bridge/1.10.x/refs/tsb/security/v2/waf_settings-026":{"__comp":"17896441","content":"b8a5f99c"},"/service-bridge/1.10.x/refs/tsb/security/v2/yaml-e28":{"__comp":"14eb3368","__props":"05044893"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/grpc-4f4":{"__comp":"14eb3368","__props":"54a4f344"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/istio_traffic_direct-08e":{"__comp":"17896441","content":"aa2bc659"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_route-0bb":{"__comp":"17896441","content":"4b07e177"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/service_traffic_setting-c19":{"__comp":"17896441","content":"4a9225a9"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_group-6ac":{"__comp":"17896441","content":"796deb30"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_service-845":{"__comp":"17896441","content":"100eb3ba"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/traffic_setting-506":{"__comp":"17896441","content":"9001d5c0"},"/service-bridge/1.10.x/refs/tsb/traffic/v2/yaml-87f":{"__comp":"14eb3368","__props":"9c28cc23"},"/service-bridge/1.10.x/refs/tsb/types/v2/types-185":{"__comp":"17896441","content":"3b4306b8"},"/service-bridge/1.10.x/refs/tsb/types/v2/yaml-585":{"__comp":"14eb3368","__props":"8c20dcb7"},"/service-bridge/1.10.x/refs/tsb/v2/cluster-c08":{"__comp":"17896441","content":"3b443fd7"},"/service-bridge/1.10.x/refs/tsb/v2/cluster_service-7fa":{"__comp":"17896441","content":"847cab89"},"/service-bridge/1.10.x/refs/tsb/v2/grpc-945":{"__comp":"14eb3368","__props":"f544d0b1"},"/service-bridge/1.10.x/refs/tsb/v2/info-d62":{"__comp":"17896441","content":"d6ea071f"},"/service-bridge/1.10.x/refs/tsb/v2/organization-5d3":{"__comp":"17896441","content":"72b4c531"},"/service-bridge/1.10.x/refs/tsb/v2/organization_service-4ad":{"__comp":"17896441","content":"9a301ea1"},"/service-bridge/1.10.x/refs/tsb/v2/organization_setting-0ea":{"__comp":"17896441","content":"c0157dd3"},"/service-bridge/1.10.x/refs/tsb/v2/status-35d":{"__comp":"17896441","content":"4012ca14"},"/service-bridge/1.10.x/refs/tsb/v2/status_service-546":{"__comp":"17896441","content":"d1a631af"},"/service-bridge/1.10.x/refs/tsb/v2/team-7f4":{"__comp":"17896441","content":"9b585fa8"},"/service-bridge/1.10.x/refs/tsb/v2/team_service-c0d":{"__comp":"17896441","content":"9b3dca46"},"/service-bridge/1.10.x/refs/tsb/v2/tenant-8ae":{"__comp":"17896441","content":"de69bfab"},"/service-bridge/1.10.x/refs/tsb/v2/tenant_service-618":{"__comp":"17896441","content":"ab04b800"},"/service-bridge/1.10.x/refs/tsb/v2/tenant_setting-bda":{"__comp":"17896441","content":"ff469bf3"},"/service-bridge/1.10.x/refs/tsb/v2/workspace-cc7":{"__comp":"17896441","content":"787ae5c4"},"/service-bridge/1.10.x/refs/tsb/v2/workspace_service-7c3":{"__comp":"17896441","content":"278b5c38"},"/service-bridge/1.10.x/refs/tsb/v2/workspace_setting-f84":{"__comp":"17896441","content":"6343a669"},"/service-bridge/1.10.x/refs/tsb/v2/yaml-57a":{"__comp":"14eb3368","__props":"446a9238"},"/service-bridge/1.10.x/release-notes-d38":{"__comp":"17896441","content":"654bded9"},"/service-bridge/1.10.x/release-notes-announcements/-0db":{"__comp":"17896441","content":"f0dc8d96"},"/service-bridge/1.10.x/release-notes-announcements/feature-status-e19":{"__comp":"17896441","content":"9307436d"},"/service-bridge/1.10.x/release-notes-announcements/support-policy-7aa":{"__comp":"17896441","content":"8aaeb992"},"/service-bridge/1.10.x/setup-73f":{"__comp":"14eb3368","__props":"97e61c08"},"/service-bridge/1.10.x/setup/aws-da9":{"__comp":"14eb3368","__props":"62e01fc6"},"/service-bridge/1.10.x/setup/aws/container-marketplace-86d":{"__comp":"17896441","content":"5e6fbbcd"},"/service-bridge/1.10.x/setup/aws/vpc-0c1":{"__comp":"17896441","content":"b82e3d49"},"/service-bridge/1.10.x/setup/certificate-b03":{"__comp":"14eb3368","__props":"c8ceb034"},"/service-bridge/1.10.x/setup/certificate/automated-certificate-management-694":{"__comp":"17896441","content":"a2ab2ca0"},"/service-bridge/1.10.x/setup/certificate/certificate-requirements-50d":{"__comp":"17896441","content":"6d4a87e6"},"/service-bridge/1.10.x/setup/certificate/certificate-setup-5e1":{"__comp":"17896441","content":"e1b652d4"},"/service-bridge/1.10.x/setup/components-a70":{"__comp":"17896441","content":"cadb89bd"},"/service-bridge/1.10.x/setup/fips-a9f":{"__comp":"17896441","content":"264b88d8"},"/service-bridge/1.10.x/setup/firewall-information-05d":{"__comp":"17896441","content":"4430390f"},"/service-bridge/1.10.x/setup/helm/-bd6":{"__comp":"17896441","content":"f444af6b"},"/service-bridge/1.10.x/setup/helm/controlplane-e5d":{"__comp":"17896441","content":"0b1d978c"},"/service-bridge/1.10.x/setup/helm/dataplane-b65":{"__comp":"17896441","content":"ffe0f6ee"},"/service-bridge/1.10.x/setup/helm/helm-ddf":{"__comp":"17896441","content":"75103ddb"},"/service-bridge/1.10.x/setup/helm/managementplane-cf0":{"__comp":"17896441","content":"5415007f"},"/service-bridge/1.10.x/setup/helm/uninstallation-919":{"__comp":"17896441","content":"42bc354b"},"/service-bridge/1.10.x/setup/helm/upgrade-173":{"__comp":"17896441","content":"46c40383"},"/service-bridge/1.10.x/setup/isolation-boundaries-698":{"__comp":"17896441","content":"7ae9d665"},"/service-bridge/1.10.x/setup/isolation-boundaries-installation-4db":{"__comp":"17896441","content":"4d7a98ea"},"/service-bridge/1.10.x/setup/migrate-tctl-to-helm-860":{"__comp":"17896441","content":"37f34413"},"/service-bridge/1.10.x/setup/remote-registry-68d":{"__comp":"17896441","content":"fdbc5142"},"/service-bridge/1.10.x/setup/requirements-and-download-360":{"__comp":"17896441","content":"8ae729ed"},"/service-bridge/1.10.x/setup/resource-planning-4c3":{"__comp":"17896441","content":"5c571bd0"},"/service-bridge/1.10.x/setup/security-context-066":{"__comp":"17896441","content":"13b25a90"},"/service-bridge/1.10.x/setup/self-managed/-892":{"__comp":"17896441","content":"4a8dac84"},"/service-bridge/1.10.x/setup/self-managed/demo-installation-290":{"__comp":"17896441","content":"59a83009"},"/service-bridge/1.10.x/setup/self-managed/management-plane-installation-b4f":{"__comp":"17896441","content":"70ab2675"},"/service-bridge/1.10.x/setup/self-managed/onboarding-clusters-861":{"__comp":"17896441","content":"3a4655e3"},"/service-bridge/1.10.x/setup/self-managed/uninstallation-94a":{"__comp":"17896441","content":"2a23cad1"},"/service-bridge/1.10.x/setup/self-managed/upgrade-3a5":{"__comp":"17896441","content":"c359859f"},"/service-bridge/1.10.x/setup/tctl-connect-d76":{"__comp":"17896441","content":"b3116755"},"/service-bridge/1.10.x/setup/upgrade-best-practices-ec3":{"__comp":"17896441","content":"8b8877c6"},"/service-bridge/1.10.x/setup/upgrades-29e":{"__comp":"14eb3368","__props":"107af701"},"/service-bridge/1.10.x/setup/upgrades/cni-upgrade-11b":{"__comp":"17896441","content":"271b8f93"},"/service-bridge/1.10.x/setup/upgrades/gateway-upgrade-52b":{"__comp":"17896441","content":"efb78c91"},"/service-bridge/1.10.x/setup/upgrades/non-revisioned-to-revisioned-131":{"__comp":"17896441","content":"496afda9"},"/service-bridge/1.10.x/setup/upgrades/revisioned-to-revisioned-e99":{"__comp":"17896441","content":"ba8a3640"},"/service-bridge/1.10.x/setup/workload-onboarding-1e7":{"__comp":"14eb3368","__props":"437c743f"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/-974":{"__comp":"17896441","content":"dddc2395"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/ecs-workloads-0e5":{"__comp":"17896441","content":"2b9d9245"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/managing-d9d":{"__comp":"17896441","content":"e4af8df3"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/on-premise-workloads-313":{"__comp":"17896441","content":"d0ff7a82"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/onboarding-c85":{"__comp":"17896441","content":"9815d44f"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/overview-aba":{"__comp":"17896441","content":"91d64a36"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/setup-a70":{"__comp":"17896441","content":"37288001"},"/service-bridge/1.10.x/setup/workload-onboarding/guides/troubleshooting-ee2":{"__comp":"17896441","content":"f57c0f70"},"/service-bridge/1.10.x/setup/workload-onboarding/onboarding-vms-38a":{"__comp":"17896441","content":"36f4392c"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart-7e1":{"__comp":"14eb3368","__props":"522d27d4"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/-2e8":{"__comp":"17896441","content":"174c3e85"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-63e":{"__comp":"17896441","content":"b5e0535a"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-b7b":{"__comp":"17896441","content":"b4ab1cfe"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-6c5":{"__comp":"17896441","content":"f4def980"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-083":{"__comp":"17896441","content":"ecbd51dc"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-e47":{"__comp":"17896441","content":"aa207d9a"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-405":{"__comp":"17896441","content":"bcbdcbc1"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/-1b1":{"__comp":"17896441","content":"23c83581"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-50e":{"__comp":"17896441","content":"89d6c94d"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-50d":{"__comp":"17896441","content":"fc155b85"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/-db8":{"__comp":"17896441","content":"a04dabd0"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-321":{"__comp":"17896441","content":"98e0f090"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-d57":{"__comp":"17896441","content":"1ae3ae58"},"/service-bridge/1.10.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-a43":{"__comp":"17896441","content":"5fad523d"},"/service-bridge/1.10.x/troubleshooting-0ab":{"__comp":"14eb3368","__props":"fa293a24"},"/service-bridge/1.10.x/troubleshooting/cluster-onboarding-c9d":{"__comp":"17896441","content":"c7673cc4"},"/service-bridge/1.10.x/troubleshooting/configuration-status-67a":{"__comp":"17896441","content":"d0b93d5f"},"/service-bridge/1.10.x/troubleshooting/gateway-troubleshooting-3d4":{"__comp":"17896441","content":"c142dca3"},"/service-bridge/1.10.x/troubleshooting/identify-underperforming-services-188":{"__comp":"17896441","content":"78a5fbe1"},"/service-bridge/1.10.x/troubleshooting/Maximum-header-size-exceed-3c6":{"__comp":"17896441","content":"0a31ff21"},"/service-bridge/1.10.x/troubleshooting/Multiple-Transfer-encoding-chunked-bdc":{"__comp":"17896441","content":"6614ffc9"},"/service-bridge/1.10.x/troubleshooting/proxy-tools-6f6":{"__comp":"17896441","content":"a4f1cc4a"},"/service-bridge/1.10.x/troubleshooting/troubleshooting-a66":{"__comp":"17896441","content":"535d00af"},"/service-bridge/1.10.x/troubleshooting/tsb-ui-metrics-c51":{"__comp":"17896441","content":"d035237e"},"/service-bridge/1.10.x/workingwithsupport/workingWithTetrateSupport-026":{"__comp":"17896441","content":"0f97d343"},"/service-bridge/1.11.x-b3f":{"__comp":"a7bd4aaa","__props":"ab6113dd"},"/service-bridge/1.11.x/tags-07d":{"__comp":"3720c009","__props":"7981d308"},"/service-bridge/1.11.x/tags/featured-9bb":{"__comp":"df203c0f","__props":"e4115a63"},"/service-bridge/1.11.x/tags/tsb-concepts-d45":{"__comp":"df203c0f","__props":"17e3f8b8"},"/service-bridge/1.11.x/tags/tsb-quickstart-409":{"__comp":"df203c0f","__props":"035142ad"},"/service-bridge/1.11.x-b6c":{"__comp":"a94703ab"},"/service-bridge/1.11.x/-2f0":{"__comp":"17896441","content":"0b89b152"},"/service-bridge/1.11.x/category/working-with-tetrate-customer-support-f65":{"__comp":"14eb3368","__props":"3671be31"},"/service-bridge/1.11.x/cheatsheet/-0da":{"__comp":"17896441","content":"a9f0290c"},"/service-bridge/1.11.x/cheatsheet/sheets/gateways-management-73f":{"__comp":"17896441","content":"8dd78dd0"},"/service-bridge/1.11.x/cheatsheet/sheets/kubectl-e05":{"__comp":"17896441","content":"be1d81bd"},"/service-bridge/1.11.x/cheatsheet/sheets/security-management-1d1":{"__comp":"17896441","content":"346a9512"},"/service-bridge/1.11.x/cheatsheet/sheets/tctl-a0f":{"__comp":"17896441","content":"db6e6426"},"/service-bridge/1.11.x/cheatsheet/sheets/traffic-management-886":{"__comp":"17896441","content":"c70835e1"},"/service-bridge/1.11.x/cheatsheet/sheets/tsb-concepts-ccb":{"__comp":"17896441","content":"06e10a78"},"/service-bridge/1.11.x/cheatsheet/sheets/tsb-quickstart-957":{"__comp":"17896441","content":"8be1a864"},"/service-bridge/1.11.x/cheatsheet/sheets/tsb-terminology-79d":{"__comp":"17896441","content":"2ba2c606"},"/service-bridge/1.11.x/concepts/-ec2":{"__comp":"17896441","content":"3ebb1bd7"},"/service-bridge/1.11.x/concepts/architecture-810":{"__comp":"17896441","content":"4eb69166"},"/service-bridge/1.11.x/concepts/configuration-dataflow-494":{"__comp":"17896441","content":"9daecf10"},"/service-bridge/1.11.x/concepts/configuration-inheritance-5a0":{"__comp":"17896441","content":"a0c04e9e"},"/service-bridge/1.11.x/concepts/glossary-c9c":{"__comp":"17896441","content":"66dd420e"},"/service-bridge/1.11.x/concepts/observability-3ae":{"__comp":"17896441","content":"3698cc64"},"/service-bridge/1.11.x/concepts/operators/-146":{"__comp":"17896441","content":"704ebc70"},"/service-bridge/1.11.x/concepts/operators/control-plane-86b":{"__comp":"17896441","content":"182dfa7e"},"/service-bridge/1.11.x/concepts/operators/data-plane-e0d":{"__comp":"17896441","content":"861ab2bd"},"/service-bridge/1.11.x/concepts/operators/management-plane-cca":{"__comp":"17896441","content":"1ab57c16"},"/service-bridge/1.11.x/concepts/security-4c6":{"__comp":"17896441","content":"dfc61c82"},"/service-bridge/1.11.x/concepts/service-mesh-3f0":{"__comp":"17896441","content":"6379d867"},"/service-bridge/1.11.x/concepts/terminology-22e":{"__comp":"17896441","content":"91ba37a6"},"/service-bridge/1.11.x/concepts/traffic-management-4db":{"__comp":"17896441","content":"8f4aa84e"},"/service-bridge/1.11.x/concepts/tsb-and-istio-2cc":{"__comp":"17896441","content":"12b65d0c"},"/service-bridge/1.11.x/design-guides/-5b9":{"__comp":"17896441","content":"a5da99af"},"/service-bridge/1.11.x/design-guides/app-onboarding/-3d2":{"__comp":"17896441","content":"9badbe83"},"/service-bridge/1.11.x/design-guides/app-onboarding/cross-cluster-b4c":{"__comp":"17896441","content":"9b330820"},"/service-bridge/1.11.x/design-guides/app-onboarding/deploy-service-651":{"__comp":"17896441","content":"7e101620"},"/service-bridge/1.11.x/design-guides/app-onboarding/gateway-security-268":{"__comp":"17896441","content":"81e5b11b"},"/service-bridge/1.11.x/design-guides/app-onboarding/high-availability-5c4":{"__comp":"17896441","content":"8723b8d7"},"/service-bridge/1.11.x/design-guides/app-onboarding/introduction-ed2":{"__comp":"17896441","content":"3703d592"},"/service-bridge/1.11.x/design-guides/app-onboarding/monitor-b56":{"__comp":"17896441","content":"108f9807"},"/service-bridge/1.11.x/design-guides/app-onboarding/prepare-7cd":{"__comp":"17896441","content":"2e3db203"},"/service-bridge/1.11.x/design-guides/app-onboarding/promote-service-b06":{"__comp":"17896441","content":"e1dde5c3"},"/service-bridge/1.11.x/design-guides/app-onboarding/security-8e5":{"__comp":"17896441","content":"cf62017f"},"/service-bridge/1.11.x/design-guides/ha-dr-mp/-c73":{"__comp":"17896441","content":"01613ec2"},"/service-bridge/1.11.x/design-guides/ha-dr-mp/dr-managementplane-110":{"__comp":"17896441","content":"aa1bca83"},"/service-bridge/1.11.x/design-guides/ha-dr-mp/ha-managementplane-577":{"__comp":"17896441","content":"594c160d"},"/service-bridge/1.11.x/design-guides/ha-dr-mp/introduction-fc6":{"__comp":"17896441","content":"9a1be958"},"/service-bridge/1.11.x/design-guides/ha-dr-mp/scenarios-146":{"__comp":"17896441","content":"afbb25f5"},"/service-bridge/1.11.x/design-guides/ha-multicluster/-895":{"__comp":"17896441","content":"c9abc82f"},"/service-bridge/1.11.x/design-guides/ha-multicluster/cluster-failover-00a":{"__comp":"17896441","content":"a3a45df9"},"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-1-320":{"__comp":"17896441","content":"a8ddebf8"},"/service-bridge/1.11.x/design-guides/ha-multicluster/demo-2-e5e":{"__comp":"17896441","content":"d1fdeccb"},"/service-bridge/1.11.x/design-guides/ha-multicluster/edge-failover-0ff":{"__comp":"17896441","content":"963e25e6"},"/service-bridge/1.11.x/design-guides/ha-multicluster/introduction-897":{"__comp":"17896441","content":"dc13454d"},"/service-bridge/1.11.x/design-guides/ha-multicluster/operations-246":{"__comp":"17896441","content":"b8e1b90a"},"/service-bridge/1.11.x/howto-017":{"__comp":"14eb3368","__props":"ccdbc072"},"/service-bridge/1.11.x/howto/authorization/-d69":{"__comp":"17896441","content":"2b6733f9"},"/service-bridge/1.11.x/howto/authorization/ingress-gateway-855":{"__comp":"17896441","content":"0d825633"},"/service-bridge/1.11.x/howto/authorization/sidecar-135":{"__comp":"17896441","content":"42a189b1"},"/service-bridge/1.11.x/howto/authorization/tier1-gateway-4e3":{"__comp":"17896441","content":"4877b4db"},"/service-bridge/1.11.x/howto/authorization/tls-verification-8ae":{"__comp":"17896441","content":"a73dfbf6"},"/service-bridge/1.11.x/howto/gateway-f78":{"__comp":"14eb3368","__props":"db6b0a50"},"/service-bridge/1.11.x/howto/gateway/app-ingress-d61":{"__comp":"17896441","content":"7e2b09d3"},"/service-bridge/1.11.x/howto/gateway/application-gateway-with-openapi-annotations-9dc":{"__comp":"17896441","content":"009ee07d"},"/service-bridge/1.11.x/howto/gateway/configure-and-route-nonhttp-traffic-c2a":{"__comp":"17896441","content":"589ca6ac"},"/service-bridge/1.11.x/howto/gateway/configure-oidc-aa0":{"__comp":"17896441","content":"ae1f8bca"},"/service-bridge/1.11.x/howto/gateway/distributed-ingress-84c":{"__comp":"17896441","content":"eedb33f2"},"/service-bridge/1.11.x/howto/gateway/end-user-auth-keycloak-539":{"__comp":"17896441","content":"21c76ad1"},"/service-bridge/1.11.x/howto/gateway/host-based-egress-access-control-af4":{"__comp":"17896441","content":"793483b5"},"/service-bridge/1.11.x/howto/gateway/https-with-proxy-protocol-7a0":{"__comp":"17896441","content":"f8cb6a2a"},"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-failover-priority-1de":{"__comp":"17896441","content":"1416ad94"},"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-7c6":{"__comp":"17896441","content":"dbec3712"},"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-f5b":{"__comp":"17896441","content":"48944ffd"},"/service-bridge/1.11.x/howto/gateway/multi-cluster-traffic-shifting-6e5":{"__comp":"17896441","content":"efd8af76"},"/service-bridge/1.11.x/howto/gateway/service-identity-propagation-c90":{"__comp":"17896441","content":"d90f7fb3"},"/service-bridge/1.11.x/howto/gateway/shared-ingress-ee0":{"__comp":"17896441","content":"8952d233"},"/service-bridge/1.11.x/howto/gateway/subset-based-routing-using-igw-and-service-route-c11":{"__comp":"17896441","content":"9b69830b"},"/service-bridge/1.11.x/howto/gateway/unified-gateway-a68":{"__comp":"17896441","content":"79a4b6ad"},"/service-bridge/1.11.x/howto/gateway/unified-gateway-upgrade-8fc":{"__comp":"17896441","content":"1c02b456"},"/service-bridge/1.11.x/howto/gitops-0d4":{"__comp":"14eb3368","__props":"ab33ef40"},"/service-bridge/1.11.x/howto/gitops/argo-rollouts-e41":{"__comp":"17896441","content":"4394a411"},"/service-bridge/1.11.x/howto/gitops/clusterrole-3ed":{"__comp":"17896441","content":"ba7ee1f8"},"/service-bridge/1.11.x/howto/gitops/flagger-954":{"__comp":"17896441","content":"d4f45549"},"/service-bridge/1.11.x/howto/gitops/flux-0c2":{"__comp":"17896441","content":"edae6e3d"},"/service-bridge/1.11.x/howto/gitops/gitops-ce6":{"__comp":"17896441","content":"aec23212"},"/service-bridge/1.11.x/howto/hpa-using-skywalking-dc5":{"__comp":"17896441","content":"9e0d9dc1"},"/service-bridge/1.11.x/howto/network-policies-d21":{"__comp":"17896441","content":"f2c546e8"},"/service-bridge/1.11.x/howto/promql-using-skywalking-02a":{"__comp":"17896441","content":"7fc3953e"},"/service-bridge/1.11.x/howto/rate-limiting/-ac1":{"__comp":"17896441","content":"7b0aeab2"},"/service-bridge/1.11.x/howto/rate-limiting/external-rate-limiting-edd":{"__comp":"17896441","content":"9aed56d0"},"/service-bridge/1.11.x/howto/rate-limiting/ingress-gateway-2a5":{"__comp":"17896441","content":"acfee351"},"/service-bridge/1.11.x/howto/rate-limiting/internal-rate-limiting-01b":{"__comp":"17896441","content":"e047ae28"},"/service-bridge/1.11.x/howto/rate-limiting/service-to-service-eb3":{"__comp":"17896441","content":"fc90a4d1"},"/service-bridge/1.11.x/howto/rate-limiting/tier1-gateway-c61":{"__comp":"17896441","content":"c9834781"},"/service-bridge/1.11.x/howto/rate-limiting/tls-validation-bf7":{"__comp":"17896441","content":"0092ac1d"},"/service-bridge/1.11.x/howto/security-domains-aa2":{"__comp":"17896441","content":"a5bf0f01"},"/service-bridge/1.11.x/howto/service-accounts-9c6":{"__comp":"17896441","content":"7cad2863"},"/service-bridge/1.11.x/howto/traffic-9c1":{"__comp":"14eb3368","__props":"d02b7a1c"},"/service-bridge/1.11.x/howto/traffic/canary-releases-911":{"__comp":"17896441","content":"1e7e0969"},"/service-bridge/1.11.x/howto/traffic/configure-multi-port-service-route-d20":{"__comp":"17896441","content":"dcb15fcf"},"/service-bridge/1.11.x/howto/traffic/gateway-mtls-839":{"__comp":"17896441","content":"cb078388"},"/service-bridge/1.11.x/howto/traffic/load-balance-ab9":{"__comp":"17896441","content":"f2338e6f"},"/service-bridge/1.11.x/howto/traffic/migrating-VM-monoliths-7f9":{"__comp":"17896441","content":"bdf50799"},"/service-bridge/1.11.x/howto/traffic/splitting-service-traffic-between-k8s-vms-19c":{"__comp":"17896441","content":"81eaa9b5"},"/service-bridge/1.11.x/howto/waf-4e9":{"__comp":"17896441","content":"2c00c0a5"},"/service-bridge/1.11.x/howto/wasm-4e4":{"__comp":"14eb3368","__props":"4e961591"},"/service-bridge/1.11.x/howto/wasm/wasm-extension-919":{"__comp":"17896441","content":"72c1cc06"},"/service-bridge/1.11.x/howto/wasm/wasm-overview-782":{"__comp":"17896441","content":"94dba2b5"},"/service-bridge/1.11.x/howto/wasm/wasm-proxy-c6d":{"__comp":"17896441","content":"feb3c5a7"},"/service-bridge/1.11.x/howto/wasm/wasm-try-627":{"__comp":"17896441","content":"1b2f5fe1"},"/service-bridge/1.11.x/knowledge-base-755":{"__comp":"14eb3368","__props":"3fd695fb"},"/service-bridge/1.11.x/knowledge-base/faq-039":{"__comp":"17896441","content":"6951a79e"},"/service-bridge/1.11.x/knowledge-base/gitops-4ee":{"__comp":"17896441","content":"6baf3922"},"/service-bridge/1.11.x/operations-43e":{"__comp":"14eb3368","__props":"f93556f1"},"/service-bridge/1.11.x/operations/configuration-promotion-ade":{"__comp":"17896441","content":"20ea2cde"},"/service-bridge/1.11.x/operations/configure-log-levels-b42":{"__comp":"17896441","content":"651fa6b2"},"/service-bridge/1.11.x/operations/elasticsearch-c4d":{"__comp":"14eb3368","__props":"ad9c559c"},"/service-bridge/1.11.x/operations/elasticsearch/elasticsearch-role-fb0":{"__comp":"17896441","content":"d22913ee"},"/service-bridge/1.11.x/operations/elasticsearch/wipe-elastic-a0e":{"__comp":"17896441","content":"d14981af"},"/service-bridge/1.11.x/operations/features-a15":{"__comp":"14eb3368","__props":"7544b9db"},"/service-bridge/1.11.x/operations/features/configure-cluster-external-addresses-e2f":{"__comp":"17896441","content":"efe044f9"},"/service-bridge/1.11.x/operations/features/configure-gitops-827":{"__comp":"17896441","content":"ede0c591"},"/service-bridge/1.11.x/operations/features/deletion-protection-5b3":{"__comp":"17896441","content":"50ee9227"},"/service-bridge/1.11.x/operations/features/edge-dns-resolution-83b":{"__comp":"17896441","content":"b96ff29e"},"/service-bridge/1.11.x/operations/features/enable-config-protection-6f1":{"__comp":"17896441","content":"46aad18b"},"/service-bridge/1.11.x/operations/features/gateway-deletion-webhook-6a5":{"__comp":"17896441","content":"9048c047"},"/service-bridge/1.11.x/operations/features/internal-wasm-extensions-b35":{"__comp":"17896441","content":"8c70af23"},"/service-bridge/1.11.x/operations/features/istio-cni-534":{"__comp":"17896441","content":"1d0af4bb"},"/service-bridge/1.11.x/operations/features/label-annotation-d11":{"__comp":"17896441","content":"bd6a22ad"},"/service-bridge/1.11.x/operations/features/streaming-log-a9c":{"__comp":"17896441","content":"5e7a1fa7"},"/service-bridge/1.11.x/operations/features/tier1-in-app-cluster-d7a":{"__comp":"17896441","content":"eeb8a282"},"/service-bridge/1.11.x/operations/features/tls-origin-multi-cluster-0dd":{"__comp":"17896441","content":"675b1f19"},"/service-bridge/1.11.x/operations/graceful-connection-drain-848":{"__comp":"17896441","content":"e7746bb9"},"/service-bridge/1.11.x/operations/kube-customization-5e0":{"__comp":"17896441","content":"993e59bd"},"/service-bridge/1.11.x/operations/lower-istio-resources-3b7":{"__comp":"17896441","content":"58a2cfaa"},"/service-bridge/1.11.x/operations/migrate-organization-f98":{"__comp":"17896441","content":"1c39473a"},"/service-bridge/1.11.x/operations/multiple-iam-keys-5e0":{"__comp":"17896441","content":"befbb03d"},"/service-bridge/1.11.x/operations/postgresql-217":{"__comp":"14eb3368","__props":"b4febb53"},"/service-bridge/1.11.x/operations/postgresql/auditlog-retention-8d4":{"__comp":"17896441","content":"9498321c"},"/service-bridge/1.11.x/operations/postgresql/azure-credentials-18b":{"__comp":"17896441","content":"b336a979"},"/service-bridge/1.11.x/operations/postgresql/backup-and-restore-6f7":{"__comp":"17896441","content":"fcf87732"},"/service-bridge/1.11.x/operations/postgresql/managing-kubegres-21a":{"__comp":"17896441","content":"6669959b"},"/service-bridge/1.11.x/operations/telemetry-5ea":{"__comp":"14eb3368","__props":"195270d3"},"/service-bridge/1.11.x/operations/telemetry/alerting-guidelines-aee":{"__comp":"17896441","content":"114cb4da"},"/service-bridge/1.11.x/operations/telemetry/distributed-tracing-356":{"__comp":"17896441","content":"addfb80b"},"/service-bridge/1.11.x/operations/telemetry/key-metrics-24b":{"__comp":"17896441","content":"00f538b0"},"/service-bridge/1.11.x/operations/telemetry/new-relic-5a7":{"__comp":"17896441","content":"1b72fa0e"},"/service-bridge/1.11.x/operations/telemetry/red-metrics-1ba":{"__comp":"17896441","content":"3c7bfdb8"},"/service-bridge/1.11.x/operations/telemetry/telemetry-architecture-1ed":{"__comp":"17896441","content":"11681276"},"/service-bridge/1.11.x/operations/users-b1c":{"__comp":"14eb3368","__props":"5439758e"},"/service-bridge/1.11.x/operations/users/admin-password-006":{"__comp":"17896441","content":"078f62dd"},"/service-bridge/1.11.x/operations/users/configuring-ldap-087":{"__comp":"17896441","content":"173af852"},"/service-bridge/1.11.x/operations/users/new-user-local-idp-9bd":{"__comp":"17896441","content":"2df13ed5"},"/service-bridge/1.11.x/operations/users/oidc-azure-a74":{"__comp":"17896441","content":"66545429"},"/service-bridge/1.11.x/operations/users/tsb-fqns-41a":{"__comp":"17896441","content":"66b66e24"},"/service-bridge/1.11.x/operations/users/user-synchronization-b07":{"__comp":"17896441","content":"9e07d621"},"/service-bridge/1.11.x/operations/users/users-roles-and-permissions-5cf":{"__comp":"17896441","content":"af387f4e"},"/service-bridge/1.11.x/operations/vault-89e":{"__comp":"14eb3368","__props":"a3e4afe5"},"/service-bridge/1.11.x/operations/vault/elasticsearch-1b8":{"__comp":"17896441","content":"1c42f91f"},"/service-bridge/1.11.x/operations/vault/istiod-ca-82f":{"__comp":"17896441","content":"80b635eb"},"/service-bridge/1.11.x/operations/vault/postgresql-daa":{"__comp":"17896441","content":"be3ac5c2"},"/service-bridge/1.11.x/quickstart-502":{"__comp":"14eb3368","__props":"2f7eaa32"},"/service-bridge/1.11.x/quickstart/apps-9d6":{"__comp":"17896441","content":"0ce9ffda"},"/service-bridge/1.11.x/quickstart/config-groups-dff":{"__comp":"17896441","content":"fa9bf215"},"/service-bridge/1.11.x/quickstart/deploy-sample-app-4bd":{"__comp":"17896441","content":"acad3778"},"/service-bridge/1.11.x/quickstart/ingress-gateway-b68":{"__comp":"17896441","content":"536d87a2"},"/service-bridge/1.11.x/quickstart/introduction-c44":{"__comp":"17896441","content":"a7233098"},"/service-bridge/1.11.x/quickstart/observability-9fb":{"__comp":"17896441","content":"b1f89a6a"},"/service-bridge/1.11.x/quickstart/permissions-c07":{"__comp":"17896441","content":"d4419a67"},"/service-bridge/1.11.x/quickstart/security-696":{"__comp":"17896441","content":"da012ee7"},"/service-bridge/1.11.x/quickstart/tenant-241":{"__comp":"17896441","content":"7936c341"},"/service-bridge/1.11.x/quickstart/traffic-shifting-fdd":{"__comp":"17896441","content":"b4b5e4ee"},"/service-bridge/1.11.x/quickstart/workspace-c9c":{"__comp":"17896441","content":"9f746e0a"},"/service-bridge/1.11.x/reference-d5c":{"__comp":"14eb3368","__props":"dcdce063"},"/service-bridge/1.11.x/reference/cli-d7b":{"__comp":"14eb3368","__props":"747adb62"},"/service-bridge/1.11.x/reference/cli/guide/index-0cf":{"__comp":"17896441","content":"6f014316"},"/service-bridge/1.11.x/reference/cli/guide/toc-e49":{"__comp":"14eb3368","__props":"c3419cb2"},"/service-bridge/1.11.x/reference/cli/reference-f6c":{"__comp":"14eb3368","__props":"fea4b0e1"},"/service-bridge/1.11.x/reference/cli/reference/apply-2ba":{"__comp":"17896441","content":"32396d6f"},"/service-bridge/1.11.x/reference/cli/reference/audit-854":{"__comp":"17896441","content":"4343cac6"},"/service-bridge/1.11.x/reference/cli/reference/collect-56e":{"__comp":"17896441","content":"eeccbb81"},"/service-bridge/1.11.x/reference/cli/reference/completion-177":{"__comp":"17896441","content":"8300ef31"},"/service-bridge/1.11.x/reference/cli/reference/config-3da":{"__comp":"17896441","content":"3e0fdcf6"},"/service-bridge/1.11.x/reference/cli/reference/debug-937":{"__comp":"17896441","content":"ddf7ab7e"},"/service-bridge/1.11.x/reference/cli/reference/delete-d7a":{"__comp":"17896441","content":"95d80486"},"/service-bridge/1.11.x/reference/cli/reference/edit-55f":{"__comp":"17896441","content":"c760b61c"},"/service-bridge/1.11.x/reference/cli/reference/experimental-edf":{"__comp":"17896441","content":"340ca70d"},"/service-bridge/1.11.x/reference/cli/reference/get-289":{"__comp":"17896441","content":"9b3b7340"},"/service-bridge/1.11.x/reference/cli/reference/index-da0":{"__comp":"17896441","content":"71f0b7a9"},"/service-bridge/1.11.x/reference/cli/reference/install-598":{"__comp":"17896441","content":"e746aac2"},"/service-bridge/1.11.x/reference/cli/reference/login-958":{"__comp":"17896441","content":"f795f0ca"},"/service-bridge/1.11.x/reference/cli/reference/service-account-02b":{"__comp":"17896441","content":"1ca7772a"},"/service-bridge/1.11.x/reference/cli/reference/status-e81":{"__comp":"17896441","content":"53458270"},"/service-bridge/1.11.x/reference/cli/reference/ui-993":{"__comp":"17896441","content":"36239526"},"/service-bridge/1.11.x/reference/cli/reference/validate-b17":{"__comp":"17896441","content":"217fdbeb"},"/service-bridge/1.11.x/reference/cli/reference/version-aa2":{"__comp":"17896441","content":"2c9f848b"},"/service-bridge/1.11.x/reference/cli/reference/whoami-ee4":{"__comp":"17896441","content":"12b0412a"},"/service-bridge/1.11.x/reference/cli/reference/workload-entry-annotations-97b":{"__comp":"17896441","content":"80bfbbb3"},"/service-bridge/1.11.x/reference/grpc-api-800":{"__comp":"14eb3368","__props":"b18c057c"},"/service-bridge/1.11.x/reference/grpc-api/guide-23a":{"__comp":"17896441","content":"2aec3f7b"},"/service-bridge/1.11.x/reference/grpc-api/reference-932":{"__comp":"14eb3368","__props":"7d66849f"},"/service-bridge/1.11.x/reference/k8s-api-b9c":{"__comp":"14eb3368","__props":"08663da0"},"/service-bridge/1.11.x/reference/k8s-api/guide-8e1":{"__comp":"17896441","content":"bfcd28fd"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen-48c":{"__comp":"14eb3368","__props":"42116b28"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-065":{"__comp":"17896441","content":"3063aa5d"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-979":{"__comp":"17896441","content":"7bfb7dba"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-163":{"__comp":"17896441","content":"4b309bd5"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-d7a":{"__comp":"17896441","content":"685b1163"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io-b86":{"__comp":"17896441","content":"7c90557e"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-335":{"__comp":"17896441","content":"e76c804f"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-c61":{"__comp":"17896441","content":"59665531"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io-70e":{"__comp":"17896441","content":"9628fa5a"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-150":{"__comp":"17896441","content":"cdabf853"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api-5a6":{"__comp":"17896441","content":"c8e80e73"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-a01":{"__comp":"17896441","content":"1f894db7"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig-5a2":{"__comp":"17896441","content":"c4514079"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-a42":{"__comp":"17896441","content":"e34172b0"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-296":{"__comp":"17896441","content":"6f0fce1a"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-768":{"__comp":"17896441","content":"588c3ad4"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-e39":{"__comp":"17896441","content":"fad6e8d3"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-952":{"__comp":"17896441","content":"66768282"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-c65":{"__comp":"17896441","content":"5354a14f"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user-268":{"__comp":"17896441","content":"46cb5562"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-49a":{"__comp":"17896441","content":"ca61bfb6"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-e90":{"__comp":"17896441","content":"191fccf9"},"/service-bridge/1.11.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-8d4":{"__comp":"14eb3368","__props":"8ea138ff"},"/service-bridge/1.11.x/reference/operators-025":{"__comp":"14eb3368","__props":"755f8d91"},"/service-bridge/1.11.x/reference/rest-api/guide-561":{"__comp":"17896441","content":"d744e69c"},"/service-bridge/1.11.x/reference/samples-7fa":{"__comp":"14eb3368","__props":"b4c06aa7"},"/service-bridge/1.11.x/reference/samples/httpbin-358":{"__comp":"17896441","content":"a4a5b73d"},"/service-bridge/1.11.x/reference/samples/opa-5e1":{"__comp":"17896441","content":"64e5a08e"},"/service-bridge/1.11.x/reference/samples/sleep-service-a1b":{"__comp":"17896441","content":"5b6fbc45"},"/service-bridge/1.11.x/reference/workload-onboarding-637":{"__comp":"14eb3368","__props":"b8365aa7"},"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-agent-1b1":{"__comp":"14eb3368","__props":"94fa9a66"},"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-authorization-206":{"__comp":"14eb3368","__props":"ca8e32f6"},"/service-bridge/1.11.x/reference/workload-onboarding/onboarding-runtime-849":{"__comp":"14eb3368","__props":"68f94299"},"/service-bridge/1.11.x/reference/yaml-api-8d2":{"__comp":"14eb3368","__props":"dbd7050b"},"/service-bridge/1.11.x/reference/yaml-api/guide-4ee":{"__comp":"17896441","content":"301de5f4"},"/service-bridge/1.11.x/reference/yaml-api/reference-611":{"__comp":"14eb3368","__props":"02f42153"},"/service-bridge/1.11.x/refs/audit/v1/audit-18f":{"__comp":"17896441","content":"3b55a9a1"},"/service-bridge/1.11.x/refs/audit/v1/grpc-138":{"__comp":"14eb3368","__props":"f4f8bd1d"},"/service-bridge/1.11.x/refs/iam/v2/grpc-4ca":{"__comp":"14eb3368","__props":"d1c7759b"},"/service-bridge/1.11.x/refs/iam/v2/oauth_service-1da":{"__comp":"17896441","content":"e4a4f9a5"},"/service-bridge/1.11.x/refs/iam/v2/oidc_service-911":{"__comp":"17896441","content":"098b7f42"},"/service-bridge/1.11.x/refs/install-0e9":{"__comp":"14eb3368","__props":"77e3177f"},"/service-bridge/1.11.x/refs/install/common/common_config-0eb":{"__comp":"17896441","content":"f323dc46"},"/service-bridge/1.11.x/refs/install/controlplane/v1alpha1/spec-6fe":{"__comp":"17896441","content":"8e2c1457"},"/service-bridge/1.11.x/refs/install/dataplane/v1alpha1/spec-845":{"__comp":"17896441","content":"8c12b391"},"/service-bridge/1.11.x/refs/install/kubernetes/k8s-57d":{"__comp":"17896441","content":"8a5d8d57"},"/service-bridge/1.11.x/refs/install/managementplane/v1alpha1/spec-452":{"__comp":"17896441","content":"7ff5004f"},"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-e5c":{"__comp":"17896441","content":"da030864"},"/service-bridge/1.11.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-ad2":{"__comp":"17896441","content":"aae50a70"},"/service-bridge/1.11.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-f4c":{"__comp":"17896441","content":"c69640c2"},"/service-bridge/1.11.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-31b":{"__comp":"17896441","content":"417430c8"},"/service-bridge/1.11.x/refs/onboarding/config/authorization/v1alpha1/policy-69d":{"__comp":"17896441","content":"d7d60e42"},"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-ef6":{"__comp":"17896441","content":"d2f04c16"},"/service-bridge/1.11.x/refs/onboarding/config/install/v1alpha1/workload_configuration-fae":{"__comp":"17896441","content":"3dc15572"},"/service-bridge/1.11.x/refs/onboarding/config/runtime/v1alpha1/registration-319":{"__comp":"17896441","content":"b6f3e65a"},"/service-bridge/1.11.x/refs/onboarding/config/types/config/v1alpha1/transport_security-6b8":{"__comp":"17896441","content":"fceb3b84"},"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/condition-a61":{"__comp":"17896441","content":"9494ac40"},"/service-bridge/1.11.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-6eb":{"__comp":"17896441","content":"e787f301"},"/service-bridge/1.11.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-a1a":{"__comp":"17896441","content":"043dbd53"},"/service-bridge/1.11.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-7bc":{"__comp":"17896441","content":"12a4fd3a"},"/service-bridge/1.11.x/refs/onboarding/config/types/identity/v1alpha1/identity-d71":{"__comp":"17896441","content":"79c5c720"},"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-7a6":{"__comp":"17896441","content":"af47e6a0"},"/service-bridge/1.11.x/refs/onboarding/config/types/registration/v1alpha1/registration-09d":{"__comp":"17896441","content":"faa3783f"},"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin-a48":{"__comp":"17896441","content":"e4861b48"},"/service-bridge/1.11.x/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin-57f":{"__comp":"17896441","content":"29b449a2"},"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service-755":{"__comp":"17896441","content":"f633398e"},"/service-bridge/1.11.x/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service-353":{"__comp":"17896441","content":"fc2eb075"},"/service-bridge/1.11.x/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration-4c5":{"__comp":"17896441","content":"31d54499"},"/service-bridge/1.11.x/refs/onboarding/private/component/plane/generator/v1alpha1/version-076":{"__comp":"17896441","content":"da807d9e"},"/service-bridge/1.11.x/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token-aaa":{"__comp":"17896441","content":"f5980880"},"/service-bridge/1.11.x/refs/onboarding/private/install/v1alpha1/spec-2d4":{"__comp":"17896441","content":"0e0571f9"},"/service-bridge/1.11.x/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service-f07":{"__comp":"17896441","content":"5716d7f3"},"/service-bridge/1.11.x/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service-7bb":{"__comp":"17896441","content":"2fb70b18"},"/service-bridge/1.11.x/refs/onboarding/private/protocol/registration/v1alpha1/registration_service-c51":{"__comp":"17896441","content":"de5a3d82"},"/service-bridge/1.11.x/refs/onboarding/private/protocol/session/v1alpha1/session_service-4da":{"__comp":"17896441","content":"cc2929f9"},"/service-bridge/1.11.x/refs/onboarding/private/types/config/v1alpha1/transport_security-4c2":{"__comp":"17896441","content":"5929f4c5"},"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/ec2-531":{"__comp":"17896441","content":"9a5e11ad"},"/service-bridge/1.11.x/refs/onboarding/private/types/credential/aws/v1alpha1/sts-999":{"__comp":"17896441","content":"2db27eaf"},"/service-bridge/1.11.x/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt-116":{"__comp":"17896441","content":"c340f527"},"/service-bridge/1.11.x/refs/onboarding/private/types/discovery/v1alpha1/discovery-651":{"__comp":"17896441","content":"61a559a2"},"/service-bridge/1.11.x/refs/onboarding/private/types/sidecar/v1alpha1/configuration-f37":{"__comp":"17896441","content":"a876b667"},"/service-bridge/1.11.x/refs/private/iam/v1/iam-2d1":{"__comp":"17896441","content":"3782191b"},"/service-bridge/1.11.x/refs/test/v1/echo-d8f":{"__comp":"17896441","content":"674a83dc"},"/service-bridge/1.11.x/refs/tsb/application/v2/api-9a8":{"__comp":"17896441","content":"89c607c5"},"/service-bridge/1.11.x/refs/tsb/application/v2/application-fe0":{"__comp":"17896441","content":"4d2458f6"},"/service-bridge/1.11.x/refs/tsb/application/v2/application_service-f61":{"__comp":"17896441","content":"ce544900"},"/service-bridge/1.11.x/refs/tsb/application/v2/grpc-9cd":{"__comp":"14eb3368","__props":"fdabb9b3"},"/service-bridge/1.11.x/refs/tsb/application/v2/openapi_extensions-df3":{"__comp":"17896441","content":"c8775dc7"},"/service-bridge/1.11.x/refs/tsb/application/v2/yaml-a01":{"__comp":"14eb3368","__props":"181288a3"},"/service-bridge/1.11.x/refs/tsb/auth/v2/auth-bee":{"__comp":"17896441","content":"06f62641"},"/service-bridge/1.11.x/refs/tsb/auth/v2/yaml-182":{"__comp":"14eb3368","__props":"3bff7e68"},"/service-bridge/1.11.x/refs/tsb/dashboard/v1/dashboard_service-421":{"__comp":"17896441","content":"2f8fe8a8"},"/service-bridge/1.11.x/refs/tsb/dashboard/v1/grpc-761":{"__comp":"14eb3368","__props":"59f6972d"},"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/diagnostic_service-e54":{"__comp":"17896441","content":"d1b6192c"},"/service-bridge/1.11.x/refs/tsb/diagnostic/v2/grpc-ed5":{"__comp":"14eb3368","__props":"01d7d7a8"},"/service-bridge/1.11.x/refs/tsb/extension/v2/grpc-df7":{"__comp":"14eb3368","__props":"8bc203b7"},"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_extension-ce9":{"__comp":"17896441","content":"198abadc"},"/service-bridge/1.11.x/refs/tsb/extension/v2/wasm_service-31b":{"__comp":"17896441","content":"96fc625a"},"/service-bridge/1.11.x/refs/tsb/extension/v2/yaml-991":{"__comp":"14eb3368","__props":"452fd953"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/auth-b7e":{"__comp":"17896441","content":"5dd7eb28"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/eastwest_gateway-aed":{"__comp":"17896441","content":"aad2363e"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/egress_gateway-9e3":{"__comp":"17896441","content":"f8305ddb"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway-751":{"__comp":"17896441","content":"545e1775"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_common-86f":{"__comp":"17896441","content":"dc791139"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_group-9f9":{"__comp":"17896441","content":"b301719a"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/gateway_service-878":{"__comp":"17896441","content":"b092a602"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/grpc-e21":{"__comp":"14eb3368","__props":"58074315"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/ingress_gateway-ec0":{"__comp":"17896441","content":"0c17511e"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/istio_gateway_direct-f43":{"__comp":"17896441","content":"4992a5cb"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/tier1_gateway-9a9":{"__comp":"17896441","content":"3d33e61c"},"/service-bridge/1.11.x/refs/tsb/gateway/v2/yaml-662":{"__comp":"14eb3368","__props":"5f75e25a"},"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/grpc-f43":{"__comp":"14eb3368","__props":"df4efaac"},"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_internal_group-dc6":{"__comp":"17896441","content":"37682e02"},"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-e9e":{"__comp":"17896441","content":"ca958aa1"},"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/istiointernal_service-f86":{"__comp":"17896441","content":"543fbd32"},"/service-bridge/1.11.x/refs/tsb/istiointernal/v2/yaml-f14":{"__comp":"14eb3368","__props":"bd8bbd55"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/grpc-d97":{"__comp":"14eb3368","__props":"3cb61e9e"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric-684":{"__comp":"17896441","content":"acc169fb"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/metric_service-021":{"__comp":"17896441","content":"befddaaa"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source-c11":{"__comp":"17896441","content":"345ac292"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/source_service-4d0":{"__comp":"17896441","content":"ca3722a6"},"/service-bridge/1.11.x/refs/tsb/observability/telemetry/v2/yaml-106":{"__comp":"14eb3368","__props":"7ea6cd4d"},"/service-bridge/1.11.x/refs/tsb/profile/v2/grpc-6a2":{"__comp":"14eb3368","__props":"294d1b94"},"/service-bridge/1.11.x/refs/tsb/profile/v2/profile-d49":{"__comp":"17896441","content":"fec0e412"},"/service-bridge/1.11.x/refs/tsb/profile/v2/profile_service-fe7":{"__comp":"17896441","content":"196cd056"},"/service-bridge/1.11.x/refs/tsb/profile/v2/yaml-a25":{"__comp":"14eb3368","__props":"b1f41a54"},"/service-bridge/1.11.x/refs/tsb/q/v2/approvals_service-c62":{"__comp":"17896441","content":"d5656167"},"/service-bridge/1.11.x/refs/tsb/q/v2/grpc-e97":{"__comp":"14eb3368","__props":"1d27d9f6"},"/service-bridge/1.11.x/refs/tsb/q/v2/permissions_service-2a4":{"__comp":"17896441","content":"9525a659"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/access_bindings-ed4":{"__comp":"17896441","content":"4e828270"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/api_access_bindings-83e":{"__comp":"17896441","content":"4cf33db0"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/application_access_bindings-b23":{"__comp":"17896441","content":"da9d0e11"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/binding-aeb":{"__comp":"17896441","content":"1193a2b5"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/gateway_access_bindings-61d":{"__comp":"17896441","content":"a679147a"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/grpc-dbf":{"__comp":"14eb3368","__props":"d87ff565"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/istio_internal_access_bindings-5e8":{"__comp":"17896441","content":"89d4846c"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/organization_access_bindings-d56":{"__comp":"17896441","content":"4bb51381"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/permissions-59a":{"__comp":"17896441","content":"27fd734b"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/policy_service-9c8":{"__comp":"17896441","content":"6cbfe36e"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/role-d3d":{"__comp":"17896441","content":"cb4cf4f1"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/role_service-53c":{"__comp":"17896441","content":"9e536da4"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/security_access_bindings-147":{"__comp":"17896441","content":"fbe2338b"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/tenant_access_bindings-23c":{"__comp":"17896441","content":"e460d660"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/traffic_access_bindings-717":{"__comp":"17896441","content":"3130253e"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/workspace_access_bindings-232":{"__comp":"17896441","content":"942da6e9"},"/service-bridge/1.11.x/refs/tsb/rbac/v2/yaml-dde":{"__comp":"14eb3368","__props":"e88c8b34"},"/service-bridge/1.11.x/refs/tsb/registry/v2/grpc-422":{"__comp":"14eb3368","__props":"da280135"},"/service-bridge/1.11.x/refs/tsb/registry/v2/lookup_service-652":{"__comp":"17896441","content":"84465a3c"},"/service-bridge/1.11.x/refs/tsb/registry/v2/registration_service-a6a":{"__comp":"17896441","content":"5f0be268"},"/service-bridge/1.11.x/refs/tsb/registry/v2/service-a17":{"__comp":"17896441","content":"4abaf2ab"},"/service-bridge/1.11.x/refs/tsb/registry/v2/yaml-832":{"__comp":"14eb3368","__props":"148c779f"},"/service-bridge/1.11.x/refs/tsb/security/v2/grpc-7ae":{"__comp":"14eb3368","__props":"85e0d835"},"/service-bridge/1.11.x/refs/tsb/security/v2/istio_security_direct-e22":{"__comp":"17896441","content":"ea5d3f20"},"/service-bridge/1.11.x/refs/tsb/security/v2/security_group-4cd":{"__comp":"17896441","content":"959f5681"},"/service-bridge/1.11.x/refs/tsb/security/v2/security_service-570":{"__comp":"17896441","content":"4ab6ba49"},"/service-bridge/1.11.x/refs/tsb/security/v2/security_setting-2bc":{"__comp":"17896441","content":"f58604cb"},"/service-bridge/1.11.x/refs/tsb/security/v2/service_security_setting-a6d":{"__comp":"17896441","content":"a5edf3d6"},"/service-bridge/1.11.x/refs/tsb/security/v2/waf_settings-053":{"__comp":"17896441","content":"91188c53"},"/service-bridge/1.11.x/refs/tsb/security/v2/yaml-201":{"__comp":"14eb3368","__props":"41a71775"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/grpc-dbb":{"__comp":"14eb3368","__props":"ecb2b90b"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/membership-b47":{"__comp":"17896441","content":"48917fe9"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/policy-9cb":{"__comp":"17896441","content":"1fd4ec3b"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/rules-86a":{"__comp":"17896441","content":"5b88bf21"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/service-2d2":{"__comp":"17896441","content":"106d7bf7"},"/service-bridge/1.11.x/refs/tsb/segmentation/v1/yaml-a5f":{"__comp":"14eb3368","__props":"9befd231"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/grpc-385":{"__comp":"14eb3368","__props":"e2e0c593"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/istio_traffic_direct-8b1":{"__comp":"17896441","content":"d2d95c70"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_route-15f":{"__comp":"17896441","content":"3f6b853d"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/service_traffic_setting-60b":{"__comp":"17896441","content":"108e946b"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_group-fb9":{"__comp":"17896441","content":"96d9a1e1"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_service-512":{"__comp":"17896441","content":"908465f4"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/traffic_setting-c50":{"__comp":"17896441","content":"06f75a41"},"/service-bridge/1.11.x/refs/tsb/traffic/v2/yaml-8ff":{"__comp":"14eb3368","__props":"90ea6eab"},"/service-bridge/1.11.x/refs/tsb/types/v2/types-726":{"__comp":"17896441","content":"9f2c12d9"},"/service-bridge/1.11.x/refs/tsb/types/v2/yaml-6f2":{"__comp":"14eb3368","__props":"0673ef3a"},"/service-bridge/1.11.x/refs/tsb/v2/cluster-f91":{"__comp":"17896441","content":"15ccf5bb"},"/service-bridge/1.11.x/refs/tsb/v2/cluster_service-b2c":{"__comp":"17896441","content":"d6cf3814"},"/service-bridge/1.11.x/refs/tsb/v2/grpc-0bc":{"__comp":"14eb3368","__props":"c47ac74c"},"/service-bridge/1.11.x/refs/tsb/v2/info-f07":{"__comp":"17896441","content":"9c0570cf"},"/service-bridge/1.11.x/refs/tsb/v2/organization-662":{"__comp":"17896441","content":"6e89addd"},"/service-bridge/1.11.x/refs/tsb/v2/organization_service-ffb":{"__comp":"17896441","content":"6ee73fa2"},"/service-bridge/1.11.x/refs/tsb/v2/organization_setting-35c":{"__comp":"17896441","content":"aa482c38"},"/service-bridge/1.11.x/refs/tsb/v2/status-b8b":{"__comp":"17896441","content":"d0a55d92"},"/service-bridge/1.11.x/refs/tsb/v2/status_service-be6":{"__comp":"17896441","content":"2c99069d"},"/service-bridge/1.11.x/refs/tsb/v2/team-61e":{"__comp":"17896441","content":"1ba1e400"},"/service-bridge/1.11.x/refs/tsb/v2/team_service-6b9":{"__comp":"17896441","content":"dca005eb"},"/service-bridge/1.11.x/refs/tsb/v2/tenant-393":{"__comp":"17896441","content":"81eff616"},"/service-bridge/1.11.x/refs/tsb/v2/tenant_service-8a2":{"__comp":"17896441","content":"e8f34999"},"/service-bridge/1.11.x/refs/tsb/v2/tenant_setting-835":{"__comp":"17896441","content":"281da8c0"},"/service-bridge/1.11.x/refs/tsb/v2/workspace-085":{"__comp":"17896441","content":"6cc5c6a8"},"/service-bridge/1.11.x/refs/tsb/v2/workspace_service-be8":{"__comp":"17896441","content":"40d45afb"},"/service-bridge/1.11.x/refs/tsb/v2/workspace_setting-738":{"__comp":"17896441","content":"5fac77c4"},"/service-bridge/1.11.x/refs/tsb/v2/yaml-a7e":{"__comp":"14eb3368","__props":"d11a012b"},"/service-bridge/1.11.x/release-notes-e72":{"__comp":"17896441","content":"9a9cd9fa"},"/service-bridge/1.11.x/release-notes-announcements-801":{"__comp":"14eb3368","__props":"42d74de6"},"/service-bridge/1.11.x/release-notes-announcements/announcement-5da":{"__comp":"17896441","content":"ed5fe0a6"},"/service-bridge/1.11.x/release-notes-announcements/feature-status-9bf":{"__comp":"17896441","content":"f66ce14b"},"/service-bridge/1.11.x/release-notes-announcements/support-policy-a36":{"__comp":"17896441","content":"8edc521c"},"/service-bridge/1.11.x/setup-38d":{"__comp":"14eb3368","__props":"65660780"},"/service-bridge/1.11.x/setup/aws-3f8":{"__comp":"14eb3368","__props":"f4736e7c"},"/service-bridge/1.11.x/setup/aws/container-marketplace-761":{"__comp":"17896441","content":"9ef73ae3"},"/service-bridge/1.11.x/setup/aws/vpc-92d":{"__comp":"17896441","content":"aa57e8cf"},"/service-bridge/1.11.x/setup/certificate-0e5":{"__comp":"14eb3368","__props":"4418571f"},"/service-bridge/1.11.x/setup/certificate/automated-certificate-management-57d":{"__comp":"17896441","content":"91908c7d"},"/service-bridge/1.11.x/setup/certificate/certificate-requirements-cb0":{"__comp":"17896441","content":"193d5f64"},"/service-bridge/1.11.x/setup/certificate/certificate-setup-f1a":{"__comp":"17896441","content":"4d8c7740"},"/service-bridge/1.11.x/setup/components-a5c":{"__comp":"17896441","content":"ad6d8156"},"/service-bridge/1.11.x/setup/fips-6aa":{"__comp":"17896441","content":"27044727"},"/service-bridge/1.11.x/setup/firewall-information-e8d":{"__comp":"17896441","content":"3a283b39"},"/service-bridge/1.11.x/setup/helm/-a8c":{"__comp":"17896441","content":"d4e480ee"},"/service-bridge/1.11.x/setup/helm/controlplane-ca2":{"__comp":"17896441","content":"e7412e61"},"/service-bridge/1.11.x/setup/helm/dataplane-603":{"__comp":"17896441","content":"a95a7615"},"/service-bridge/1.11.x/setup/helm/helm-a7e":{"__comp":"17896441","content":"1e01819b"},"/service-bridge/1.11.x/setup/helm/managementplane-982":{"__comp":"17896441","content":"11c8c2ef"},"/service-bridge/1.11.x/setup/helm/uninstallation-b1d":{"__comp":"17896441","content":"3b957cbd"},"/service-bridge/1.11.x/setup/helm/upgrade-c54":{"__comp":"17896441","content":"eb476177"},"/service-bridge/1.11.x/setup/isolation-boundaries-bb0":{"__comp":"17896441","content":"cfb9648f"},"/service-bridge/1.11.x/setup/isolation-boundaries-installation-235":{"__comp":"17896441","content":"e290b90f"},"/service-bridge/1.11.x/setup/migrate-tctl-to-helm-d64":{"__comp":"17896441","content":"e556e4dd"},"/service-bridge/1.11.x/setup/remote-registry-bba":{"__comp":"17896441","content":"100f1abf"},"/service-bridge/1.11.x/setup/requirements-and-download-9c0":{"__comp":"17896441","content":"50fc1440"},"/service-bridge/1.11.x/setup/resource-planning-39b":{"__comp":"17896441","content":"79302f39"},"/service-bridge/1.11.x/setup/security-context-d0f":{"__comp":"17896441","content":"0085247b"},"/service-bridge/1.11.x/setup/self-managed/-b2f":{"__comp":"17896441","content":"fc38f28b"},"/service-bridge/1.11.x/setup/self-managed/demo-installation-0a5":{"__comp":"17896441","content":"e23f8723"},"/service-bridge/1.11.x/setup/self-managed/management-plane-installation-31a":{"__comp":"17896441","content":"a86b828c"},"/service-bridge/1.11.x/setup/self-managed/onboarding-clusters-00a":{"__comp":"17896441","content":"a7073a5f"},"/service-bridge/1.11.x/setup/self-managed/uninstallation-737":{"__comp":"17896441","content":"af18ff88"},"/service-bridge/1.11.x/setup/self-managed/upgrade-b24":{"__comp":"17896441","content":"c516c7a5"},"/service-bridge/1.11.x/setup/tctl-connect-0b3":{"__comp":"17896441","content":"f4266b3b"},"/service-bridge/1.11.x/setup/upgrade-best-practices-ce6":{"__comp":"17896441","content":"2e879d97"},"/service-bridge/1.11.x/setup/upgrades-d86":{"__comp":"14eb3368","__props":"81f693dd"},"/service-bridge/1.11.x/setup/upgrades/cni-upgrade-c35":{"__comp":"17896441","content":"f078dc25"},"/service-bridge/1.11.x/setup/upgrades/gateway-upgrade-bb9":{"__comp":"17896441","content":"77186d5a"},"/service-bridge/1.11.x/setup/upgrades/non-revisioned-to-revisioned-839":{"__comp":"17896441","content":"735e4dce"},"/service-bridge/1.11.x/setup/upgrades/revisioned-to-revisioned-adc":{"__comp":"17896441","content":"a082c253"},"/service-bridge/1.11.x/setup/workload-onboarding-a36":{"__comp":"14eb3368","__props":"0e0fcd45"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/-3d7":{"__comp":"17896441","content":"d318bb70"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/ecs-workloads-fd4":{"__comp":"17896441","content":"034fad36"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/managing-c93":{"__comp":"17896441","content":"ee60ab41"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/on-premise-workloads-bfc":{"__comp":"17896441","content":"c0797ab1"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/onboarding-678":{"__comp":"17896441","content":"db887a09"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/overview-151":{"__comp":"17896441","content":"4c643375"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/setup-4f0":{"__comp":"17896441","content":"c9db70ee"},"/service-bridge/1.11.x/setup/workload-onboarding/guides/troubleshooting-5de":{"__comp":"17896441","content":"88d70657"},"/service-bridge/1.11.x/setup/workload-onboarding/onboarding-vms-c4c":{"__comp":"17896441","content":"7923927b"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart-cb7":{"__comp":"14eb3368","__props":"6c44a734"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/-976":{"__comp":"17896441","content":"bb227b79"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-fcf":{"__comp":"17896441","content":"5be34523"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-e56":{"__comp":"17896441","content":"96c87261"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-117":{"__comp":"17896441","content":"8c5b791c"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-0b7":{"__comp":"17896441","content":"d2973fca"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-7bb":{"__comp":"17896441","content":"8032e594"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-556":{"__comp":"17896441","content":"6a1e622e"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/-77e":{"__comp":"17896441","content":"5e7749be"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-0c4":{"__comp":"17896441","content":"a685a6aa"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-e2b":{"__comp":"17896441","content":"3956d451"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/-e58":{"__comp":"17896441","content":"61b767c3"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-698":{"__comp":"17896441","content":"8d16a7fc"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-573":{"__comp":"17896441","content":"9f58c96a"},"/service-bridge/1.11.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-e3e":{"__comp":"17896441","content":"e092888b"},"/service-bridge/1.11.x/troubleshooting-ada":{"__comp":"14eb3368","__props":"9b9dae45"},"/service-bridge/1.11.x/troubleshooting/cluster-onboarding-25d":{"__comp":"17896441","content":"80fd7407"},"/service-bridge/1.11.x/troubleshooting/configuration-status-1f6":{"__comp":"17896441","content":"bce361b6"},"/service-bridge/1.11.x/troubleshooting/gateway-troubleshooting-14b":{"__comp":"17896441","content":"bdb60fb3"},"/service-bridge/1.11.x/troubleshooting/identify-underperforming-services-09a":{"__comp":"17896441","content":"3b1850ee"},"/service-bridge/1.11.x/troubleshooting/Maximum-header-size-exceed-355":{"__comp":"17896441","content":"6015c9b7"},"/service-bridge/1.11.x/troubleshooting/Multiple-Transfer-encoding-chunked-264":{"__comp":"17896441","content":"4c917532"},"/service-bridge/1.11.x/troubleshooting/proxy-tools-309":{"__comp":"17896441","content":"84170483"},"/service-bridge/1.11.x/troubleshooting/troubleshooting-68d":{"__comp":"17896441","content":"aff01688"},"/service-bridge/1.11.x/troubleshooting/tsb-ui-metrics-27a":{"__comp":"17896441","content":"de426d2e"},"/service-bridge/1.11.x/workingwithsupport/workingWithTetrateSupport-8cd":{"__comp":"17896441","content":"49543ceb"},"/service-bridge/1.6.x-1fb":{"__comp":"a7bd4aaa","__props":"fb3df53b"},"/service-bridge/1.6.x/tags-a1c":{"__comp":"3720c009","__props":"16f2f0b7"},"/service-bridge/1.6.x/tags/featured-a02":{"__comp":"df203c0f","__props":"b440de91"},"/service-bridge/1.6.x/tags/tsb-concepts-dfc":{"__comp":"df203c0f","__props":"d9e21ad8"},"/service-bridge/1.6.x/tags/tsb-quickstart-3e0":{"__comp":"df203c0f","__props":"c16759db"},"/service-bridge/1.6.x-e30":{"__comp":"a94703ab"},"/service-bridge/1.6.x/-2fa":{"__comp":"17896441","content":"4d6d1765"},"/service-bridge/1.6.x/category/working-with-tetrate-customer-support-6d8":{"__comp":"14eb3368","__props":"c31ddccb"},"/service-bridge/1.6.x/cheatsheet/-96c":{"__comp":"17896441","content":"b306b991"},"/service-bridge/1.6.x/cheatsheet/sheets/gateways-management-f74":{"__comp":"17896441","content":"42427350"},"/service-bridge/1.6.x/cheatsheet/sheets/kubectl-c48":{"__comp":"17896441","content":"4034f149"},"/service-bridge/1.6.x/cheatsheet/sheets/security-management-8a1":{"__comp":"17896441","content":"2ac54dd8"},"/service-bridge/1.6.x/cheatsheet/sheets/tctl-a69":{"__comp":"17896441","content":"43a98178"},"/service-bridge/1.6.x/cheatsheet/sheets/traffic-management-2e5":{"__comp":"17896441","content":"d00ed9b6"},"/service-bridge/1.6.x/cheatsheet/sheets/tsb-concepts-cd7":{"__comp":"17896441","content":"2168be7d"},"/service-bridge/1.6.x/cheatsheet/sheets/tsb-quickstart-6c9":{"__comp":"17896441","content":"59c41352"},"/service-bridge/1.6.x/cheatsheet/sheets/tsb-terminology-bd8":{"__comp":"17896441","content":"99fc156c"},"/service-bridge/1.6.x/concepts/-75e":{"__comp":"17896441","content":"2c860962"},"/service-bridge/1.6.x/concepts/architecture-095":{"__comp":"17896441","content":"5c594383"},"/service-bridge/1.6.x/concepts/configuration-dataflow-ce9":{"__comp":"17896441","content":"59e4ff03"},"/service-bridge/1.6.x/concepts/observability-d47":{"__comp":"17896441","content":"3b624dc5"},"/service-bridge/1.6.x/concepts/operators/-915":{"__comp":"17896441","content":"a9638558"},"/service-bridge/1.6.x/concepts/operators/control-plane-67f":{"__comp":"17896441","content":"87c824f1"},"/service-bridge/1.6.x/concepts/operators/data-plane-2ed":{"__comp":"17896441","content":"737005c1"},"/service-bridge/1.6.x/concepts/operators/management-plane-a0f":{"__comp":"17896441","content":"e57d8e9b"},"/service-bridge/1.6.x/concepts/security-7d6":{"__comp":"17896441","content":"3276d00d"},"/service-bridge/1.6.x/concepts/service-mesh-f32":{"__comp":"17896441","content":"1fea56ee"},"/service-bridge/1.6.x/concepts/terminology-fae":{"__comp":"17896441","content":"5cb175e6"},"/service-bridge/1.6.x/concepts/traffic-management-aa2":{"__comp":"17896441","content":"80f32ba4"},"/service-bridge/1.6.x/design-guides/dr-mp-bd9":{"__comp":"14eb3368","__props":"17a1c818"},"/service-bridge/1.6.x/design-guides/dr-mp/dr-managementplane-973":{"__comp":"17896441","content":"a84b9bda"},"/service-bridge/1.6.x/howto-31f":{"__comp":"14eb3368","__props":"c276b345"},"/service-bridge/1.6.x/howto/authorization/-3c3":{"__comp":"17896441","content":"6ce142c9"},"/service-bridge/1.6.x/howto/authorization/ingress-gateway-118":{"__comp":"17896441","content":"896bbddf"},"/service-bridge/1.6.x/howto/authorization/sidecar-aa3":{"__comp":"17896441","content":"870a6555"},"/service-bridge/1.6.x/howto/authorization/tier1-gateway-2fd":{"__comp":"17896441","content":"16aa47de"},"/service-bridge/1.6.x/howto/authorization/tls-verification-239":{"__comp":"17896441","content":"eb865ee9"},"/service-bridge/1.6.x/howto/gateway-16d":{"__comp":"14eb3368","__props":"4f20881c"},"/service-bridge/1.6.x/howto/gateway/app-ingress-723":{"__comp":"17896441","content":"794da806"},"/service-bridge/1.6.x/howto/gateway/application-gateway-with-openapi-annotations-a45":{"__comp":"17896441","content":"c4223218"},"/service-bridge/1.6.x/howto/gateway/configure-and-route-nonhttp-traffic-a55":{"__comp":"17896441","content":"dc94b4f0"},"/service-bridge/1.6.x/howto/gateway/distributed-ingress-565":{"__comp":"17896441","content":"2a4ed34a"},"/service-bridge/1.6.x/howto/gateway/egress-gateways-b86":{"__comp":"17896441","content":"71166a01"},"/service-bridge/1.6.x/howto/gateway/end-user-auth-keycloak-cfe":{"__comp":"17896441","content":"d8604b5e"},"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-a92":{"__comp":"17896441","content":"7fd39f82"},"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-ac8":{"__comp":"17896441","content":"0d8e8d31"},"/service-bridge/1.6.x/howto/gateway/multi-cluster-traffic-shifting-c5f":{"__comp":"17896441","content":"73479fd2"},"/service-bridge/1.6.x/howto/gateway/service-identity-propagation-1fb":{"__comp":"17896441","content":"5e511d62"},"/service-bridge/1.6.x/howto/gateway/subset-based-routing-using-igw-and-service-route-ab9":{"__comp":"17896441","content":"1d9a309c"},"/service-bridge/1.6.x/howto/gitops-1a6":{"__comp":"14eb3368","__props":"96e24b23"},"/service-bridge/1.6.x/howto/gitops/argo-rollouts-810":{"__comp":"17896441","content":"9843d5dc"},"/service-bridge/1.6.x/howto/gitops/flux-b8f":{"__comp":"17896441","content":"6f39c603"},"/service-bridge/1.6.x/howto/gitops/gitops-742":{"__comp":"17896441","content":"c3ee4df9"},"/service-bridge/1.6.x/howto/hpa-using-skywalking-c8d":{"__comp":"17896441","content":"94277ecc"},"/service-bridge/1.6.x/howto/rate-limiting/-314":{"__comp":"17896441","content":"b6b47e11"},"/service-bridge/1.6.x/howto/rate-limiting/external-rate-limiting-026":{"__comp":"17896441","content":"a6120c64"},"/service-bridge/1.6.x/howto/rate-limiting/ingress-gateway-5ae":{"__comp":"17896441","content":"fccbc3fa"},"/service-bridge/1.6.x/howto/rate-limiting/internal-rate-limiting-25c":{"__comp":"17896441","content":"44b98fce"},"/service-bridge/1.6.x/howto/rate-limiting/service-to-service-df9":{"__comp":"17896441","content":"94a78a65"},"/service-bridge/1.6.x/howto/rate-limiting/tier1-gateway-a74":{"__comp":"17896441","content":"e182ac55"},"/service-bridge/1.6.x/howto/rate-limiting/tls-validation-fda":{"__comp":"17896441","content":"9fe782d3"},"/service-bridge/1.6.x/howto/security-domains-642":{"__comp":"17896441","content":"9529c683"},"/service-bridge/1.6.x/howto/service-accounts-0f2":{"__comp":"17896441","content":"39d43742"},"/service-bridge/1.6.x/howto/traffic-053":{"__comp":"14eb3368","__props":"62eabca5"},"/service-bridge/1.6.x/howto/traffic/canary-releases-85d":{"__comp":"17896441","content":"700afb95"},"/service-bridge/1.6.x/howto/traffic/configure-multi-port-service-route-dbc":{"__comp":"17896441","content":"1f4bc73f"},"/service-bridge/1.6.x/howto/traffic/external-site-https-b06":{"__comp":"17896441","content":"ba5aa166"},"/service-bridge/1.6.x/howto/traffic/load-balance-e86":{"__comp":"17896441","content":"3c34b7a8"},"/service-bridge/1.6.x/howto/traffic/migrating-VM-monoliths-60d":{"__comp":"17896441","content":"1ec47baa"},"/service-bridge/1.6.x/howto/traffic/splitting-service-traffic-between-k8s-vms-d3c":{"__comp":"17896441","content":"fd86b1cb"},"/service-bridge/1.6.x/howto/waf-c38":{"__comp":"17896441","content":"aa07f1bf"},"/service-bridge/1.6.x/howto/wasm-3dd":{"__comp":"14eb3368","__props":"63ac61e7"},"/service-bridge/1.6.x/howto/wasm/wasm-extension-cfe":{"__comp":"17896441","content":"bc9949ef"},"/service-bridge/1.6.x/howto/wasm/wasm-overview-2b7":{"__comp":"17896441","content":"314d5ccc"},"/service-bridge/1.6.x/howto/wasm/wasm-try-f68":{"__comp":"17896441","content":"fa37e374"},"/service-bridge/1.6.x/knowledge-base-0e6":{"__comp":"14eb3368","__props":"8b891a51"},"/service-bridge/1.6.x/knowledge-base/faq-63a":{"__comp":"17896441","content":"48c4a2dd"},"/service-bridge/1.6.x/knowledge-base/gitops-f9c":{"__comp":"17896441","content":"a99f0876"},"/service-bridge/1.6.x/operations-f7f":{"__comp":"14eb3368","__props":"ecd258e4"},"/service-bridge/1.6.x/operations/configuration-promotion-45a":{"__comp":"17896441","content":"aec1ec6f"},"/service-bridge/1.6.x/operations/configure-log-levels-e16":{"__comp":"17896441","content":"c5068571"},"/service-bridge/1.6.x/operations/elasticsearch-28e":{"__comp":"14eb3368","__props":"13c61485"},"/service-bridge/1.6.x/operations/elasticsearch/elasticsearch-role-b62":{"__comp":"17896441","content":"2817a4a8"},"/service-bridge/1.6.x/operations/elasticsearch/wipe-elastic-b56":{"__comp":"17896441","content":"a3a9c0f2"},"/service-bridge/1.6.x/operations/features-6ab":{"__comp":"14eb3368","__props":"c451d609"},"/service-bridge/1.6.x/operations/features/configure-cluster-external-addresses-4c1":{"__comp":"17896441","content":"9c840afa"},"/service-bridge/1.6.x/operations/features/configure-gitops-07d":{"__comp":"17896441","content":"43156df3"},"/service-bridge/1.6.x/operations/features/eastwest-routing-c7f":{"__comp":"17896441","content":"f22997f8"},"/service-bridge/1.6.x/operations/features/edge-dns-resolution-bd5":{"__comp":"17896441","content":"1df46177"},"/service-bridge/1.6.x/operations/features/enable-config-protection-e65":{"__comp":"17896441","content":"91fc39d0"},"/service-bridge/1.6.x/operations/features/gateway-deletion-webhook-7fb":{"__comp":"17896441","content":"0b351234"},"/service-bridge/1.6.x/operations/features/istio-cni-bed":{"__comp":"17896441","content":"f1be3f25"},"/service-bridge/1.6.x/operations/features/streaming-log-d61":{"__comp":"17896441","content":"f3b46062"},"/service-bridge/1.6.x/operations/features/tier1-in-app-cluster-d37":{"__comp":"17896441","content":"5bce3da2"},"/service-bridge/1.6.x/operations/graceful-connection-drain-cf1":{"__comp":"17896441","content":"d4e4039d"},"/service-bridge/1.6.x/operations/kube-customization-158":{"__comp":"17896441","content":"572056a2"},"/service-bridge/1.6.x/operations/lower-istio-resources-75d":{"__comp":"17896441","content":"f6f36037"},"/service-bridge/1.6.x/operations/migrate-organization-8db":{"__comp":"17896441","content":"9034d358"},"/service-bridge/1.6.x/operations/multiple-iam-keys-7c2":{"__comp":"17896441","content":"512f638b"},"/service-bridge/1.6.x/operations/postgresql-388":{"__comp":"17896441","content":"4a9c4f13"},"/service-bridge/1.6.x/operations/telemetry-96b":{"__comp":"14eb3368","__props":"80157e20"},"/service-bridge/1.6.x/operations/telemetry/alerting-guidelines-de2":{"__comp":"17896441","content":"1d302da8"},"/service-bridge/1.6.x/operations/telemetry/distributed-tracing-a46":{"__comp":"17896441","content":"a88f1cee"},"/service-bridge/1.6.x/operations/telemetry/key-metrics-e6c":{"__comp":"17896441","content":"54a4df95"},"/service-bridge/1.6.x/operations/telemetry/red-metrics-5c0":{"__comp":"17896441","content":"cda791b7"},"/service-bridge/1.6.x/operations/telemetry/telemetry-architecture-ec2":{"__comp":"17896441","content":"704cccd5"},"/service-bridge/1.6.x/operations/users-941":{"__comp":"14eb3368","__props":"0540dca3"},"/service-bridge/1.6.x/operations/users/admin-password-b7d":{"__comp":"17896441","content":"49dc1835"},"/service-bridge/1.6.x/operations/users/configuring-ldap-9ae":{"__comp":"17896441","content":"d4153d81"},"/service-bridge/1.6.x/operations/users/oidc-azure-a2f":{"__comp":"17896441","content":"a44418d6"},"/service-bridge/1.6.x/operations/users/roles-and-permissions-019":{"__comp":"17896441","content":"e20998bb"},"/service-bridge/1.6.x/operations/users/user-synchronization-354":{"__comp":"17896441","content":"7e243c5c"},"/service-bridge/1.6.x/operations/vault-749":{"__comp":"14eb3368","__props":"530c60be"},"/service-bridge/1.6.x/operations/vault/elasticsearch-095":{"__comp":"17896441","content":"8896a900"},"/service-bridge/1.6.x/operations/vault/istiod-ca-844":{"__comp":"17896441","content":"b428074a"},"/service-bridge/1.6.x/operations/vault/postgresql-cd9":{"__comp":"17896441","content":"726e0733"},"/service-bridge/1.6.x/operations/xcp-to-edge-jwt-authentication-d41":{"__comp":"17896441","content":"70829524"},"/service-bridge/1.6.x/quickstart-df3":{"__comp":"14eb3368","__props":"6bcfe992"},"/service-bridge/1.6.x/quickstart/apps-a4a":{"__comp":"17896441","content":"df314566"},"/service-bridge/1.6.x/quickstart/config-groups-57a":{"__comp":"17896441","content":"ec1de864"},"/service-bridge/1.6.x/quickstart/deploy-sample-app-c49":{"__comp":"17896441","content":"9ab3907d"},"/service-bridge/1.6.x/quickstart/ingress-gateway-a85":{"__comp":"17896441","content":"0be53d5f"},"/service-bridge/1.6.x/quickstart/introduction-968":{"__comp":"17896441","content":"91106efb"},"/service-bridge/1.6.x/quickstart/observability-ada":{"__comp":"17896441","content":"ae1805cf"},"/service-bridge/1.6.x/quickstart/permissions-9c5":{"__comp":"17896441","content":"21b9d9f0"},"/service-bridge/1.6.x/quickstart/security-7be":{"__comp":"17896441","content":"85e9cc3c"},"/service-bridge/1.6.x/quickstart/tenant-e8c":{"__comp":"17896441","content":"7be94b30"},"/service-bridge/1.6.x/quickstart/traffic-shifting-ff5":{"__comp":"17896441","content":"1f7ea90a"},"/service-bridge/1.6.x/quickstart/workspace-112":{"__comp":"17896441","content":"6c5ef75f"},"/service-bridge/1.6.x/reference-f9b":{"__comp":"14eb3368","__props":"19002fa5"},"/service-bridge/1.6.x/reference/cli-9d2":{"__comp":"14eb3368","__props":"2d52655e"},"/service-bridge/1.6.x/reference/cli/guide/index-1f7":{"__comp":"17896441","content":"b24142dd"},"/service-bridge/1.6.x/reference/cli/guide/toc-a3e":{"__comp":"14eb3368","__props":"3f952fc5"},"/service-bridge/1.6.x/reference/cli/reference-b87":{"__comp":"14eb3368","__props":"9b89e6b0"},"/service-bridge/1.6.x/reference/cli/reference/apply-b44":{"__comp":"17896441","content":"a1254542"},"/service-bridge/1.6.x/reference/cli/reference/collect-d02":{"__comp":"17896441","content":"cfb08025"},"/service-bridge/1.6.x/reference/cli/reference/completion-d5c":{"__comp":"17896441","content":"40624a5b"},"/service-bridge/1.6.x/reference/cli/reference/config-78e":{"__comp":"17896441","content":"607d8c96"},"/service-bridge/1.6.x/reference/cli/reference/delete-90b":{"__comp":"17896441","content":"bab95740"},"/service-bridge/1.6.x/reference/cli/reference/edit-ec1":{"__comp":"17896441","content":"93e39fde"},"/service-bridge/1.6.x/reference/cli/reference/experimental-dc1":{"__comp":"17896441","content":"9438263f"},"/service-bridge/1.6.x/reference/cli/reference/get-a19":{"__comp":"17896441","content":"918c1f2c"},"/service-bridge/1.6.x/reference/cli/reference/index-f1e":{"__comp":"17896441","content":"f830a281"},"/service-bridge/1.6.x/reference/cli/reference/install-f78":{"__comp":"17896441","content":"d0eba7d3"},"/service-bridge/1.6.x/reference/cli/reference/login-e8c":{"__comp":"17896441","content":"e88c53af"},"/service-bridge/1.6.x/reference/cli/reference/ui-7ec":{"__comp":"17896441","content":"0d0abed5"},"/service-bridge/1.6.x/reference/cli/reference/validate-022":{"__comp":"17896441","content":"10cbe1dc"},"/service-bridge/1.6.x/reference/cli/reference/version-364":{"__comp":"17896441","content":"c0cda790"},"/service-bridge/1.6.x/reference/cli/reference/workload-entry-annotations-c30":{"__comp":"17896441","content":"b92192c5"},"/service-bridge/1.6.x/reference/grpc-api-2ef":{"__comp":"14eb3368","__props":"941a05c5"},"/service-bridge/1.6.x/reference/grpc-api/guide-22b":{"__comp":"17896441","content":"e138c576"},"/service-bridge/1.6.x/reference/grpc-api/reference-ae1":{"__comp":"14eb3368","__props":"83823924"},"/service-bridge/1.6.x/reference/k8s-api-06c":{"__comp":"14eb3368","__props":"d3dde112"},"/service-bridge/1.6.x/reference/k8s-api/guide-57e":{"__comp":"17896441","content":"aa30d419"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-78d":{"__comp":"17896441","content":"8a647e1e"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-481":{"__comp":"17896441","content":"2ac7c96b"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-139":{"__comp":"17896441","content":"403fb300"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-5e1":{"__comp":"17896441","content":"0ef8f362"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-d21":{"__comp":"17896441","content":"ec7164ea"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-853":{"__comp":"17896441","content":"538626d8"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-eb5":{"__comp":"17896441","content":"e45d47d2"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-1d2":{"__comp":"17896441","content":"7cf72c0d"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-964":{"__comp":"17896441","content":"30761366"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-064":{"__comp":"17896441","content":"30dc731b"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-0b4":{"__comp":"17896441","content":"fd8b3ce6"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-12c":{"__comp":"17896441","content":"f77c9e02"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-d3b":{"__comp":"17896441","content":"7f19498b"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-07c":{"__comp":"17896441","content":"7a0c3e22"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-8b9":{"__comp":"17896441","content":"6b35d569"},"/service-bridge/1.6.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-226":{"__comp":"17896441","content":"c5c199c2"},"/service-bridge/1.6.x/reference/operators-793":{"__comp":"14eb3368","__props":"fb5f9cf4"},"/service-bridge/1.6.x/reference/rest-api/guide-09b":{"__comp":"17896441","content":"d9914b1b"},"/service-bridge/1.6.x/reference/samples-018":{"__comp":"14eb3368","__props":"8c3efb3a"},"/service-bridge/1.6.x/reference/samples/httpbin-fd6":{"__comp":"17896441","content":"44323ab7"},"/service-bridge/1.6.x/reference/samples/opa-23f":{"__comp":"17896441","content":"8cb8b685"},"/service-bridge/1.6.x/reference/samples/sleep-service-615":{"__comp":"17896441","content":"3624bac4"},"/service-bridge/1.6.x/reference/workload-onboarding-e4e":{"__comp":"14eb3368","__props":"9523f7b4"},"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-agent-389":{"__comp":"14eb3368","__props":"4e6ff710"},"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-authorization-008":{"__comp":"14eb3368","__props":"258ad07b"},"/service-bridge/1.6.x/reference/workload-onboarding/onboarding-runtime-de4":{"__comp":"14eb3368","__props":"066313fa"},"/service-bridge/1.6.x/reference/yaml-api-28e":{"__comp":"14eb3368","__props":"cfcfb42f"},"/service-bridge/1.6.x/reference/yaml-api/guide-8fb":{"__comp":"17896441","content":"5cd3dc2c"},"/service-bridge/1.6.x/reference/yaml-api/reference-256":{"__comp":"14eb3368","__props":"8c758a45"},"/service-bridge/1.6.x/refs/audit/v1/audit-252":{"__comp":"17896441","content":"dbabe2dc"},"/service-bridge/1.6.x/refs/audit/v1/grpc-954":{"__comp":"14eb3368","__props":"60a800ee"},"/service-bridge/1.6.x/refs/iam/v2/grpc-874":{"__comp":"14eb3368","__props":"c2d642ed"},"/service-bridge/1.6.x/refs/iam/v2/oauth_service-72c":{"__comp":"17896441","content":"b571b928"},"/service-bridge/1.6.x/refs/iam/v2/oidc_service-684":{"__comp":"17896441","content":"f212d18c"},"/service-bridge/1.6.x/refs/install-490":{"__comp":"14eb3368","__props":"52a0ab15"},"/service-bridge/1.6.x/refs/install/common/common_config-39d":{"__comp":"17896441","content":"bef067a9"},"/service-bridge/1.6.x/refs/install/controlplane/v1alpha1/spec-23f":{"__comp":"17896441","content":"93b0e0bb"},"/service-bridge/1.6.x/refs/install/dataplane/v1alpha1/spec-beb":{"__comp":"17896441","content":"dd40de2b"},"/service-bridge/1.6.x/refs/install/kubernetes/k8s-4be":{"__comp":"17896441","content":"892b995e"},"/service-bridge/1.6.x/refs/install/managementplane/v1alpha1/spec-9c7":{"__comp":"17896441","content":"b13cd7a0"},"/service-bridge/1.6.x/refs/istio.io/api/operator/v1alpha1/operator-36a":{"__comp":"17896441","content":"2ed87c8a"},"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-7df":{"__comp":"17896441","content":"6fb6b9c3"},"/service-bridge/1.6.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-0f0":{"__comp":"17896441","content":"60843fd2"},"/service-bridge/1.6.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-171":{"__comp":"17896441","content":"8137f0e8"},"/service-bridge/1.6.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-b1d":{"__comp":"17896441","content":"9a68a6d1"},"/service-bridge/1.6.x/refs/onboarding/config/authorization/v1alpha1/policy-ba5":{"__comp":"17896441","content":"eddd50b5"},"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-275":{"__comp":"17896441","content":"a81d868b"},"/service-bridge/1.6.x/refs/onboarding/config/install/v1alpha1/workload_configuration-48c":{"__comp":"17896441","content":"48d4fb1d"},"/service-bridge/1.6.x/refs/onboarding/config/runtime/v1alpha1/registration-29e":{"__comp":"17896441","content":"bc260256"},"/service-bridge/1.6.x/refs/onboarding/config/types/config/v1alpha1/transport_security-7b3":{"__comp":"17896441","content":"b5c44547"},"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/condition-0cd":{"__comp":"17896441","content":"e547a68e"},"/service-bridge/1.6.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-27c":{"__comp":"17896441","content":"f9466dff"},"/service-bridge/1.6.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-7fd":{"__comp":"17896441","content":"b6ee9e45"},"/service-bridge/1.6.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-466":{"__comp":"17896441","content":"7cface22"},"/service-bridge/1.6.x/refs/onboarding/config/types/identity/v1alpha1/identity-30e":{"__comp":"17896441","content":"9a7c1471"},"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-7a9":{"__comp":"17896441","content":"6b654ad8"},"/service-bridge/1.6.x/refs/onboarding/config/types/registration/v1alpha1/registration-197":{"__comp":"17896441","content":"7926905b"},"/service-bridge/1.6.x/refs/tsb/application/v2/api-098":{"__comp":"17896441","content":"3277808b"},"/service-bridge/1.6.x/refs/tsb/application/v2/application-59d":{"__comp":"17896441","content":"6c4d7825"},"/service-bridge/1.6.x/refs/tsb/application/v2/application_service-c4b":{"__comp":"17896441","content":"72ec5644"},"/service-bridge/1.6.x/refs/tsb/application/v2/grpc-e37":{"__comp":"14eb3368","__props":"e6416c85"},"/service-bridge/1.6.x/refs/tsb/application/v2/openapi_extensions-d81":{"__comp":"17896441","content":"1a036f39"},"/service-bridge/1.6.x/refs/tsb/application/v2/yaml-43e":{"__comp":"14eb3368","__props":"5176829c"},"/service-bridge/1.6.x/refs/tsb/auth/v2/auth-a20":{"__comp":"17896441","content":"db65c72d"},"/service-bridge/1.6.x/refs/tsb/auth/v2/yaml-94b":{"__comp":"14eb3368","__props":"58f0b1ae"},"/service-bridge/1.6.x/refs/tsb/extension/v2/grpc-d80":{"__comp":"14eb3368","__props":"2c876b48"},"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_extension-df1":{"__comp":"17896441","content":"deade7e1"},"/service-bridge/1.6.x/refs/tsb/extension/v2/wasm_service-04a":{"__comp":"17896441","content":"b924e791"},"/service-bridge/1.6.x/refs/tsb/extension/v2/yaml-6b1":{"__comp":"14eb3368","__props":"b1bfdf6d"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/auth-af8":{"__comp":"17896441","content":"0b0061fe"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/eastwest_gateway-76e":{"__comp":"17896441","content":"7b3f3123"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/egress_gateway-ffe":{"__comp":"17896441","content":"1ace72d1"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_group-58e":{"__comp":"17896441","content":"b186a554"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/gateway_service-99d":{"__comp":"17896441","content":"4c5a3e18"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/grpc-e87":{"__comp":"14eb3368","__props":"07c4cf35"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/ingress_gateway-1d9":{"__comp":"17896441","content":"4ce687b9"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/istio_gateway_direct-a26":{"__comp":"17896441","content":"0e2a4ce3"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/tier1_gateway-fb0":{"__comp":"17896441","content":"207c00dc"},"/service-bridge/1.6.x/refs/tsb/gateway/v2/yaml-c14":{"__comp":"14eb3368","__props":"ce766d6e"},"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/grpc-4d5":{"__comp":"14eb3368","__props":"b6b038ea"},"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_internal_group-961":{"__comp":"17896441","content":"ed0396aa"},"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-fc1":{"__comp":"17896441","content":"7ce0b23c"},"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/istiointernal_service-13c":{"__comp":"17896441","content":"b045eff8"},"/service-bridge/1.6.x/refs/tsb/istiointernal/v2/yaml-c61":{"__comp":"14eb3368","__props":"989bb27a"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/grpc-026":{"__comp":"14eb3368","__props":"0ab95b1b"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric-905":{"__comp":"17896441","content":"6ab8cb09"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/metric_service-54d":{"__comp":"17896441","content":"2896f6d1"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source-f42":{"__comp":"17896441","content":"c07b9904"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/source_service-c3d":{"__comp":"17896441","content":"8d19ef8f"},"/service-bridge/1.6.x/refs/tsb/observability/telemetry/v2/yaml-905":{"__comp":"14eb3368","__props":"d7e02660"},"/service-bridge/1.6.x/refs/tsb/q/v2/approvals_service-d55":{"__comp":"17896441","content":"60d46017"},"/service-bridge/1.6.x/refs/tsb/q/v2/grpc-521":{"__comp":"14eb3368","__props":"a68e6490"},"/service-bridge/1.6.x/refs/tsb/q/v2/permissions_service-34c":{"__comp":"17896441","content":"4cb9c0da"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/access_bindings-0db":{"__comp":"17896441","content":"3697c9a3"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/api_access_bindings-7e3":{"__comp":"17896441","content":"90439163"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/application_access_bindings-efb":{"__comp":"17896441","content":"1844541b"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/binding-f9b":{"__comp":"17896441","content":"be2e6895"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/gateway_access_bindings-a42":{"__comp":"17896441","content":"c597bd7a"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/grpc-505":{"__comp":"14eb3368","__props":"7cfbe8f0"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/istio_internal_access_bindings-b47":{"__comp":"17896441","content":"d5ee4d1e"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/organization_access_bindings-1c2":{"__comp":"17896441","content":"2421cb75"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/permissions-d1a":{"__comp":"17896441","content":"bed13171"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/policy_service-445":{"__comp":"17896441","content":"22c9bfe4"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/role-1e8":{"__comp":"17896441","content":"b3449eea"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/role_service-cc4":{"__comp":"17896441","content":"cf0d8c43"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/security_access_bindings-af2":{"__comp":"17896441","content":"0da296ca"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/tenant_access_bindings-7fc":{"__comp":"17896441","content":"4118d128"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/traffic_access_bindings-e87":{"__comp":"17896441","content":"32f235e3"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/workspace_access_bindings-e14":{"__comp":"17896441","content":"0c1dd53d"},"/service-bridge/1.6.x/refs/tsb/rbac/v2/yaml-c9b":{"__comp":"14eb3368","__props":"a08fc039"},"/service-bridge/1.6.x/refs/tsb/registry/v2/grpc-3b0":{"__comp":"14eb3368","__props":"6a47cc66"},"/service-bridge/1.6.x/refs/tsb/registry/v2/lookup_service-7fd":{"__comp":"17896441","content":"a12f4258"},"/service-bridge/1.6.x/refs/tsb/registry/v2/registration_service-7a5":{"__comp":"17896441","content":"2048c5c7"},"/service-bridge/1.6.x/refs/tsb/registry/v2/service-109":{"__comp":"17896441","content":"208672f4"},"/service-bridge/1.6.x/refs/tsb/registry/v2/yaml-2c3":{"__comp":"14eb3368","__props":"3b022fc7"},"/service-bridge/1.6.x/refs/tsb/security/v2/grpc-3d8":{"__comp":"14eb3368","__props":"d365f739"},"/service-bridge/1.6.x/refs/tsb/security/v2/istio_security_direct-4df":{"__comp":"17896441","content":"50408164"},"/service-bridge/1.6.x/refs/tsb/security/v2/security_group-bf4":{"__comp":"17896441","content":"bf59a1a5"},"/service-bridge/1.6.x/refs/tsb/security/v2/security_service-f9b":{"__comp":"17896441","content":"60b9b63c"},"/service-bridge/1.6.x/refs/tsb/security/v2/security_setting-464":{"__comp":"17896441","content":"b3964e83"},"/service-bridge/1.6.x/refs/tsb/security/v2/service_security_setting-861":{"__comp":"17896441","content":"a80e10c8"},"/service-bridge/1.6.x/refs/tsb/security/v2/waf_settings-397":{"__comp":"17896441","content":"ec04f059"},"/service-bridge/1.6.x/refs/tsb/security/v2/yaml-958":{"__comp":"14eb3368","__props":"635a5ae9"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/grpc-218":{"__comp":"14eb3368","__props":"0a799946"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/istio_traffic_direct-ddb":{"__comp":"17896441","content":"a21d6263"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/service_route-6ed":{"__comp":"17896441","content":"fdab66b5"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_group-889":{"__comp":"17896441","content":"2ae002e5"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_service-a00":{"__comp":"17896441","content":"fcb5fcb8"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/traffic_setting-37a":{"__comp":"17896441","content":"41da3fe2"},"/service-bridge/1.6.x/refs/tsb/traffic/v2/yaml-273":{"__comp":"14eb3368","__props":"cdcc511a"},"/service-bridge/1.6.x/refs/tsb/types/v2/types-a22":{"__comp":"17896441","content":"085ca6bf"},"/service-bridge/1.6.x/refs/tsb/types/v2/yaml-34f":{"__comp":"14eb3368","__props":"5f03ce70"},"/service-bridge/1.6.x/refs/tsb/v2/cluster-27e":{"__comp":"17896441","content":"6363972e"},"/service-bridge/1.6.x/refs/tsb/v2/cluster_service-9b0":{"__comp":"17896441","content":"3bfed8da"},"/service-bridge/1.6.x/refs/tsb/v2/grpc-e10":{"__comp":"14eb3368","__props":"9bf8de7a"},"/service-bridge/1.6.x/refs/tsb/v2/info-a25":{"__comp":"17896441","content":"261fafbb"},"/service-bridge/1.6.x/refs/tsb/v2/organization-afa":{"__comp":"17896441","content":"574a8aa3"},"/service-bridge/1.6.x/refs/tsb/v2/organization_service-669":{"__comp":"17896441","content":"431ea5d2"},"/service-bridge/1.6.x/refs/tsb/v2/organization_setting-508":{"__comp":"17896441","content":"cbcec790"},"/service-bridge/1.6.x/refs/tsb/v2/status-48e":{"__comp":"17896441","content":"0594fb32"},"/service-bridge/1.6.x/refs/tsb/v2/status_service-135":{"__comp":"17896441","content":"3e85d046"},"/service-bridge/1.6.x/refs/tsb/v2/team-7ad":{"__comp":"17896441","content":"29fea89f"},"/service-bridge/1.6.x/refs/tsb/v2/team_service-d1d":{"__comp":"17896441","content":"a607e60f"},"/service-bridge/1.6.x/refs/tsb/v2/tenant-4d9":{"__comp":"17896441","content":"28f0c913"},"/service-bridge/1.6.x/refs/tsb/v2/tenant_service-7bf":{"__comp":"17896441","content":"7517ae78"},"/service-bridge/1.6.x/refs/tsb/v2/tenant_setting-6b1":{"__comp":"17896441","content":"4977adce"},"/service-bridge/1.6.x/refs/tsb/v2/workspace-002":{"__comp":"17896441","content":"5af84056"},"/service-bridge/1.6.x/refs/tsb/v2/workspace_service-fe4":{"__comp":"17896441","content":"90e5a3c1"},"/service-bridge/1.6.x/refs/tsb/v2/workspace_setting-883":{"__comp":"17896441","content":"2d38bcd8"},"/service-bridge/1.6.x/refs/tsb/v2/yaml-79e":{"__comp":"14eb3368","__props":"9af915d4"},"/service-bridge/1.6.x/release-notes-0af":{"__comp":"17896441","content":"9f30bbbc"},"/service-bridge/1.6.x/release-notes-announcements/-d37":{"__comp":"17896441","content":"50a6f15b"},"/service-bridge/1.6.x/release-notes-announcements/feature-status-15f":{"__comp":"17896441","content":"64705639"},"/service-bridge/1.6.x/release-notes-announcements/support-policy-527":{"__comp":"17896441","content":"27b1220b"},"/service-bridge/1.6.x/setup-93c":{"__comp":"14eb3368","__props":"4c2c8e3a"},"/service-bridge/1.6.x/setup/aws-bdd":{"__comp":"14eb3368","__props":"1e8b51e8"},"/service-bridge/1.6.x/setup/aws/container-marketplace-a1b":{"__comp":"17896441","content":"7ea91119"},"/service-bridge/1.6.x/setup/aws/vpc-b62":{"__comp":"17896441","content":"ed7fc3eb"},"/service-bridge/1.6.x/setup/certificate-8ed":{"__comp":"14eb3368","__props":"43850796"},"/service-bridge/1.6.x/setup/certificate/certificate-requirements-719":{"__comp":"17896441","content":"82f59a74"},"/service-bridge/1.6.x/setup/certificate/certificate-setup-a36":{"__comp":"17896441","content":"6ece32c3"},"/service-bridge/1.6.x/setup/components-883":{"__comp":"17896441","content":"2f8e8ffd"},"/service-bridge/1.6.x/setup/firewall-information-46c":{"__comp":"17896441","content":"025635fc"},"/service-bridge/1.6.x/setup/helm/-c6f":{"__comp":"17896441","content":"49746371"},"/service-bridge/1.6.x/setup/helm/controlplane-dad":{"__comp":"17896441","content":"6cb22e65"},"/service-bridge/1.6.x/setup/helm/dataplane-0a4":{"__comp":"17896441","content":"127b7aeb"},"/service-bridge/1.6.x/setup/helm/helm-4b9":{"__comp":"17896441","content":"50e0671a"},"/service-bridge/1.6.x/setup/helm/managementplane-8c7":{"__comp":"17896441","content":"43491b67"},"/service-bridge/1.6.x/setup/helm/uninstallation-301":{"__comp":"17896441","content":"67052771"},"/service-bridge/1.6.x/setup/helm/upgrade-552":{"__comp":"17896441","content":"241ba1c7"},"/service-bridge/1.6.x/setup/isolation-boundaries-601":{"__comp":"17896441","content":"6ebb9423"},"/service-bridge/1.6.x/setup/migrate-tctl-to-helm-588":{"__comp":"17896441","content":"cb2a911c"},"/service-bridge/1.6.x/setup/remote-registry-027":{"__comp":"17896441","content":"c4f6b6ce"},"/service-bridge/1.6.x/setup/requirements-and-download-bc1":{"__comp":"17896441","content":"808d2d6a"},"/service-bridge/1.6.x/setup/resource-planning-fba":{"__comp":"17896441","content":"3802cb3b"},"/service-bridge/1.6.x/setup/self-managed/-5dd":{"__comp":"17896441","content":"9c981aa0"},"/service-bridge/1.6.x/setup/self-managed/demo-installation-69c":{"__comp":"17896441","content":"61817fbf"},"/service-bridge/1.6.x/setup/self-managed/management-plane-installation-bfb":{"__comp":"17896441","content":"406b59d4"},"/service-bridge/1.6.x/setup/self-managed/onboarding-clusters-b4b":{"__comp":"17896441","content":"8f295651"},"/service-bridge/1.6.x/setup/self-managed/uninstallation-4dc":{"__comp":"17896441","content":"f47e8ecb"},"/service-bridge/1.6.x/setup/self-managed/upgrade-9fd":{"__comp":"17896441","content":"7de21296"},"/service-bridge/1.6.x/setup/self-managed/zipkin-cleanup-c58":{"__comp":"17896441","content":"0a834847"},"/service-bridge/1.6.x/setup/tctl-connect-b46":{"__comp":"17896441","content":"66d00fb2"},"/service-bridge/1.6.x/setup/upgrades-a7a":{"__comp":"14eb3368","__props":"fadcda3a"},"/service-bridge/1.6.x/setup/upgrades/cni-upgrade-e3a":{"__comp":"17896441","content":"48e33614"},"/service-bridge/1.6.x/setup/upgrades/gateway-upgrade-a0d":{"__comp":"17896441","content":"7e35f5e0"},"/service-bridge/1.6.x/setup/upgrades/non-revisioned-to-revisioned-1de":{"__comp":"17896441","content":"4d19eeae"},"/service-bridge/1.6.x/setup/upgrades/revisioned-to-revisioned-607":{"__comp":"17896441","content":"15a5fa35"},"/service-bridge/1.6.x/setup/workload-onboarding-6de":{"__comp":"14eb3368","__props":"edb1f069"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/-fa1":{"__comp":"17896441","content":"34e320a8"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/ecs-workloads-d35":{"__comp":"17896441","content":"60ffe514"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/managing-c72":{"__comp":"17896441","content":"622fe2c4"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/on-premise-workloads-e0f":{"__comp":"17896441","content":"3d841e12"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/onboarding-283":{"__comp":"17896441","content":"7c51ecc2"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/overview-cf9":{"__comp":"17896441","content":"42947c93"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/setup-44d":{"__comp":"17896441","content":"56c3f40d"},"/service-bridge/1.6.x/setup/workload-onboarding/guides/troubleshooting-cc1":{"__comp":"17896441","content":"e9cc4e20"},"/service-bridge/1.6.x/setup/workload-onboarding/onboarding-vms-7b1":{"__comp":"17896441","content":"3ea77b24"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart-356":{"__comp":"14eb3368","__props":"7f50a08b"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/-3fb":{"__comp":"17896441","content":"1ca15b54"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-533":{"__comp":"17896441","content":"79796ad8"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-3e2":{"__comp":"17896441","content":"1227283e"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-1d0":{"__comp":"17896441","content":"95bf625d"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-ba2":{"__comp":"17896441","content":"68748847"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-71c":{"__comp":"17896441","content":"724a718e"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-ad7":{"__comp":"17896441","content":"0370b563"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/-60b":{"__comp":"17896441","content":"0e9dde96"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-f02":{"__comp":"17896441","content":"20dd5560"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-d01":{"__comp":"17896441","content":"a4cc8031"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/-f44":{"__comp":"17896441","content":"039b97ca"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-104":{"__comp":"17896441","content":"25de0981"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-fc6":{"__comp":"17896441","content":"85021cc1"},"/service-bridge/1.6.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-db3":{"__comp":"17896441","content":"3bfce62f"},"/service-bridge/1.6.x/troubleshooting-748":{"__comp":"14eb3368","__props":"7d2835d1"},"/service-bridge/1.6.x/troubleshooting/cluster-onboarding-996":{"__comp":"17896441","content":"c7b6a669"},"/service-bridge/1.6.x/troubleshooting/configuration-status-fde":{"__comp":"17896441","content":"228ed991"},"/service-bridge/1.6.x/troubleshooting/debug-container-b15":{"__comp":"17896441","content":"803a55b6"},"/service-bridge/1.6.x/troubleshooting/gateway-troubleshooting-3fb":{"__comp":"17896441","content":"75d73136"},"/service-bridge/1.6.x/troubleshooting/identify-underperforming-services-5fb":{"__comp":"17896441","content":"26f5547a"},"/service-bridge/1.6.x/troubleshooting/Maximum-header-size-exceed-333":{"__comp":"17896441","content":"506cf6dc"},"/service-bridge/1.6.x/troubleshooting/Multiple-Transfer-encoding-chunked-f67":{"__comp":"17896441","content":"71a3798f"},"/service-bridge/1.6.x/troubleshooting/troubleshooting-671":{"__comp":"17896441","content":"8daf5281"},"/service-bridge/1.6.x/troubleshooting/tsb-ui-metrics-bc1":{"__comp":"17896441","content":"b722f42c"},"/service-bridge/1.6.x/wokingwithsupport/workingWithTetrateSupport-7d5":{"__comp":"17896441","content":"c2bf892c"},"/service-bridge/1.7.x-2fa":{"__comp":"a7bd4aaa","__props":"7389b9b3"},"/service-bridge/1.7.x/tags-b64":{"__comp":"3720c009","__props":"ed2ff2eb"},"/service-bridge/1.7.x/tags/featured-165":{"__comp":"df203c0f","__props":"79055399"},"/service-bridge/1.7.x/tags/tsb-concepts-54e":{"__comp":"df203c0f","__props":"2a7d2b7e"},"/service-bridge/1.7.x/tags/tsb-quickstart-b6d":{"__comp":"df203c0f","__props":"e7b4ab81"},"/service-bridge/1.7.x-e6b":{"__comp":"a94703ab"},"/service-bridge/1.7.x/-543":{"__comp":"17896441","content":"4a9dc307"},"/service-bridge/1.7.x/category/working-with-tetrate-customer-support-5d3":{"__comp":"14eb3368","__props":"4affa24a"},"/service-bridge/1.7.x/cheatsheet/-69e":{"__comp":"17896441","content":"7d0e7f1c"},"/service-bridge/1.7.x/cheatsheet/sheets/gateways-management-7cf":{"__comp":"17896441","content":"f33cebfe"},"/service-bridge/1.7.x/cheatsheet/sheets/kubectl-77c":{"__comp":"17896441","content":"b5af043c"},"/service-bridge/1.7.x/cheatsheet/sheets/security-management-7c6":{"__comp":"17896441","content":"df1bdc6f"},"/service-bridge/1.7.x/cheatsheet/sheets/tctl-c0e":{"__comp":"17896441","content":"8b2fb0bf"},"/service-bridge/1.7.x/cheatsheet/sheets/traffic-management-1fd":{"__comp":"17896441","content":"68a46446"},"/service-bridge/1.7.x/cheatsheet/sheets/tsb-concepts-88b":{"__comp":"17896441","content":"45a946ba"},"/service-bridge/1.7.x/cheatsheet/sheets/tsb-quickstart-075":{"__comp":"17896441","content":"d29fb880"},"/service-bridge/1.7.x/cheatsheet/sheets/tsb-terminology-c16":{"__comp":"17896441","content":"c7a66f29"},"/service-bridge/1.7.x/concepts/-f12":{"__comp":"17896441","content":"a8fd4d00"},"/service-bridge/1.7.x/concepts/architecture-e13":{"__comp":"17896441","content":"af6bcf26"},"/service-bridge/1.7.x/concepts/configuration-dataflow-912":{"__comp":"17896441","content":"3d280167"},"/service-bridge/1.7.x/concepts/glossary-d74":{"__comp":"17896441","content":"6fd48284"},"/service-bridge/1.7.x/concepts/observability-965":{"__comp":"17896441","content":"84e31a8e"},"/service-bridge/1.7.x/concepts/operators/-998":{"__comp":"17896441","content":"e63fcb1b"},"/service-bridge/1.7.x/concepts/operators/control-plane-de7":{"__comp":"17896441","content":"d05577f8"},"/service-bridge/1.7.x/concepts/operators/data-plane-062":{"__comp":"17896441","content":"e98e5833"},"/service-bridge/1.7.x/concepts/operators/management-plane-0aa":{"__comp":"17896441","content":"4a8825c4"},"/service-bridge/1.7.x/concepts/security-a41":{"__comp":"17896441","content":"c82134fd"},"/service-bridge/1.7.x/concepts/service-mesh-f8f":{"__comp":"17896441","content":"6cf7e1f8"},"/service-bridge/1.7.x/concepts/terminology-8b5":{"__comp":"17896441","content":"32a517a4"},"/service-bridge/1.7.x/concepts/traffic-management-f8c":{"__comp":"17896441","content":"aae28aa1"},"/service-bridge/1.7.x/design-guides/-71f":{"__comp":"17896441","content":"6d0b7751"},"/service-bridge/1.7.x/design-guides/app-onboarding/-85d":{"__comp":"17896441","content":"a4fa1230"},"/service-bridge/1.7.x/design-guides/app-onboarding/cross-cluster-e1e":{"__comp":"17896441","content":"04331e46"},"/service-bridge/1.7.x/design-guides/app-onboarding/deploy-service-8d0":{"__comp":"17896441","content":"69ffc1e8"},"/service-bridge/1.7.x/design-guides/app-onboarding/gateway-security-939":{"__comp":"17896441","content":"1c2ccb75"},"/service-bridge/1.7.x/design-guides/app-onboarding/high-availability-fc2":{"__comp":"17896441","content":"0cc52358"},"/service-bridge/1.7.x/design-guides/app-onboarding/introduction-69a":{"__comp":"17896441","content":"a112168d"},"/service-bridge/1.7.x/design-guides/app-onboarding/monitor-5ca":{"__comp":"17896441","content":"74259431"},"/service-bridge/1.7.x/design-guides/app-onboarding/prepare-969":{"__comp":"17896441","content":"51419fec"},"/service-bridge/1.7.x/design-guides/app-onboarding/promote-service-913":{"__comp":"17896441","content":"1873fcf7"},"/service-bridge/1.7.x/design-guides/app-onboarding/security-f64":{"__comp":"17896441","content":"2857f5af"},"/service-bridge/1.7.x/design-guides/ha-dr-mp/-3ce":{"__comp":"17896441","content":"9d2e7c5c"},"/service-bridge/1.7.x/design-guides/ha-dr-mp/dr-managementplane-d58":{"__comp":"17896441","content":"5c32f673"},"/service-bridge/1.7.x/design-guides/ha-dr-mp/ha-managementplane-581":{"__comp":"17896441","content":"c1dd51d0"},"/service-bridge/1.7.x/design-guides/ha-dr-mp/introduction-59c":{"__comp":"17896441","content":"8c980a28"},"/service-bridge/1.7.x/design-guides/ha-dr-mp/scenarios-b6f":{"__comp":"17896441","content":"9907f236"},"/service-bridge/1.7.x/design-guides/ha-multicluster/-3f8":{"__comp":"17896441","content":"f119fa9f"},"/service-bridge/1.7.x/design-guides/ha-multicluster/cluster-failover-96b":{"__comp":"17896441","content":"f5ff4a5b"},"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-1-7de":{"__comp":"17896441","content":"a237db7f"},"/service-bridge/1.7.x/design-guides/ha-multicluster/demo-2-c90":{"__comp":"17896441","content":"f151aeba"},"/service-bridge/1.7.x/design-guides/ha-multicluster/edge-failover-0c1":{"__comp":"17896441","content":"76b42655"},"/service-bridge/1.7.x/design-guides/ha-multicluster/introduction-ef5":{"__comp":"17896441","content":"41779917"},"/service-bridge/1.7.x/design-guides/ha-multicluster/operations-6f3":{"__comp":"17896441","content":"cb20463f"},"/service-bridge/1.7.x/howto-928":{"__comp":"14eb3368","__props":"7a0a7eb5"},"/service-bridge/1.7.x/howto/authorization/-046":{"__comp":"17896441","content":"71957f9f"},"/service-bridge/1.7.x/howto/authorization/ingress-gateway-672":{"__comp":"17896441","content":"07b29314"},"/service-bridge/1.7.x/howto/authorization/sidecar-eb5":{"__comp":"17896441","content":"3dfd7d2d"},"/service-bridge/1.7.x/howto/authorization/tier1-gateway-5a4":{"__comp":"17896441","content":"0e3993f2"},"/service-bridge/1.7.x/howto/authorization/tls-verification-e8b":{"__comp":"17896441","content":"cb656370"},"/service-bridge/1.7.x/howto/gateway-b93":{"__comp":"14eb3368","__props":"236e6237"},"/service-bridge/1.7.x/howto/gateway/app-ingress-591":{"__comp":"17896441","content":"50a00566"},"/service-bridge/1.7.x/howto/gateway/application-gateway-with-openapi-annotations-2bb":{"__comp":"17896441","content":"b1920c07"},"/service-bridge/1.7.x/howto/gateway/configure-and-route-nonhttp-traffic-212":{"__comp":"17896441","content":"f2ffa285"},"/service-bridge/1.7.x/howto/gateway/distributed-ingress-204":{"__comp":"17896441","content":"0f779d75"},"/service-bridge/1.7.x/howto/gateway/egress-gateways-ee9":{"__comp":"17896441","content":"52b4cb21"},"/service-bridge/1.7.x/howto/gateway/end-user-auth-keycloak-078":{"__comp":"17896441","content":"042e2245"},"/service-bridge/1.7.x/howto/gateway/https-with-proxy-protocol-2ed":{"__comp":"17896441","content":"230e9633"},"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-d84":{"__comp":"17896441","content":"63cc31cc"},"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-b06":{"__comp":"17896441","content":"ab6452a2"},"/service-bridge/1.7.x/howto/gateway/multi-cluster-traffic-shifting-129":{"__comp":"17896441","content":"7cf8e7a5"},"/service-bridge/1.7.x/howto/gateway/service-identity-propagation-2f0":{"__comp":"17896441","content":"44c9179f"},"/service-bridge/1.7.x/howto/gateway/shared-ingress-665":{"__comp":"17896441","content":"d4ef315e"},"/service-bridge/1.7.x/howto/gateway/subset-based-routing-using-igw-and-service-route-21a":{"__comp":"17896441","content":"3e101f25"},"/service-bridge/1.7.x/howto/gateway/unified-gateway-907":{"__comp":"17896441","content":"d52a0c84"},"/service-bridge/1.7.x/howto/gitops-e90":{"__comp":"14eb3368","__props":"6d8e3db4"},"/service-bridge/1.7.x/howto/gitops/argo-rollouts-604":{"__comp":"17896441","content":"36ee3c3a"},"/service-bridge/1.7.x/howto/gitops/flux-9f4":{"__comp":"17896441","content":"ca8a6edb"},"/service-bridge/1.7.x/howto/gitops/gitops-7a2":{"__comp":"17896441","content":"8de6a326"},"/service-bridge/1.7.x/howto/hpa-using-skywalking-f85":{"__comp":"17896441","content":"2f469864"},"/service-bridge/1.7.x/howto/network-policies-552":{"__comp":"17896441","content":"282a6f68"},"/service-bridge/1.7.x/howto/promql-using-skywalking-26d":{"__comp":"17896441","content":"399ae443"},"/service-bridge/1.7.x/howto/rate-limiting/-f4e":{"__comp":"17896441","content":"e89221ef"},"/service-bridge/1.7.x/howto/rate-limiting/external-rate-limiting-885":{"__comp":"17896441","content":"39391180"},"/service-bridge/1.7.x/howto/rate-limiting/ingress-gateway-29d":{"__comp":"17896441","content":"a4a5cc5a"},"/service-bridge/1.7.x/howto/rate-limiting/internal-rate-limiting-145":{"__comp":"17896441","content":"47a8918b"},"/service-bridge/1.7.x/howto/rate-limiting/service-to-service-9f7":{"__comp":"17896441","content":"7cd666d4"},"/service-bridge/1.7.x/howto/rate-limiting/tier1-gateway-06f":{"__comp":"17896441","content":"9beebdd9"},"/service-bridge/1.7.x/howto/rate-limiting/tls-validation-a65":{"__comp":"17896441","content":"f416a895"},"/service-bridge/1.7.x/howto/security-domains-8ae":{"__comp":"17896441","content":"a725b7ba"},"/service-bridge/1.7.x/howto/service-accounts-b97":{"__comp":"17896441","content":"117e1c70"},"/service-bridge/1.7.x/howto/traffic-8c1":{"__comp":"14eb3368","__props":"386f2075"},"/service-bridge/1.7.x/howto/traffic/canary-releases-4ab":{"__comp":"17896441","content":"7fa9f196"},"/service-bridge/1.7.x/howto/traffic/configure-multi-port-service-route-a19":{"__comp":"17896441","content":"f4805fdb"},"/service-bridge/1.7.x/howto/traffic/external-site-https-894":{"__comp":"17896441","content":"06e18444"},"/service-bridge/1.7.x/howto/traffic/load-balance-23a":{"__comp":"17896441","content":"ddef7ded"},"/service-bridge/1.7.x/howto/traffic/migrating-VM-monoliths-c7f":{"__comp":"17896441","content":"b9445d16"},"/service-bridge/1.7.x/howto/traffic/splitting-service-traffic-between-k8s-vms-331":{"__comp":"17896441","content":"baf0d165"},"/service-bridge/1.7.x/howto/waf-455":{"__comp":"17896441","content":"540b034a"},"/service-bridge/1.7.x/howto/wasm-368":{"__comp":"14eb3368","__props":"bfe798ca"},"/service-bridge/1.7.x/howto/wasm/wasm-extension-b16":{"__comp":"17896441","content":"5383d13c"},"/service-bridge/1.7.x/howto/wasm/wasm-overview-e6e":{"__comp":"17896441","content":"acb79b49"},"/service-bridge/1.7.x/howto/wasm/wasm-proxy-6fb":{"__comp":"17896441","content":"287347f6"},"/service-bridge/1.7.x/howto/wasm/wasm-try-de0":{"__comp":"17896441","content":"08586c56"},"/service-bridge/1.7.x/knowledge-base-651":{"__comp":"14eb3368","__props":"0e370039"},"/service-bridge/1.7.x/knowledge-base/faq-857":{"__comp":"17896441","content":"b10de658"},"/service-bridge/1.7.x/knowledge-base/gitops-15c":{"__comp":"17896441","content":"3ed74c05"},"/service-bridge/1.7.x/operations-d84":{"__comp":"14eb3368","__props":"69601da2"},"/service-bridge/1.7.x/operations/configuration-promotion-78a":{"__comp":"17896441","content":"102fc63e"},"/service-bridge/1.7.x/operations/configure-log-levels-0a3":{"__comp":"17896441","content":"7513d241"},"/service-bridge/1.7.x/operations/elasticsearch-c7f":{"__comp":"14eb3368","__props":"192d40a8"},"/service-bridge/1.7.x/operations/elasticsearch/elasticsearch-role-516":{"__comp":"17896441","content":"1eae2c16"},"/service-bridge/1.7.x/operations/elasticsearch/wipe-elastic-03c":{"__comp":"17896441","content":"a997c63d"},"/service-bridge/1.7.x/operations/features-ceb":{"__comp":"14eb3368","__props":"48a9d6b6"},"/service-bridge/1.7.x/operations/features/configure-cluster-external-addresses-456":{"__comp":"17896441","content":"c3eee4ec"},"/service-bridge/1.7.x/operations/features/configure-gitops-b18":{"__comp":"17896441","content":"73a5aedd"},"/service-bridge/1.7.x/operations/features/deletion-protection-df3":{"__comp":"17896441","content":"c9f80b62"},"/service-bridge/1.7.x/operations/features/edge-dns-resolution-bba":{"__comp":"17896441","content":"bd480091"},"/service-bridge/1.7.x/operations/features/enable-config-protection-77a":{"__comp":"17896441","content":"f5c6a2a9"},"/service-bridge/1.7.x/operations/features/gateway-deletion-webhook-922":{"__comp":"17896441","content":"59e4f442"},"/service-bridge/1.7.x/operations/features/internal-wasm-extensions-042":{"__comp":"17896441","content":"3a808c35"},"/service-bridge/1.7.x/operations/features/istio-cni-720":{"__comp":"17896441","content":"465adca1"},"/service-bridge/1.7.x/operations/features/label-annotation-783":{"__comp":"17896441","content":"680c3197"},"/service-bridge/1.7.x/operations/features/streaming-log-44c":{"__comp":"17896441","content":"6299153d"},"/service-bridge/1.7.x/operations/features/tier1-in-app-cluster-8ae":{"__comp":"17896441","content":"b2ded32e"},"/service-bridge/1.7.x/operations/graceful-connection-drain-46f":{"__comp":"17896441","content":"69b33028"},"/service-bridge/1.7.x/operations/kube-customization-017":{"__comp":"17896441","content":"d3afdb3b"},"/service-bridge/1.7.x/operations/lower-istio-resources-ac4":{"__comp":"17896441","content":"e9a5a1a6"},"/service-bridge/1.7.x/operations/migrate-organization-f80":{"__comp":"17896441","content":"caa94d78"},"/service-bridge/1.7.x/operations/multiple-iam-keys-63c":{"__comp":"17896441","content":"c940816d"},"/service-bridge/1.7.x/operations/postgresql-c10":{"__comp":"17896441","content":"2233e332"},"/service-bridge/1.7.x/operations/telemetry-a7a":{"__comp":"14eb3368","__props":"fa6e56cb"},"/service-bridge/1.7.x/operations/telemetry/alerting-guidelines-592":{"__comp":"17896441","content":"5d1cdfc3"},"/service-bridge/1.7.x/operations/telemetry/distributed-tracing-5d2":{"__comp":"17896441","content":"4b175ff9"},"/service-bridge/1.7.x/operations/telemetry/key-metrics-b4b":{"__comp":"17896441","content":"2b7e505b"},"/service-bridge/1.7.x/operations/telemetry/new-relic-151":{"__comp":"17896441","content":"5ac7214f"},"/service-bridge/1.7.x/operations/telemetry/red-metrics-0e2":{"__comp":"17896441","content":"3d157bf0"},"/service-bridge/1.7.x/operations/telemetry/telemetry-architecture-7b7":{"__comp":"17896441","content":"4b02454d"},"/service-bridge/1.7.x/operations/users-63f":{"__comp":"14eb3368","__props":"0b5be9fc"},"/service-bridge/1.7.x/operations/users/admin-password-5aa":{"__comp":"17896441","content":"18415794"},"/service-bridge/1.7.x/operations/users/configuring-ldap-ef0":{"__comp":"17896441","content":"6a3c4e00"},"/service-bridge/1.7.x/operations/users/oidc-azure-f64":{"__comp":"17896441","content":"330ffcb1"},"/service-bridge/1.7.x/operations/users/roles-and-permissions-49d":{"__comp":"17896441","content":"b54b6318"},"/service-bridge/1.7.x/operations/users/user-synchronization-2b0":{"__comp":"17896441","content":"41aab94f"},"/service-bridge/1.7.x/operations/vault-416":{"__comp":"14eb3368","__props":"4fe1667b"},"/service-bridge/1.7.x/operations/vault/elasticsearch-0b4":{"__comp":"17896441","content":"4b85da75"},"/service-bridge/1.7.x/operations/vault/istiod-ca-d30":{"__comp":"17896441","content":"58e9fd8a"},"/service-bridge/1.7.x/operations/vault/postgresql-eb7":{"__comp":"17896441","content":"dc23d971"},"/service-bridge/1.7.x/quickstart-404":{"__comp":"14eb3368","__props":"9dc7422a"},"/service-bridge/1.7.x/quickstart/apps-382":{"__comp":"17896441","content":"bb938165"},"/service-bridge/1.7.x/quickstart/config-groups-e14":{"__comp":"17896441","content":"dcb219dc"},"/service-bridge/1.7.x/quickstart/deploy-sample-app-89e":{"__comp":"17896441","content":"f7be97b1"},"/service-bridge/1.7.x/quickstart/ingress-gateway-a00":{"__comp":"17896441","content":"a6508ff9"},"/service-bridge/1.7.x/quickstart/introduction-515":{"__comp":"17896441","content":"f5cb2c1e"},"/service-bridge/1.7.x/quickstart/observability-9b8":{"__comp":"17896441","content":"5d1dc1e6"},"/service-bridge/1.7.x/quickstart/permissions-0ae":{"__comp":"17896441","content":"06737fba"},"/service-bridge/1.7.x/quickstart/security-34d":{"__comp":"17896441","content":"87a0b23c"},"/service-bridge/1.7.x/quickstart/tenant-534":{"__comp":"17896441","content":"3e6373ad"},"/service-bridge/1.7.x/quickstart/traffic-shifting-bee":{"__comp":"17896441","content":"04220f58"},"/service-bridge/1.7.x/quickstart/workspace-033":{"__comp":"17896441","content":"234524b5"},"/service-bridge/1.7.x/reference-c70":{"__comp":"14eb3368","__props":"00cd6815"},"/service-bridge/1.7.x/reference/cli-ed6":{"__comp":"14eb3368","__props":"52fb5c94"},"/service-bridge/1.7.x/reference/cli/guide/index-033":{"__comp":"17896441","content":"85ac021f"},"/service-bridge/1.7.x/reference/cli/guide/toc-3f7":{"__comp":"14eb3368","__props":"eab393b8"},"/service-bridge/1.7.x/reference/cli/reference-b21":{"__comp":"14eb3368","__props":"13f3a9dd"},"/service-bridge/1.7.x/reference/cli/reference/apply-cca":{"__comp":"17896441","content":"f91c2529"},"/service-bridge/1.7.x/reference/cli/reference/collect-312":{"__comp":"17896441","content":"67b07f5d"},"/service-bridge/1.7.x/reference/cli/reference/completion-042":{"__comp":"17896441","content":"c123df4f"},"/service-bridge/1.7.x/reference/cli/reference/config-1e4":{"__comp":"17896441","content":"cffae4be"},"/service-bridge/1.7.x/reference/cli/reference/delete-d66":{"__comp":"17896441","content":"7afd2700"},"/service-bridge/1.7.x/reference/cli/reference/edit-c93":{"__comp":"17896441","content":"a2f96c2e"},"/service-bridge/1.7.x/reference/cli/reference/experimental-6ec":{"__comp":"17896441","content":"b3e5aee8"},"/service-bridge/1.7.x/reference/cli/reference/get-f97":{"__comp":"17896441","content":"88857bf4"},"/service-bridge/1.7.x/reference/cli/reference/index-b77":{"__comp":"17896441","content":"250e1234"},"/service-bridge/1.7.x/reference/cli/reference/install-b33":{"__comp":"17896441","content":"f1788f2e"},"/service-bridge/1.7.x/reference/cli/reference/login-78b":{"__comp":"17896441","content":"bf22e763"},"/service-bridge/1.7.x/reference/cli/reference/ui-9ee":{"__comp":"17896441","content":"62eb6b3a"},"/service-bridge/1.7.x/reference/cli/reference/validate-3c6":{"__comp":"17896441","content":"c5fb9836"},"/service-bridge/1.7.x/reference/cli/reference/version-d71":{"__comp":"17896441","content":"7285017a"},"/service-bridge/1.7.x/reference/cli/reference/whoami-e06":{"__comp":"17896441","content":"320efceb"},"/service-bridge/1.7.x/reference/cli/reference/workload-entry-annotations-047":{"__comp":"17896441","content":"4a03c170"},"/service-bridge/1.7.x/reference/grpc-api-3b7":{"__comp":"14eb3368","__props":"63e330bc"},"/service-bridge/1.7.x/reference/grpc-api/guide-bdb":{"__comp":"17896441","content":"32dfb13a"},"/service-bridge/1.7.x/reference/grpc-api/reference-46e":{"__comp":"14eb3368","__props":"748e33f5"},"/service-bridge/1.7.x/reference/k8s-api-432":{"__comp":"14eb3368","__props":"6e207a93"},"/service-bridge/1.7.x/reference/k8s-api/guide-012":{"__comp":"17896441","content":"19dd7970"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen-b6f":{"__comp":"14eb3368","__props":"a5a9c51e"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-e7d":{"__comp":"17896441","content":"9f7ce2d9"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-6bd":{"__comp":"17896441","content":"3e3c6836"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-884":{"__comp":"17896441","content":"cb25bc4b"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-cc2":{"__comp":"17896441","content":"54bb2d03"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-ea4":{"__comp":"17896441","content":"a5186798"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-d20":{"__comp":"17896441","content":"705b68d1"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-1a9":{"__comp":"17896441","content":"7464fb30"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-d1d":{"__comp":"17896441","content":"c1fdfea2"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-dcb":{"__comp":"17896441","content":"77e7de39"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-2de":{"__comp":"17896441","content":"9698b57a"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-e27":{"__comp":"17896441","content":"93719a11"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-d1b":{"__comp":"17896441","content":"334a9bff"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-843":{"__comp":"17896441","content":"009224dc"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-5dd":{"__comp":"17896441","content":"c2ef5831"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-624":{"__comp":"17896441","content":"385cf17b"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-8f6":{"__comp":"17896441","content":"77f1bd98"},"/service-bridge/1.7.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-497":{"__comp":"14eb3368","__props":"f356263f"},"/service-bridge/1.7.x/reference/operators-871":{"__comp":"14eb3368","__props":"d463f799"},"/service-bridge/1.7.x/reference/rest-api/guide-b0b":{"__comp":"17896441","content":"d9e4f943"},"/service-bridge/1.7.x/reference/samples-529":{"__comp":"14eb3368","__props":"c3107b9c"},"/service-bridge/1.7.x/reference/samples/httpbin-a73":{"__comp":"17896441","content":"6f4f4d8c"},"/service-bridge/1.7.x/reference/samples/opa-e65":{"__comp":"17896441","content":"52854b71"},"/service-bridge/1.7.x/reference/samples/sleep-service-053":{"__comp":"17896441","content":"a1067f70"},"/service-bridge/1.7.x/reference/workload-onboarding-713":{"__comp":"14eb3368","__props":"4b4b8715"},"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-agent-d19":{"__comp":"14eb3368","__props":"b285a4b0"},"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-authorization-089":{"__comp":"14eb3368","__props":"5c0c577f"},"/service-bridge/1.7.x/reference/workload-onboarding/onboarding-runtime-a47":{"__comp":"14eb3368","__props":"a222cd75"},"/service-bridge/1.7.x/reference/yaml-api-a3b":{"__comp":"14eb3368","__props":"2f1b6f5a"},"/service-bridge/1.7.x/reference/yaml-api/guide-f85":{"__comp":"17896441","content":"26483a20"},"/service-bridge/1.7.x/reference/yaml-api/reference-111":{"__comp":"14eb3368","__props":"efab6c4d"},"/service-bridge/1.7.x/refs/audit/v1/audit-80c":{"__comp":"17896441","content":"fb653ddc"},"/service-bridge/1.7.x/refs/audit/v1/grpc-7e4":{"__comp":"14eb3368","__props":"36c6722f"},"/service-bridge/1.7.x/refs/iam/v2/grpc-869":{"__comp":"14eb3368","__props":"feb2b80c"},"/service-bridge/1.7.x/refs/iam/v2/oauth_service-a33":{"__comp":"17896441","content":"b5e20f4e"},"/service-bridge/1.7.x/refs/iam/v2/oidc_service-261":{"__comp":"17896441","content":"d76d2e88"},"/service-bridge/1.7.x/refs/install-4b0":{"__comp":"14eb3368","__props":"7267096e"},"/service-bridge/1.7.x/refs/install/common/common_config-9b4":{"__comp":"17896441","content":"8fa90406"},"/service-bridge/1.7.x/refs/install/controlplane/v1alpha1/spec-c48":{"__comp":"17896441","content":"cf8ac450"},"/service-bridge/1.7.x/refs/install/dataplane/v1alpha1/spec-a47":{"__comp":"17896441","content":"b282ac97"},"/service-bridge/1.7.x/refs/install/kubernetes/k8s-4b8":{"__comp":"17896441","content":"07a77455"},"/service-bridge/1.7.x/refs/install/managementplane/v1alpha1/spec-2b7":{"__comp":"17896441","content":"35957eec"},"/service-bridge/1.7.x/refs/istio.io/api/operator/v1alpha1/operator-b5a":{"__comp":"17896441","content":"f96a815f"},"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-2be":{"__comp":"17896441","content":"40121d3a"},"/service-bridge/1.7.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-218":{"__comp":"17896441","content":"27e495a5"},"/service-bridge/1.7.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-c45":{"__comp":"17896441","content":"641250b5"},"/service-bridge/1.7.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-e03":{"__comp":"17896441","content":"738d813c"},"/service-bridge/1.7.x/refs/onboarding/config/authorization/v1alpha1/policy-803":{"__comp":"17896441","content":"8af9b0bd"},"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-abf":{"__comp":"17896441","content":"ba7b5d35"},"/service-bridge/1.7.x/refs/onboarding/config/install/v1alpha1/workload_configuration-197":{"__comp":"17896441","content":"356966a1"},"/service-bridge/1.7.x/refs/onboarding/config/runtime/v1alpha1/registration-6b6":{"__comp":"17896441","content":"801658ae"},"/service-bridge/1.7.x/refs/onboarding/config/types/config/v1alpha1/transport_security-5c0":{"__comp":"17896441","content":"11cf695b"},"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/condition-cf5":{"__comp":"17896441","content":"52e819e2"},"/service-bridge/1.7.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-f16":{"__comp":"17896441","content":"f38c4342"},"/service-bridge/1.7.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-cd2":{"__comp":"17896441","content":"68df2929"},"/service-bridge/1.7.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-cc1":{"__comp":"17896441","content":"86efa9af"},"/service-bridge/1.7.x/refs/onboarding/config/types/identity/v1alpha1/identity-3f2":{"__comp":"17896441","content":"9caf7dc9"},"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-75a":{"__comp":"17896441","content":"a259f508"},"/service-bridge/1.7.x/refs/onboarding/config/types/registration/v1alpha1/registration-3f5":{"__comp":"17896441","content":"17a20378"},"/service-bridge/1.7.x/refs/tsb/application/v2/api-c72":{"__comp":"17896441","content":"fdf3f60b"},"/service-bridge/1.7.x/refs/tsb/application/v2/application-85e":{"__comp":"17896441","content":"01ae554b"},"/service-bridge/1.7.x/refs/tsb/application/v2/application_service-e6a":{"__comp":"17896441","content":"c66cfa9a"},"/service-bridge/1.7.x/refs/tsb/application/v2/grpc-943":{"__comp":"14eb3368","__props":"1243e96c"},"/service-bridge/1.7.x/refs/tsb/application/v2/openapi_extensions-cd5":{"__comp":"17896441","content":"cd948510"},"/service-bridge/1.7.x/refs/tsb/application/v2/yaml-1c5":{"__comp":"14eb3368","__props":"d6ee98b9"},"/service-bridge/1.7.x/refs/tsb/auth/v2/auth-fc1":{"__comp":"17896441","content":"b2202a22"},"/service-bridge/1.7.x/refs/tsb/auth/v2/yaml-187":{"__comp":"14eb3368","__props":"fed3e6b1"},"/service-bridge/1.7.x/refs/tsb/extension/v2/grpc-e80":{"__comp":"14eb3368","__props":"b8ae0d8a"},"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_extension-0f4":{"__comp":"17896441","content":"8ff0f8f6"},"/service-bridge/1.7.x/refs/tsb/extension/v2/wasm_service-f06":{"__comp":"17896441","content":"6442f98d"},"/service-bridge/1.7.x/refs/tsb/extension/v2/yaml-688":{"__comp":"14eb3368","__props":"ca7bf612"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/auth-928":{"__comp":"17896441","content":"5125f0bf"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/eastwest_gateway-2df":{"__comp":"17896441","content":"3a6fdd43"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/egress_gateway-5cb":{"__comp":"17896441","content":"564c1ef9"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway-d4f":{"__comp":"17896441","content":"95db3f99"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_common-339":{"__comp":"17896441","content":"e6921d71"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_group-006":{"__comp":"17896441","content":"f3de62b0"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/gateway_service-5d0":{"__comp":"17896441","content":"74f6f670"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/grpc-aa5":{"__comp":"14eb3368","__props":"acb1c92d"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/ingress_gateway-4e8":{"__comp":"17896441","content":"6bd7df86"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/istio_gateway_direct-89a":{"__comp":"17896441","content":"9e7fe9f6"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/tier1_gateway-d9c":{"__comp":"17896441","content":"7d5e2c43"},"/service-bridge/1.7.x/refs/tsb/gateway/v2/yaml-eb9":{"__comp":"14eb3368","__props":"3893df2b"},"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/grpc-15c":{"__comp":"14eb3368","__props":"8a428c4e"},"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_internal_group-858":{"__comp":"17896441","content":"8163c09b"},"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-f40":{"__comp":"17896441","content":"3a8033c9"},"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/istiointernal_service-dff":{"__comp":"17896441","content":"bb88ac63"},"/service-bridge/1.7.x/refs/tsb/istiointernal/v2/yaml-162":{"__comp":"14eb3368","__props":"bd5f2c8d"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/grpc-a1d":{"__comp":"14eb3368","__props":"3e5e7066"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric-26c":{"__comp":"17896441","content":"05785040"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/metric_service-6db":{"__comp":"17896441","content":"99de9992"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source-2f2":{"__comp":"17896441","content":"b453faaa"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/source_service-20a":{"__comp":"17896441","content":"e8a80c71"},"/service-bridge/1.7.x/refs/tsb/observability/telemetry/v2/yaml-b10":{"__comp":"14eb3368","__props":"676e2ecd"},"/service-bridge/1.7.x/refs/tsb/q/v2/approvals_service-d24":{"__comp":"17896441","content":"f50ef1b1"},"/service-bridge/1.7.x/refs/tsb/q/v2/grpc-04c":{"__comp":"14eb3368","__props":"1d9d27c4"},"/service-bridge/1.7.x/refs/tsb/q/v2/permissions_service-649":{"__comp":"17896441","content":"209a6444"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/access_bindings-395":{"__comp":"17896441","content":"d2d038d0"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/api_access_bindings-ace":{"__comp":"17896441","content":"ea347eb8"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/application_access_bindings-56c":{"__comp":"17896441","content":"c392e4c1"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/binding-3f1":{"__comp":"17896441","content":"b556abfb"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/gateway_access_bindings-fbe":{"__comp":"17896441","content":"e4fa5877"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/grpc-c57":{"__comp":"14eb3368","__props":"a9193099"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/istio_internal_access_bindings-945":{"__comp":"17896441","content":"82c1773f"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/organization_access_bindings-398":{"__comp":"17896441","content":"bfbcf654"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/permissions-b64":{"__comp":"17896441","content":"d6008c2d"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/policy_service-50e":{"__comp":"17896441","content":"05e4a20a"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/role-93d":{"__comp":"17896441","content":"f3d0482e"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/role_service-aa1":{"__comp":"17896441","content":"6b73fa19"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/security_access_bindings-b9b":{"__comp":"17896441","content":"8edd4817"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/tenant_access_bindings-a3f":{"__comp":"17896441","content":"40184b3b"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/traffic_access_bindings-c83":{"__comp":"17896441","content":"69364bd0"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/workspace_access_bindings-560":{"__comp":"17896441","content":"b815ad92"},"/service-bridge/1.7.x/refs/tsb/rbac/v2/yaml-e23":{"__comp":"14eb3368","__props":"bd07ad7d"},"/service-bridge/1.7.x/refs/tsb/registry/v2/grpc-e7f":{"__comp":"14eb3368","__props":"b7a2fba8"},"/service-bridge/1.7.x/refs/tsb/registry/v2/lookup_service-fd6":{"__comp":"17896441","content":"cf5dca9f"},"/service-bridge/1.7.x/refs/tsb/registry/v2/registration_service-406":{"__comp":"17896441","content":"f30468fa"},"/service-bridge/1.7.x/refs/tsb/registry/v2/service-e6e":{"__comp":"17896441","content":"8de70308"},"/service-bridge/1.7.x/refs/tsb/registry/v2/yaml-960":{"__comp":"14eb3368","__props":"f8d9cbf1"},"/service-bridge/1.7.x/refs/tsb/security/v2/grpc-2ef":{"__comp":"14eb3368","__props":"918ebc53"},"/service-bridge/1.7.x/refs/tsb/security/v2/istio_security_direct-70b":{"__comp":"17896441","content":"3570cfc0"},"/service-bridge/1.7.x/refs/tsb/security/v2/security_group-8c5":{"__comp":"17896441","content":"380f96c5"},"/service-bridge/1.7.x/refs/tsb/security/v2/security_service-492":{"__comp":"17896441","content":"7287d091"},"/service-bridge/1.7.x/refs/tsb/security/v2/security_setting-422":{"__comp":"17896441","content":"3efe7e94"},"/service-bridge/1.7.x/refs/tsb/security/v2/service_security_setting-0d8":{"__comp":"17896441","content":"5150fc97"},"/service-bridge/1.7.x/refs/tsb/security/v2/waf_settings-22b":{"__comp":"17896441","content":"b4640281"},"/service-bridge/1.7.x/refs/tsb/security/v2/yaml-a78":{"__comp":"14eb3368","__props":"852c8487"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/grpc-82c":{"__comp":"14eb3368","__props":"d873ff4f"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/istio_traffic_direct-dbf":{"__comp":"17896441","content":"23ccb6c8"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/service_route-cd2":{"__comp":"17896441","content":"4052ffe1"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_group-1ea":{"__comp":"17896441","content":"3192e20e"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_service-7f5":{"__comp":"17896441","content":"1c02928d"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/traffic_setting-1a9":{"__comp":"17896441","content":"03e8e5b9"},"/service-bridge/1.7.x/refs/tsb/traffic/v2/yaml-8d9":{"__comp":"14eb3368","__props":"610b976b"},"/service-bridge/1.7.x/refs/tsb/types/v2/types-a1a":{"__comp":"17896441","content":"9c581b1d"},"/service-bridge/1.7.x/refs/tsb/types/v2/yaml-10c":{"__comp":"14eb3368","__props":"64c3c660"},"/service-bridge/1.7.x/refs/tsb/v2/cluster-9f5":{"__comp":"17896441","content":"e17f4106"},"/service-bridge/1.7.x/refs/tsb/v2/cluster_service-e09":{"__comp":"17896441","content":"11f17983"},"/service-bridge/1.7.x/refs/tsb/v2/grpc-8c3":{"__comp":"14eb3368","__props":"1bd95ac8"},"/service-bridge/1.7.x/refs/tsb/v2/info-f5b":{"__comp":"17896441","content":"cfdff84d"},"/service-bridge/1.7.x/refs/tsb/v2/organization-95a":{"__comp":"17896441","content":"19fbeab8"},"/service-bridge/1.7.x/refs/tsb/v2/organization_service-172":{"__comp":"17896441","content":"1b15eacd"},"/service-bridge/1.7.x/refs/tsb/v2/organization_setting-b6c":{"__comp":"17896441","content":"a24f1e68"},"/service-bridge/1.7.x/refs/tsb/v2/status-3ac":{"__comp":"17896441","content":"46a540d5"},"/service-bridge/1.7.x/refs/tsb/v2/status_service-831":{"__comp":"17896441","content":"6cb40ca5"},"/service-bridge/1.7.x/refs/tsb/v2/team-99e":{"__comp":"17896441","content":"f37cde8f"},"/service-bridge/1.7.x/refs/tsb/v2/team_service-f29":{"__comp":"17896441","content":"08d63731"},"/service-bridge/1.7.x/refs/tsb/v2/tenant-ef6":{"__comp":"17896441","content":"0a79ff24"},"/service-bridge/1.7.x/refs/tsb/v2/tenant_service-6b0":{"__comp":"17896441","content":"1be3926c"},"/service-bridge/1.7.x/refs/tsb/v2/tenant_setting-278":{"__comp":"17896441","content":"f814a037"},"/service-bridge/1.7.x/refs/tsb/v2/workspace-487":{"__comp":"17896441","content":"cabb4e62"},"/service-bridge/1.7.x/refs/tsb/v2/workspace_service-6b7":{"__comp":"17896441","content":"31f25979"},"/service-bridge/1.7.x/refs/tsb/v2/workspace_setting-06d":{"__comp":"17896441","content":"5a2d9df8"},"/service-bridge/1.7.x/refs/tsb/v2/yaml-83a":{"__comp":"14eb3368","__props":"d3cbe39e"},"/service-bridge/1.7.x/release-notes-ebf":{"__comp":"17896441","content":"25f9ba86"},"/service-bridge/1.7.x/release-notes-announcements/-9c9":{"__comp":"17896441","content":"060a4d95"},"/service-bridge/1.7.x/release-notes-announcements/feature-status-4ab":{"__comp":"17896441","content":"1f9ff34b"},"/service-bridge/1.7.x/release-notes-announcements/support-policy-2e0":{"__comp":"17896441","content":"b3935fc4"},"/service-bridge/1.7.x/setup-e89":{"__comp":"14eb3368","__props":"abbf75c6"},"/service-bridge/1.7.x/setup/aws-f50":{"__comp":"14eb3368","__props":"dab287ee"},"/service-bridge/1.7.x/setup/aws/container-marketplace-3af":{"__comp":"17896441","content":"81af2a4e"},"/service-bridge/1.7.x/setup/aws/vpc-302":{"__comp":"17896441","content":"a3e21ece"},"/service-bridge/1.7.x/setup/certificate-a71":{"__comp":"14eb3368","__props":"3d9947d4"},"/service-bridge/1.7.x/setup/certificate/automated-certificate-management-5af":{"__comp":"17896441","content":"c4137959"},"/service-bridge/1.7.x/setup/certificate/certificate-requirements-39a":{"__comp":"17896441","content":"5f83095c"},"/service-bridge/1.7.x/setup/certificate/certificate-setup-a5f":{"__comp":"17896441","content":"0fe20a8b"},"/service-bridge/1.7.x/setup/components-992":{"__comp":"17896441","content":"65f8d0d2"},"/service-bridge/1.7.x/setup/firewall-information-303":{"__comp":"17896441","content":"d4c08079"},"/service-bridge/1.7.x/setup/helm/-d29":{"__comp":"17896441","content":"564312b4"},"/service-bridge/1.7.x/setup/helm/controlplane-d2a":{"__comp":"17896441","content":"e20974ef"},"/service-bridge/1.7.x/setup/helm/dataplane-1e4":{"__comp":"17896441","content":"c6f71d95"},"/service-bridge/1.7.x/setup/helm/helm-05a":{"__comp":"17896441","content":"4a6ca390"},"/service-bridge/1.7.x/setup/helm/managementplane-b50":{"__comp":"17896441","content":"a2e74239"},"/service-bridge/1.7.x/setup/helm/uninstallation-0f7":{"__comp":"17896441","content":"91791fee"},"/service-bridge/1.7.x/setup/helm/upgrade-027":{"__comp":"17896441","content":"b090831b"},"/service-bridge/1.7.x/setup/isolation-boundaries-0eb":{"__comp":"17896441","content":"90fe5893"},"/service-bridge/1.7.x/setup/migrate-tctl-to-helm-4d2":{"__comp":"17896441","content":"8003f8a0"},"/service-bridge/1.7.x/setup/remote-registry-cca":{"__comp":"17896441","content":"f29400e3"},"/service-bridge/1.7.x/setup/requirements-and-download-b0c":{"__comp":"17896441","content":"057ca389"},"/service-bridge/1.7.x/setup/resource-planning-d63":{"__comp":"17896441","content":"354eed60"},"/service-bridge/1.7.x/setup/security-context-180":{"__comp":"17896441","content":"5a1ba53c"},"/service-bridge/1.7.x/setup/self-managed/-40f":{"__comp":"17896441","content":"ca307ef1"},"/service-bridge/1.7.x/setup/self-managed/demo-installation-dff":{"__comp":"17896441","content":"aa02c956"},"/service-bridge/1.7.x/setup/self-managed/management-plane-installation-dfc":{"__comp":"17896441","content":"a178fca9"},"/service-bridge/1.7.x/setup/self-managed/onboarding-clusters-9e6":{"__comp":"17896441","content":"07680960"},"/service-bridge/1.7.x/setup/self-managed/uninstallation-920":{"__comp":"17896441","content":"28c94705"},"/service-bridge/1.7.x/setup/self-managed/upgrade-7dd":{"__comp":"17896441","content":"36bdecc6"},"/service-bridge/1.7.x/setup/tctl-connect-1a3":{"__comp":"17896441","content":"d9d0cfbb"},"/service-bridge/1.7.x/setup/upgrades-31d":{"__comp":"14eb3368","__props":"57842230"},"/service-bridge/1.7.x/setup/upgrades/cni-upgrade-b10":{"__comp":"17896441","content":"60999d6a"},"/service-bridge/1.7.x/setup/upgrades/gateway-upgrade-49a":{"__comp":"17896441","content":"7eb8f6bb"},"/service-bridge/1.7.x/setup/upgrades/non-revisioned-to-revisioned-367":{"__comp":"17896441","content":"580c7546"},"/service-bridge/1.7.x/setup/upgrades/revisioned-to-revisioned-92b":{"__comp":"17896441","content":"27ad8bc8"},"/service-bridge/1.7.x/setup/workload-onboarding-6d8":{"__comp":"14eb3368","__props":"6c185d8b"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/-5aa":{"__comp":"17896441","content":"9d7e4822"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/ecs-workloads-61b":{"__comp":"17896441","content":"983b47ee"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/managing-e4f":{"__comp":"17896441","content":"0a81fde1"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/on-premise-workloads-2b7":{"__comp":"17896441","content":"e069c226"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/onboarding-24f":{"__comp":"17896441","content":"fba2d6c8"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/overview-c30":{"__comp":"17896441","content":"92628439"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/setup-220":{"__comp":"17896441","content":"1b8cd004"},"/service-bridge/1.7.x/setup/workload-onboarding/guides/troubleshooting-04a":{"__comp":"17896441","content":"1b1ba584"},"/service-bridge/1.7.x/setup/workload-onboarding/onboarding-vms-6d9":{"__comp":"17896441","content":"e3c24203"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart-3ba":{"__comp":"14eb3368","__props":"f85d68d8"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/-1d9":{"__comp":"17896441","content":"2e670646"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-800":{"__comp":"17896441","content":"58f7fd92"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-7d9":{"__comp":"17896441","content":"713912e5"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-531":{"__comp":"17896441","content":"af4b1486"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-4c6":{"__comp":"17896441","content":"046a4a5a"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-b9c":{"__comp":"17896441","content":"5e1d0bdf"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-a31":{"__comp":"17896441","content":"f3e1b1de"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/-7d8":{"__comp":"17896441","content":"8bdd5826"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-216":{"__comp":"17896441","content":"10434c5a"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-ed2":{"__comp":"17896441","content":"afbd6ea0"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/-1ef":{"__comp":"17896441","content":"b5724f38"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-df1":{"__comp":"17896441","content":"dc86b3ce"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-e0f":{"__comp":"17896441","content":"c0937b31"},"/service-bridge/1.7.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-643":{"__comp":"17896441","content":"e7e17959"},"/service-bridge/1.7.x/troubleshooting-740":{"__comp":"14eb3368","__props":"6f033c91"},"/service-bridge/1.7.x/troubleshooting/cluster-onboarding-61a":{"__comp":"17896441","content":"6b7a4444"},"/service-bridge/1.7.x/troubleshooting/configuration-status-b86":{"__comp":"17896441","content":"5d56b8b1"},"/service-bridge/1.7.x/troubleshooting/debug-container-6e5":{"__comp":"17896441","content":"f2ac3efc"},"/service-bridge/1.7.x/troubleshooting/gateway-troubleshooting-5a5":{"__comp":"17896441","content":"6d19d0cb"},"/service-bridge/1.7.x/troubleshooting/identify-underperforming-services-021":{"__comp":"17896441","content":"58713ebd"},"/service-bridge/1.7.x/troubleshooting/Maximum-header-size-exceed-b16":{"__comp":"17896441","content":"637eccb0"},"/service-bridge/1.7.x/troubleshooting/Multiple-Transfer-encoding-chunked-073":{"__comp":"17896441","content":"42fb07b0"},"/service-bridge/1.7.x/troubleshooting/troubleshooting-c6b":{"__comp":"17896441","content":"9db81f19"},"/service-bridge/1.7.x/troubleshooting/tsb-ui-metrics-10d":{"__comp":"17896441","content":"a8bed352"},"/service-bridge/1.7.x/wokingwithsupport/workingWithTetrateSupport-187":{"__comp":"17896441","content":"f5d97320"},"/service-bridge/1.8.x-0ca":{"__comp":"a7bd4aaa","__props":"a81d38b8"},"/service-bridge/1.8.x/tags-41a":{"__comp":"3720c009","__props":"16b19495"},"/service-bridge/1.8.x/tags/featured-296":{"__comp":"df203c0f","__props":"48638a0c"},"/service-bridge/1.8.x/tags/tsb-concepts-e7d":{"__comp":"df203c0f","__props":"bb891f10"},"/service-bridge/1.8.x/tags/tsb-quickstart-07d":{"__comp":"df203c0f","__props":"342d709e"},"/service-bridge/1.8.x-ef4":{"__comp":"a94703ab"},"/service-bridge/1.8.x/-933":{"__comp":"17896441","content":"061f770e"},"/service-bridge/1.8.x/category/working-with-tetrate-customer-support-377":{"__comp":"14eb3368","__props":"c503ca6a"},"/service-bridge/1.8.x/cheatsheet/-81a":{"__comp":"17896441","content":"59be6805"},"/service-bridge/1.8.x/cheatsheet/sheets/gateways-management-421":{"__comp":"17896441","content":"4a4f1ebd"},"/service-bridge/1.8.x/cheatsheet/sheets/kubectl-129":{"__comp":"17896441","content":"0aea5229"},"/service-bridge/1.8.x/cheatsheet/sheets/security-management-2f3":{"__comp":"17896441","content":"0b319dea"},"/service-bridge/1.8.x/cheatsheet/sheets/tctl-f7f":{"__comp":"17896441","content":"259624c5"},"/service-bridge/1.8.x/cheatsheet/sheets/traffic-management-fa4":{"__comp":"17896441","content":"95e3916d"},"/service-bridge/1.8.x/cheatsheet/sheets/tsb-concepts-6c7":{"__comp":"17896441","content":"bb4e718e"},"/service-bridge/1.8.x/cheatsheet/sheets/tsb-quickstart-371":{"__comp":"17896441","content":"7f6feb45"},"/service-bridge/1.8.x/cheatsheet/sheets/tsb-terminology-6da":{"__comp":"17896441","content":"c5978fee"},"/service-bridge/1.8.x/concepts/-4a8":{"__comp":"17896441","content":"3c351309"},"/service-bridge/1.8.x/concepts/architecture-607":{"__comp":"17896441","content":"4a572e8d"},"/service-bridge/1.8.x/concepts/configuration-dataflow-04c":{"__comp":"17896441","content":"a62b103e"},"/service-bridge/1.8.x/concepts/glossary-196":{"__comp":"17896441","content":"87e8b6f6"},"/service-bridge/1.8.x/concepts/observability-852":{"__comp":"17896441","content":"a078d7b8"},"/service-bridge/1.8.x/concepts/operators/-6b1":{"__comp":"17896441","content":"6f1e6f27"},"/service-bridge/1.8.x/concepts/operators/control-plane-81d":{"__comp":"17896441","content":"638b603b"},"/service-bridge/1.8.x/concepts/operators/data-plane-fc2":{"__comp":"17896441","content":"736d63c6"},"/service-bridge/1.8.x/concepts/operators/management-plane-a4e":{"__comp":"17896441","content":"dc4be721"},"/service-bridge/1.8.x/concepts/security-27c":{"__comp":"17896441","content":"1ee4e0b1"},"/service-bridge/1.8.x/concepts/service-mesh-728":{"__comp":"17896441","content":"1d07e63e"},"/service-bridge/1.8.x/concepts/terminology-b9b":{"__comp":"17896441","content":"75893e91"},"/service-bridge/1.8.x/concepts/traffic-management-e36":{"__comp":"17896441","content":"8154a681"},"/service-bridge/1.8.x/concepts/tsb-and-istio-a56":{"__comp":"17896441","content":"24c1ae7a"},"/service-bridge/1.8.x/design-guides/-2f1":{"__comp":"17896441","content":"9632beef"},"/service-bridge/1.8.x/design-guides/app-onboarding/-ecf":{"__comp":"17896441","content":"4c9eb094"},"/service-bridge/1.8.x/design-guides/app-onboarding/cross-cluster-253":{"__comp":"17896441","content":"91d979ee"},"/service-bridge/1.8.x/design-guides/app-onboarding/deploy-service-917":{"__comp":"17896441","content":"cd646c70"},"/service-bridge/1.8.x/design-guides/app-onboarding/gateway-security-e60":{"__comp":"17896441","content":"b18cf1cd"},"/service-bridge/1.8.x/design-guides/app-onboarding/high-availability-8bb":{"__comp":"17896441","content":"db1326ee"},"/service-bridge/1.8.x/design-guides/app-onboarding/introduction-2ee":{"__comp":"17896441","content":"8e27053d"},"/service-bridge/1.8.x/design-guides/app-onboarding/monitor-a6c":{"__comp":"17896441","content":"8fc9e17e"},"/service-bridge/1.8.x/design-guides/app-onboarding/prepare-eab":{"__comp":"17896441","content":"0cb1fb17"},"/service-bridge/1.8.x/design-guides/app-onboarding/promote-service-908":{"__comp":"17896441","content":"8b03ff9a"},"/service-bridge/1.8.x/design-guides/app-onboarding/security-1e5":{"__comp":"17896441","content":"4162a508"},"/service-bridge/1.8.x/design-guides/ha-dr-mp/-a8b":{"__comp":"17896441","content":"42af8a74"},"/service-bridge/1.8.x/design-guides/ha-dr-mp/dr-managementplane-f54":{"__comp":"17896441","content":"a12fc6af"},"/service-bridge/1.8.x/design-guides/ha-dr-mp/ha-managementplane-dbf":{"__comp":"17896441","content":"478507bf"},"/service-bridge/1.8.x/design-guides/ha-dr-mp/introduction-194":{"__comp":"17896441","content":"bb5ca059"},"/service-bridge/1.8.x/design-guides/ha-dr-mp/scenarios-6a2":{"__comp":"17896441","content":"26df94fd"},"/service-bridge/1.8.x/design-guides/ha-multicluster/-2d7":{"__comp":"17896441","content":"e27cb98d"},"/service-bridge/1.8.x/design-guides/ha-multicluster/cluster-failover-464":{"__comp":"17896441","content":"677989d8"},"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-1-2e7":{"__comp":"17896441","content":"8da51292"},"/service-bridge/1.8.x/design-guides/ha-multicluster/demo-2-23c":{"__comp":"17896441","content":"449d8fde"},"/service-bridge/1.8.x/design-guides/ha-multicluster/edge-failover-7ea":{"__comp":"17896441","content":"50398ce9"},"/service-bridge/1.8.x/design-guides/ha-multicluster/introduction-e0d":{"__comp":"17896441","content":"a786d655"},"/service-bridge/1.8.x/design-guides/ha-multicluster/operations-dfb":{"__comp":"17896441","content":"ad09d860"},"/service-bridge/1.8.x/howto-5a2":{"__comp":"14eb3368","__props":"2033551f"},"/service-bridge/1.8.x/howto/authorization/-a78":{"__comp":"17896441","content":"058ab215"},"/service-bridge/1.8.x/howto/authorization/ingress-gateway-ce3":{"__comp":"17896441","content":"a560686b"},"/service-bridge/1.8.x/howto/authorization/sidecar-bc3":{"__comp":"17896441","content":"664951ee"},"/service-bridge/1.8.x/howto/authorization/tier1-gateway-dcc":{"__comp":"17896441","content":"c6d41e85"},"/service-bridge/1.8.x/howto/authorization/tls-verification-820":{"__comp":"17896441","content":"6a9938dc"},"/service-bridge/1.8.x/howto/gateway-a1b":{"__comp":"14eb3368","__props":"8d569b74"},"/service-bridge/1.8.x/howto/gateway/app-ingress-401":{"__comp":"17896441","content":"b6c6611d"},"/service-bridge/1.8.x/howto/gateway/application-gateway-with-openapi-annotations-fce":{"__comp":"17896441","content":"8de7822e"},"/service-bridge/1.8.x/howto/gateway/configure-and-route-nonhttp-traffic-6e3":{"__comp":"17896441","content":"5c89b4e8"},"/service-bridge/1.8.x/howto/gateway/configure-oidc-2d2":{"__comp":"17896441","content":"36495e45"},"/service-bridge/1.8.x/howto/gateway/distributed-ingress-622":{"__comp":"17896441","content":"90a8f22f"},"/service-bridge/1.8.x/howto/gateway/egress-gateways-dff":{"__comp":"17896441","content":"53e1c230"},"/service-bridge/1.8.x/howto/gateway/end-user-auth-keycloak-706":{"__comp":"17896441","content":"3aee7809"},"/service-bridge/1.8.x/howto/gateway/https-with-proxy-protocol-5e0":{"__comp":"17896441","content":"a8e7484a"},"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-76f":{"__comp":"17896441","content":"5fbada63"},"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-d68":{"__comp":"17896441","content":"6bc4cb6c"},"/service-bridge/1.8.x/howto/gateway/multi-cluster-traffic-shifting-79d":{"__comp":"17896441","content":"acec8395"},"/service-bridge/1.8.x/howto/gateway/service-identity-propagation-be8":{"__comp":"17896441","content":"afc0284a"},"/service-bridge/1.8.x/howto/gateway/shared-ingress-c6b":{"__comp":"17896441","content":"68d523a5"},"/service-bridge/1.8.x/howto/gateway/subset-based-routing-using-igw-and-service-route-639":{"__comp":"17896441","content":"cbb12b00"},"/service-bridge/1.8.x/howto/gateway/unified-gateway-23d":{"__comp":"17896441","content":"f5be9ba6"},"/service-bridge/1.8.x/howto/gitops-26f":{"__comp":"14eb3368","__props":"fcbdb5ed"},"/service-bridge/1.8.x/howto/gitops/argo-rollouts-31e":{"__comp":"17896441","content":"fcf5a04f"},"/service-bridge/1.8.x/howto/gitops/flux-f00":{"__comp":"17896441","content":"94dabc52"},"/service-bridge/1.8.x/howto/gitops/gitops-a45":{"__comp":"17896441","content":"71ccef3e"},"/service-bridge/1.8.x/howto/hpa-using-skywalking-34f":{"__comp":"17896441","content":"240f8571"},"/service-bridge/1.8.x/howto/network-policies-2d6":{"__comp":"17896441","content":"1e92227b"},"/service-bridge/1.8.x/howto/promql-using-skywalking-8fd":{"__comp":"17896441","content":"279b0948"},"/service-bridge/1.8.x/howto/rate-limiting/-02b":{"__comp":"17896441","content":"f27c8dea"},"/service-bridge/1.8.x/howto/rate-limiting/external-rate-limiting-d69":{"__comp":"17896441","content":"1e544661"},"/service-bridge/1.8.x/howto/rate-limiting/ingress-gateway-faa":{"__comp":"17896441","content":"b00ef544"},"/service-bridge/1.8.x/howto/rate-limiting/internal-rate-limiting-b88":{"__comp":"17896441","content":"a52bcc5a"},"/service-bridge/1.8.x/howto/rate-limiting/service-to-service-744":{"__comp":"17896441","content":"12ac0921"},"/service-bridge/1.8.x/howto/rate-limiting/tier1-gateway-216":{"__comp":"17896441","content":"cf09c6df"},"/service-bridge/1.8.x/howto/rate-limiting/tls-validation-11f":{"__comp":"17896441","content":"07f0b665"},"/service-bridge/1.8.x/howto/security-domains-65e":{"__comp":"17896441","content":"da3f36e5"},"/service-bridge/1.8.x/howto/service-accounts-ccd":{"__comp":"17896441","content":"7b8391fd"},"/service-bridge/1.8.x/howto/traffic-ce5":{"__comp":"14eb3368","__props":"759bd4dd"},"/service-bridge/1.8.x/howto/traffic/canary-releases-eae":{"__comp":"17896441","content":"4262443f"},"/service-bridge/1.8.x/howto/traffic/configure-multi-port-service-route-d2f":{"__comp":"17896441","content":"5a9f0c64"},"/service-bridge/1.8.x/howto/traffic/external-site-https-792":{"__comp":"17896441","content":"dd286bd2"},"/service-bridge/1.8.x/howto/traffic/load-balance-a73":{"__comp":"17896441","content":"b3984b4c"},"/service-bridge/1.8.x/howto/traffic/migrating-VM-monoliths-782":{"__comp":"17896441","content":"eeb506ad"},"/service-bridge/1.8.x/howto/traffic/splitting-service-traffic-between-k8s-vms-83b":{"__comp":"17896441","content":"ea51ecbf"},"/service-bridge/1.8.x/howto/waf-f3b":{"__comp":"17896441","content":"d9ead56a"},"/service-bridge/1.8.x/howto/wasm-ca8":{"__comp":"14eb3368","__props":"c55fe77a"},"/service-bridge/1.8.x/howto/wasm/wasm-extension-3c4":{"__comp":"17896441","content":"cc7131e4"},"/service-bridge/1.8.x/howto/wasm/wasm-overview-59a":{"__comp":"17896441","content":"4bfb24ff"},"/service-bridge/1.8.x/howto/wasm/wasm-proxy-526":{"__comp":"17896441","content":"892f1497"},"/service-bridge/1.8.x/howto/wasm/wasm-try-d21":{"__comp":"17896441","content":"19f663d4"},"/service-bridge/1.8.x/knowledge-base-a81":{"__comp":"14eb3368","__props":"f5fccd25"},"/service-bridge/1.8.x/knowledge-base/faq-4e5":{"__comp":"17896441","content":"43d3582f"},"/service-bridge/1.8.x/knowledge-base/gitops-389":{"__comp":"17896441","content":"80fc2de5"},"/service-bridge/1.8.x/operations-0f0":{"__comp":"14eb3368","__props":"7f6a03df"},"/service-bridge/1.8.x/operations/configuration-promotion-c42":{"__comp":"17896441","content":"14f776b0"},"/service-bridge/1.8.x/operations/configure-log-levels-f7c":{"__comp":"17896441","content":"ed75cfe4"},"/service-bridge/1.8.x/operations/elasticsearch-48f":{"__comp":"14eb3368","__props":"017377da"},"/service-bridge/1.8.x/operations/elasticsearch/elasticsearch-role-436":{"__comp":"17896441","content":"a54c1951"},"/service-bridge/1.8.x/operations/elasticsearch/wipe-elastic-fc1":{"__comp":"17896441","content":"f727d782"},"/service-bridge/1.8.x/operations/features-f37":{"__comp":"14eb3368","__props":"19e0fbfd"},"/service-bridge/1.8.x/operations/features/configure-cluster-external-addresses-49f":{"__comp":"17896441","content":"d2c396f6"},"/service-bridge/1.8.x/operations/features/configure-gitops-db8":{"__comp":"17896441","content":"a764a52b"},"/service-bridge/1.8.x/operations/features/deletion-protection-a42":{"__comp":"17896441","content":"af0113cf"},"/service-bridge/1.8.x/operations/features/edge-dns-resolution-5ab":{"__comp":"17896441","content":"5d2a58c9"},"/service-bridge/1.8.x/operations/features/enable-config-protection-ec5":{"__comp":"17896441","content":"f40be84b"},"/service-bridge/1.8.x/operations/features/gateway-deletion-webhook-eaf":{"__comp":"17896441","content":"f9292639"},"/service-bridge/1.8.x/operations/features/internal-wasm-extensions-65e":{"__comp":"17896441","content":"b808ec84"},"/service-bridge/1.8.x/operations/features/istio-cni-de8":{"__comp":"17896441","content":"e72e73fd"},"/service-bridge/1.8.x/operations/features/label-annotation-4ab":{"__comp":"17896441","content":"b15671ea"},"/service-bridge/1.8.x/operations/features/streaming-log-77d":{"__comp":"17896441","content":"c55b4b72"},"/service-bridge/1.8.x/operations/features/tier1-in-app-cluster-b7d":{"__comp":"17896441","content":"d843bcee"},"/service-bridge/1.8.x/operations/features/tls-origin-multi-cluster-fd1":{"__comp":"17896441","content":"c706d69a"},"/service-bridge/1.8.x/operations/graceful-connection-drain-3e6":{"__comp":"17896441","content":"4fef3dc6"},"/service-bridge/1.8.x/operations/kube-customization-2b8":{"__comp":"17896441","content":"994100f1"},"/service-bridge/1.8.x/operations/lower-istio-resources-fb6":{"__comp":"17896441","content":"e363986d"},"/service-bridge/1.8.x/operations/migrate-organization-584":{"__comp":"17896441","content":"3814a413"},"/service-bridge/1.8.x/operations/multiple-iam-keys-d37":{"__comp":"17896441","content":"472a7df8"},"/service-bridge/1.8.x/operations/postgresql-ca8":{"__comp":"14eb3368","__props":"d19cd076"},"/service-bridge/1.8.x/operations/postgresql/azure-credentials-36f":{"__comp":"17896441","content":"c95b901a"},"/service-bridge/1.8.x/operations/postgresql/backup-and-restore-6e4":{"__comp":"17896441","content":"c2a686fb"},"/service-bridge/1.8.x/operations/telemetry-936":{"__comp":"14eb3368","__props":"e39ae4a5"},"/service-bridge/1.8.x/operations/telemetry/alerting-guidelines-d1c":{"__comp":"17896441","content":"20f5515c"},"/service-bridge/1.8.x/operations/telemetry/distributed-tracing-924":{"__comp":"17896441","content":"e1cf29af"},"/service-bridge/1.8.x/operations/telemetry/key-metrics-e57":{"__comp":"17896441","content":"65b31a97"},"/service-bridge/1.8.x/operations/telemetry/new-relic-7fc":{"__comp":"17896441","content":"cb66c90f"},"/service-bridge/1.8.x/operations/telemetry/red-metrics-393":{"__comp":"17896441","content":"6bc91366"},"/service-bridge/1.8.x/operations/telemetry/telemetry-architecture-130":{"__comp":"17896441","content":"e5604097"},"/service-bridge/1.8.x/operations/users-f85":{"__comp":"14eb3368","__props":"72f08838"},"/service-bridge/1.8.x/operations/users/admin-password-690":{"__comp":"17896441","content":"5ad9d500"},"/service-bridge/1.8.x/operations/users/configuring-ldap-e50":{"__comp":"17896441","content":"6855733e"},"/service-bridge/1.8.x/operations/users/oidc-azure-de0":{"__comp":"17896441","content":"c6b488e9"},"/service-bridge/1.8.x/operations/users/roles-and-permissions-edb":{"__comp":"17896441","content":"944ecc83"},"/service-bridge/1.8.x/operations/users/user-synchronization-96b":{"__comp":"17896441","content":"5441ff74"},"/service-bridge/1.8.x/operations/vault-da5":{"__comp":"14eb3368","__props":"ea5d1a8d"},"/service-bridge/1.8.x/operations/vault/elasticsearch-028":{"__comp":"17896441","content":"2ae8f791"},"/service-bridge/1.8.x/operations/vault/istiod-ca-877":{"__comp":"17896441","content":"8e61d782"},"/service-bridge/1.8.x/operations/vault/postgresql-b7e":{"__comp":"17896441","content":"27a6cf9e"},"/service-bridge/1.8.x/quickstart-7d1":{"__comp":"14eb3368","__props":"52baab58"},"/service-bridge/1.8.x/quickstart/apps-505":{"__comp":"17896441","content":"b6b58e4d"},"/service-bridge/1.8.x/quickstart/config-groups-a9b":{"__comp":"17896441","content":"60f76b1d"},"/service-bridge/1.8.x/quickstart/deploy-sample-app-eac":{"__comp":"17896441","content":"a39d5273"},"/service-bridge/1.8.x/quickstart/ingress-gateway-30d":{"__comp":"17896441","content":"bf028813"},"/service-bridge/1.8.x/quickstart/introduction-4ec":{"__comp":"17896441","content":"ce599a01"},"/service-bridge/1.8.x/quickstart/observability-0e7":{"__comp":"17896441","content":"ea4e69e0"},"/service-bridge/1.8.x/quickstart/permissions-d64":{"__comp":"17896441","content":"1a9ee947"},"/service-bridge/1.8.x/quickstart/security-dbb":{"__comp":"17896441","content":"e52950d5"},"/service-bridge/1.8.x/quickstart/tenant-1d2":{"__comp":"17896441","content":"96ffa52e"},"/service-bridge/1.8.x/quickstart/traffic-shifting-a07":{"__comp":"17896441","content":"d6714bb7"},"/service-bridge/1.8.x/quickstart/workspace-37f":{"__comp":"17896441","content":"d244e1b0"},"/service-bridge/1.8.x/reference-fa7":{"__comp":"14eb3368","__props":"e2c2d5fa"},"/service-bridge/1.8.x/reference/cli-9cf":{"__comp":"14eb3368","__props":"ac2dfe85"},"/service-bridge/1.8.x/reference/cli/guide/index-eeb":{"__comp":"17896441","content":"a6e7ae9b"},"/service-bridge/1.8.x/reference/cli/guide/toc-83b":{"__comp":"14eb3368","__props":"7c69b123"},"/service-bridge/1.8.x/reference/cli/reference-47b":{"__comp":"14eb3368","__props":"5fc97651"},"/service-bridge/1.8.x/reference/cli/reference/apply-7e1":{"__comp":"17896441","content":"72239418"},"/service-bridge/1.8.x/reference/cli/reference/collect-729":{"__comp":"17896441","content":"84b3adee"},"/service-bridge/1.8.x/reference/cli/reference/completion-783":{"__comp":"17896441","content":"02df3931"},"/service-bridge/1.8.x/reference/cli/reference/config-e24":{"__comp":"17896441","content":"a00c7798"},"/service-bridge/1.8.x/reference/cli/reference/delete-448":{"__comp":"17896441","content":"bd5a1be3"},"/service-bridge/1.8.x/reference/cli/reference/edit-969":{"__comp":"17896441","content":"56b2da53"},"/service-bridge/1.8.x/reference/cli/reference/experimental-23e":{"__comp":"17896441","content":"dd7f6247"},"/service-bridge/1.8.x/reference/cli/reference/get-181":{"__comp":"17896441","content":"098108d2"},"/service-bridge/1.8.x/reference/cli/reference/index-924":{"__comp":"17896441","content":"fd4e2390"},"/service-bridge/1.8.x/reference/cli/reference/install-bdf":{"__comp":"17896441","content":"279b56a5"},"/service-bridge/1.8.x/reference/cli/reference/login-ada":{"__comp":"17896441","content":"40ae7af3"},"/service-bridge/1.8.x/reference/cli/reference/ui-dff":{"__comp":"17896441","content":"0156cf14"},"/service-bridge/1.8.x/reference/cli/reference/validate-214":{"__comp":"17896441","content":"cb0d5330"},"/service-bridge/1.8.x/reference/cli/reference/version-209":{"__comp":"17896441","content":"74de2939"},"/service-bridge/1.8.x/reference/cli/reference/whoami-ee0":{"__comp":"17896441","content":"dcb079e0"},"/service-bridge/1.8.x/reference/cli/reference/workload-entry-annotations-55f":{"__comp":"17896441","content":"eb2a5488"},"/service-bridge/1.8.x/reference/grpc-api-0a9":{"__comp":"14eb3368","__props":"836722d7"},"/service-bridge/1.8.x/reference/grpc-api/guide-4b0":{"__comp":"17896441","content":"233c5d66"},"/service-bridge/1.8.x/reference/grpc-api/reference-b69":{"__comp":"14eb3368","__props":"f8f89595"},"/service-bridge/1.8.x/reference/k8s-api-e57":{"__comp":"14eb3368","__props":"47b40343"},"/service-bridge/1.8.x/reference/k8s-api/guide-284":{"__comp":"17896441","content":"6ab251bd"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen-4d2":{"__comp":"14eb3368","__props":"d9b7b374"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-ef9":{"__comp":"17896441","content":"5b7e999d"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-237":{"__comp":"17896441","content":"64e5e794"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-4b3":{"__comp":"17896441","content":"2845db63"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-357":{"__comp":"17896441","content":"51f7b697"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-b3a":{"__comp":"17896441","content":"d8ae0479"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-75d":{"__comp":"17896441","content":"8152e75f"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-72e":{"__comp":"17896441","content":"0288b507"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-f40":{"__comp":"17896441","content":"f72ecdf4"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-ab7":{"__comp":"17896441","content":"d7ba9175"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-310":{"__comp":"17896441","content":"5c4a9e14"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-bd4":{"__comp":"17896441","content":"e7003b7b"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-f7a":{"__comp":"17896441","content":"19389025"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-2db":{"__comp":"17896441","content":"fa5cf6a3"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-28b":{"__comp":"17896441","content":"481bf971"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-d4a":{"__comp":"17896441","content":"ff3c48e2"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-919":{"__comp":"17896441","content":"6ad92c1d"},"/service-bridge/1.8.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-3a9":{"__comp":"14eb3368","__props":"796d75c8"},"/service-bridge/1.8.x/reference/operators-e13":{"__comp":"14eb3368","__props":"16635cdd"},"/service-bridge/1.8.x/reference/rest-api/guide-550":{"__comp":"17896441","content":"aa4d6433"},"/service-bridge/1.8.x/reference/samples-212":{"__comp":"14eb3368","__props":"3954dc2e"},"/service-bridge/1.8.x/reference/samples/httpbin-2b1":{"__comp":"17896441","content":"01a4e16a"},"/service-bridge/1.8.x/reference/samples/opa-74a":{"__comp":"17896441","content":"b3fbbeea"},"/service-bridge/1.8.x/reference/samples/sleep-service-0a0":{"__comp":"17896441","content":"88470cce"},"/service-bridge/1.8.x/reference/workload-onboarding-258":{"__comp":"14eb3368","__props":"f0dd2fa0"},"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-agent-047":{"__comp":"14eb3368","__props":"3246fa5b"},"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-authorization-7b6":{"__comp":"14eb3368","__props":"55cb7518"},"/service-bridge/1.8.x/reference/workload-onboarding/onboarding-runtime-da8":{"__comp":"14eb3368","__props":"b0bee6a2"},"/service-bridge/1.8.x/reference/yaml-api-259":{"__comp":"14eb3368","__props":"0634620a"},"/service-bridge/1.8.x/reference/yaml-api/guide-36b":{"__comp":"17896441","content":"d7c077d5"},"/service-bridge/1.8.x/reference/yaml-api/reference-9cd":{"__comp":"14eb3368","__props":"eceab9aa"},"/service-bridge/1.8.x/refs/audit/v1/audit-546":{"__comp":"17896441","content":"66b53843"},"/service-bridge/1.8.x/refs/audit/v1/grpc-3cb":{"__comp":"14eb3368","__props":"9b58f7bc"},"/service-bridge/1.8.x/refs/iam/v2/grpc-7ae":{"__comp":"14eb3368","__props":"930037db"},"/service-bridge/1.8.x/refs/iam/v2/oauth_service-27f":{"__comp":"17896441","content":"e4325c1f"},"/service-bridge/1.8.x/refs/iam/v2/oidc_service-889":{"__comp":"17896441","content":"247aeccb"},"/service-bridge/1.8.x/refs/install-176":{"__comp":"14eb3368","__props":"12d4a9e9"},"/service-bridge/1.8.x/refs/install/common/common_config-166":{"__comp":"17896441","content":"a43640e0"},"/service-bridge/1.8.x/refs/install/controlplane/v1alpha1/spec-8d3":{"__comp":"17896441","content":"deab080d"},"/service-bridge/1.8.x/refs/install/dataplane/v1alpha1/spec-06e":{"__comp":"17896441","content":"8442432d"},"/service-bridge/1.8.x/refs/install/kubernetes/k8s-fae":{"__comp":"17896441","content":"ec96806b"},"/service-bridge/1.8.x/refs/install/managementplane/v1alpha1/spec-3a5":{"__comp":"17896441","content":"91a65a23"},"/service-bridge/1.8.x/refs/istio.io/api/operator/v1alpha1/operator-ef2":{"__comp":"17896441","content":"d67e078c"},"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-97c":{"__comp":"17896441","content":"01d4248e"},"/service-bridge/1.8.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-936":{"__comp":"17896441","content":"ff6e3512"},"/service-bridge/1.8.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-497":{"__comp":"17896441","content":"93ce154e"},"/service-bridge/1.8.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-ee0":{"__comp":"17896441","content":"fec73a2a"},"/service-bridge/1.8.x/refs/onboarding/config/authorization/v1alpha1/policy-4f0":{"__comp":"17896441","content":"5104265c"},"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-f86":{"__comp":"17896441","content":"1842150c"},"/service-bridge/1.8.x/refs/onboarding/config/install/v1alpha1/workload_configuration-f87":{"__comp":"17896441","content":"27692cb0"},"/service-bridge/1.8.x/refs/onboarding/config/runtime/v1alpha1/registration-a7e":{"__comp":"17896441","content":"76edd589"},"/service-bridge/1.8.x/refs/onboarding/config/types/config/v1alpha1/transport_security-651":{"__comp":"17896441","content":"b6f4fb04"},"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/condition-84a":{"__comp":"17896441","content":"b6560d4a"},"/service-bridge/1.8.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-0e9":{"__comp":"17896441","content":"13a3d515"},"/service-bridge/1.8.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-874":{"__comp":"17896441","content":"820c7081"},"/service-bridge/1.8.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-f06":{"__comp":"17896441","content":"9980e398"},"/service-bridge/1.8.x/refs/onboarding/config/types/identity/v1alpha1/identity-291":{"__comp":"17896441","content":"4d30040a"},"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-a96":{"__comp":"17896441","content":"0f3def3e"},"/service-bridge/1.8.x/refs/onboarding/config/types/registration/v1alpha1/registration-10e":{"__comp":"17896441","content":"4123af81"},"/service-bridge/1.8.x/refs/tsb/application/v2/api-a2f":{"__comp":"17896441","content":"0a7e4255"},"/service-bridge/1.8.x/refs/tsb/application/v2/application-374":{"__comp":"17896441","content":"b191355b"},"/service-bridge/1.8.x/refs/tsb/application/v2/application_service-91c":{"__comp":"17896441","content":"33027d1c"},"/service-bridge/1.8.x/refs/tsb/application/v2/grpc-776":{"__comp":"14eb3368","__props":"1d2ecacd"},"/service-bridge/1.8.x/refs/tsb/application/v2/openapi_extensions-f7a":{"__comp":"17896441","content":"334eb0e6"},"/service-bridge/1.8.x/refs/tsb/application/v2/yaml-876":{"__comp":"14eb3368","__props":"ad4320df"},"/service-bridge/1.8.x/refs/tsb/auth/v2/auth-796":{"__comp":"17896441","content":"4e9aa3e8"},"/service-bridge/1.8.x/refs/tsb/auth/v2/yaml-816":{"__comp":"14eb3368","__props":"74943468"},"/service-bridge/1.8.x/refs/tsb/extension/v2/grpc-e81":{"__comp":"14eb3368","__props":"15677f3a"},"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_extension-390":{"__comp":"17896441","content":"e9008175"},"/service-bridge/1.8.x/refs/tsb/extension/v2/wasm_service-fca":{"__comp":"17896441","content":"f3e5e3d7"},"/service-bridge/1.8.x/refs/tsb/extension/v2/yaml-781":{"__comp":"14eb3368","__props":"225d2803"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/auth-746":{"__comp":"17896441","content":"13e62d79"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/eastwest_gateway-f7f":{"__comp":"17896441","content":"763edf01"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/egress_gateway-458":{"__comp":"17896441","content":"f97af5d7"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway-0bb":{"__comp":"17896441","content":"f000027a"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_common-42f":{"__comp":"17896441","content":"40572d83"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_group-c73":{"__comp":"17896441","content":"28cba099"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/gateway_service-f20":{"__comp":"17896441","content":"45910340"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/grpc-355":{"__comp":"14eb3368","__props":"8ea49374"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/ingress_gateway-dfb":{"__comp":"17896441","content":"f46f8920"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/istio_gateway_direct-5a4":{"__comp":"17896441","content":"8264db48"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/tier1_gateway-5cd":{"__comp":"17896441","content":"0df63a31"},"/service-bridge/1.8.x/refs/tsb/gateway/v2/yaml-b18":{"__comp":"14eb3368","__props":"37363708"},"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/grpc-25c":{"__comp":"14eb3368","__props":"c7d717ad"},"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_internal_group-05a":{"__comp":"17896441","content":"e0266104"},"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-e09":{"__comp":"17896441","content":"8f8ca8a8"},"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/istiointernal_service-de1":{"__comp":"17896441","content":"59f0b8b1"},"/service-bridge/1.8.x/refs/tsb/istiointernal/v2/yaml-ee6":{"__comp":"14eb3368","__props":"cdfd5be7"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/grpc-b25":{"__comp":"14eb3368","__props":"bb35d139"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric-4bf":{"__comp":"17896441","content":"965ed39d"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/metric_service-2db":{"__comp":"17896441","content":"4f99910f"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source-640":{"__comp":"17896441","content":"080ebd67"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/source_service-663":{"__comp":"17896441","content":"b92c301a"},"/service-bridge/1.8.x/refs/tsb/observability/telemetry/v2/yaml-b93":{"__comp":"14eb3368","__props":"c3d14435"},"/service-bridge/1.8.x/refs/tsb/q/v2/approvals_service-253":{"__comp":"17896441","content":"a127d56b"},"/service-bridge/1.8.x/refs/tsb/q/v2/grpc-0ca":{"__comp":"14eb3368","__props":"b4e1a9e6"},"/service-bridge/1.8.x/refs/tsb/q/v2/permissions_service-b09":{"__comp":"17896441","content":"d02588e9"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/access_bindings-f07":{"__comp":"17896441","content":"efb79c89"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/api_access_bindings-aa0":{"__comp":"17896441","content":"6c0b8ddb"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/application_access_bindings-e2f":{"__comp":"17896441","content":"39890b52"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/binding-a8a":{"__comp":"17896441","content":"f8ae3932"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/gateway_access_bindings-6df":{"__comp":"17896441","content":"acde09de"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/grpc-ce1":{"__comp":"14eb3368","__props":"ecf599fc"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/istio_internal_access_bindings-53e":{"__comp":"17896441","content":"d38cee2e"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/organization_access_bindings-127":{"__comp":"17896441","content":"f54fc819"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/permissions-584":{"__comp":"17896441","content":"149ddc4d"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/policy_service-174":{"__comp":"17896441","content":"cffc6024"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/role-748":{"__comp":"17896441","content":"ceacd334"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/role_service-178":{"__comp":"17896441","content":"8c9f7e0f"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/security_access_bindings-666":{"__comp":"17896441","content":"d22e051b"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/tenant_access_bindings-47c":{"__comp":"17896441","content":"58c47aa7"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/traffic_access_bindings-3ef":{"__comp":"17896441","content":"9a663767"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/workspace_access_bindings-19f":{"__comp":"17896441","content":"676c3fce"},"/service-bridge/1.8.x/refs/tsb/rbac/v2/yaml-051":{"__comp":"14eb3368","__props":"3bc1e35c"},"/service-bridge/1.8.x/refs/tsb/registry/v2/grpc-cba":{"__comp":"14eb3368","__props":"76982a88"},"/service-bridge/1.8.x/refs/tsb/registry/v2/lookup_service-dfd":{"__comp":"17896441","content":"defc4737"},"/service-bridge/1.8.x/refs/tsb/registry/v2/registration_service-449":{"__comp":"17896441","content":"228e5833"},"/service-bridge/1.8.x/refs/tsb/registry/v2/service-ce4":{"__comp":"17896441","content":"27e9de2c"},"/service-bridge/1.8.x/refs/tsb/registry/v2/yaml-ba3":{"__comp":"14eb3368","__props":"b04848ed"},"/service-bridge/1.8.x/refs/tsb/security/v2/grpc-674":{"__comp":"14eb3368","__props":"a03d08fe"},"/service-bridge/1.8.x/refs/tsb/security/v2/istio_security_direct-20d":{"__comp":"17896441","content":"307565b7"},"/service-bridge/1.8.x/refs/tsb/security/v2/security_group-34a":{"__comp":"17896441","content":"cf284558"},"/service-bridge/1.8.x/refs/tsb/security/v2/security_service-c28":{"__comp":"17896441","content":"5b59040d"},"/service-bridge/1.8.x/refs/tsb/security/v2/security_setting-91f":{"__comp":"17896441","content":"3deeca0c"},"/service-bridge/1.8.x/refs/tsb/security/v2/service_security_setting-b74":{"__comp":"17896441","content":"38abf7d2"},"/service-bridge/1.8.x/refs/tsb/security/v2/waf_settings-8a1":{"__comp":"17896441","content":"681092c0"},"/service-bridge/1.8.x/refs/tsb/security/v2/yaml-426":{"__comp":"14eb3368","__props":"ba770b51"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/grpc-b4d":{"__comp":"14eb3368","__props":"66e09422"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/istio_traffic_direct-201":{"__comp":"17896441","content":"14bdbcae"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/service_route-cf3":{"__comp":"17896441","content":"cc98bc6d"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_group-7de":{"__comp":"17896441","content":"7bb58427"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_service-fb7":{"__comp":"17896441","content":"0ae1b458"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/traffic_setting-127":{"__comp":"17896441","content":"fa86afad"},"/service-bridge/1.8.x/refs/tsb/traffic/v2/yaml-5e1":{"__comp":"14eb3368","__props":"d0d44b20"},"/service-bridge/1.8.x/refs/tsb/types/v2/types-20a":{"__comp":"17896441","content":"e595e069"},"/service-bridge/1.8.x/refs/tsb/types/v2/yaml-254":{"__comp":"14eb3368","__props":"b5c655b6"},"/service-bridge/1.8.x/refs/tsb/v2/cluster-aba":{"__comp":"17896441","content":"c0feea16"},"/service-bridge/1.8.x/refs/tsb/v2/cluster_service-456":{"__comp":"17896441","content":"d9f52332"},"/service-bridge/1.8.x/refs/tsb/v2/grpc-e84":{"__comp":"14eb3368","__props":"178191be"},"/service-bridge/1.8.x/refs/tsb/v2/info-d9f":{"__comp":"17896441","content":"052ec942"},"/service-bridge/1.8.x/refs/tsb/v2/organization-ad8":{"__comp":"17896441","content":"73da206b"},"/service-bridge/1.8.x/refs/tsb/v2/organization_service-a2e":{"__comp":"17896441","content":"6691e766"},"/service-bridge/1.8.x/refs/tsb/v2/organization_setting-4f6":{"__comp":"17896441","content":"e7cf9723"},"/service-bridge/1.8.x/refs/tsb/v2/status-a4d":{"__comp":"17896441","content":"7a148ecf"},"/service-bridge/1.8.x/refs/tsb/v2/status_service-eff":{"__comp":"17896441","content":"befabdb1"},"/service-bridge/1.8.x/refs/tsb/v2/team-d64":{"__comp":"17896441","content":"d16da88a"},"/service-bridge/1.8.x/refs/tsb/v2/team_service-ad9":{"__comp":"17896441","content":"9446af52"},"/service-bridge/1.8.x/refs/tsb/v2/tenant-776":{"__comp":"17896441","content":"99514d17"},"/service-bridge/1.8.x/refs/tsb/v2/tenant_service-a29":{"__comp":"17896441","content":"4649ea25"},"/service-bridge/1.8.x/refs/tsb/v2/tenant_setting-a62":{"__comp":"17896441","content":"c78d0e8e"},"/service-bridge/1.8.x/refs/tsb/v2/workspace-fc3":{"__comp":"17896441","content":"6371cfe3"},"/service-bridge/1.8.x/refs/tsb/v2/workspace_service-185":{"__comp":"17896441","content":"e046d572"},"/service-bridge/1.8.x/refs/tsb/v2/workspace_setting-e91":{"__comp":"17896441","content":"2bf1ab91"},"/service-bridge/1.8.x/refs/tsb/v2/yaml-9f1":{"__comp":"14eb3368","__props":"73c47d84"},"/service-bridge/1.8.x/release-notes-04b":{"__comp":"17896441","content":"498318d6"},"/service-bridge/1.8.x/release-notes-announcements/-3bb":{"__comp":"17896441","content":"c1fc2c8d"},"/service-bridge/1.8.x/release-notes-announcements/feature-status-4fe":{"__comp":"17896441","content":"25d44b66"},"/service-bridge/1.8.x/release-notes-announcements/support-policy-62b":{"__comp":"17896441","content":"b468ce89"},"/service-bridge/1.8.x/setup-5cb":{"__comp":"14eb3368","__props":"86645795"},"/service-bridge/1.8.x/setup/aws-f0a":{"__comp":"14eb3368","__props":"56c8061a"},"/service-bridge/1.8.x/setup/aws/container-marketplace-d9d":{"__comp":"17896441","content":"74001dc0"},"/service-bridge/1.8.x/setup/aws/vpc-88f":{"__comp":"17896441","content":"63f0633a"},"/service-bridge/1.8.x/setup/certificate-099":{"__comp":"14eb3368","__props":"aa47b508"},"/service-bridge/1.8.x/setup/certificate/automated-certificate-management-285":{"__comp":"17896441","content":"d94b60ed"},"/service-bridge/1.8.x/setup/certificate/certificate-requirements-bb1":{"__comp":"17896441","content":"74c1d0e9"},"/service-bridge/1.8.x/setup/certificate/certificate-setup-fa5":{"__comp":"17896441","content":"ef4f90d5"},"/service-bridge/1.8.x/setup/components-406":{"__comp":"17896441","content":"b47536fb"},"/service-bridge/1.8.x/setup/firewall-information-610":{"__comp":"17896441","content":"58ed24c6"},"/service-bridge/1.8.x/setup/helm/-83a":{"__comp":"17896441","content":"a7b05071"},"/service-bridge/1.8.x/setup/helm/controlplane-392":{"__comp":"17896441","content":"5392d25a"},"/service-bridge/1.8.x/setup/helm/dataplane-ff7":{"__comp":"17896441","content":"88e052c6"},"/service-bridge/1.8.x/setup/helm/helm-b05":{"__comp":"17896441","content":"1e0b488a"},"/service-bridge/1.8.x/setup/helm/managementplane-dc7":{"__comp":"17896441","content":"e2ab1b5e"},"/service-bridge/1.8.x/setup/helm/uninstallation-901":{"__comp":"17896441","content":"34b7b77b"},"/service-bridge/1.8.x/setup/helm/upgrade-40d":{"__comp":"17896441","content":"f6354a6c"},"/service-bridge/1.8.x/setup/isolation-boundaries-8da":{"__comp":"17896441","content":"b88b1993"},"/service-bridge/1.8.x/setup/isolation-boundaries-installation-3cb":{"__comp":"17896441","content":"59d1aa3b"},"/service-bridge/1.8.x/setup/migrate-tctl-to-helm-2fe":{"__comp":"17896441","content":"e207a9fe"},"/service-bridge/1.8.x/setup/remote-registry-d60":{"__comp":"17896441","content":"6ad1a68b"},"/service-bridge/1.8.x/setup/requirements-and-download-2e2":{"__comp":"17896441","content":"1831a9ca"},"/service-bridge/1.8.x/setup/resource-planning-3b2":{"__comp":"17896441","content":"43f9dfc2"},"/service-bridge/1.8.x/setup/security-context-f3d":{"__comp":"17896441","content":"c6fa973b"},"/service-bridge/1.8.x/setup/self-managed/-258":{"__comp":"17896441","content":"d5a12e89"},"/service-bridge/1.8.x/setup/self-managed/demo-installation-be9":{"__comp":"17896441","content":"81e322d3"},"/service-bridge/1.8.x/setup/self-managed/management-plane-installation-0fb":{"__comp":"17896441","content":"cb5744d7"},"/service-bridge/1.8.x/setup/self-managed/onboarding-clusters-931":{"__comp":"17896441","content":"9e3051f7"},"/service-bridge/1.8.x/setup/self-managed/uninstallation-98e":{"__comp":"17896441","content":"0a587c50"},"/service-bridge/1.8.x/setup/self-managed/upgrade-5b3":{"__comp":"17896441","content":"840eb666"},"/service-bridge/1.8.x/setup/tctl-connect-a07":{"__comp":"17896441","content":"ba550525"},"/service-bridge/1.8.x/setup/upgrade-best-practices-f37":{"__comp":"17896441","content":"141219ce"},"/service-bridge/1.8.x/setup/upgrades-112":{"__comp":"14eb3368","__props":"4c3ad296"},"/service-bridge/1.8.x/setup/upgrades/cni-upgrade-708":{"__comp":"17896441","content":"aab216e9"},"/service-bridge/1.8.x/setup/upgrades/gateway-upgrade-e08":{"__comp":"17896441","content":"74bba799"},"/service-bridge/1.8.x/setup/upgrades/non-revisioned-to-revisioned-0ef":{"__comp":"17896441","content":"6c068937"},"/service-bridge/1.8.x/setup/upgrades/revisioned-to-revisioned-138":{"__comp":"17896441","content":"2a2e9a58"},"/service-bridge/1.8.x/setup/workload-onboarding-2c3":{"__comp":"14eb3368","__props":"bb1c29d7"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/-863":{"__comp":"17896441","content":"3a78f269"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/ecs-workloads-ac8":{"__comp":"17896441","content":"a8ce3b52"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/managing-270":{"__comp":"17896441","content":"dd269cf6"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/on-premise-workloads-9a1":{"__comp":"17896441","content":"c898faf7"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/onboarding-fb2":{"__comp":"17896441","content":"ab9be1b0"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/overview-933":{"__comp":"17896441","content":"4ec0ec8b"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/setup-421":{"__comp":"17896441","content":"97155678"},"/service-bridge/1.8.x/setup/workload-onboarding/guides/troubleshooting-b7b":{"__comp":"17896441","content":"eae659c4"},"/service-bridge/1.8.x/setup/workload-onboarding/onboarding-vms-e5e":{"__comp":"17896441","content":"cf736723"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart-de6":{"__comp":"14eb3368","__props":"d58bf6b2"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/-c92":{"__comp":"17896441","content":"cdbe3295"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-7a2":{"__comp":"17896441","content":"723f39f8"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-748":{"__comp":"17896441","content":"cb66b069"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-b1b":{"__comp":"17896441","content":"43b1471b"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-ade":{"__comp":"17896441","content":"2a38a1a7"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-aea":{"__comp":"17896441","content":"257f7de8"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-b6c":{"__comp":"17896441","content":"48529bdb"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/-fa1":{"__comp":"17896441","content":"efa84aa8"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-f4c":{"__comp":"17896441","content":"a524b78c"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-0e1":{"__comp":"17896441","content":"684d1e0c"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/-39d":{"__comp":"17896441","content":"37a171cc"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-b10":{"__comp":"17896441","content":"96667456"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-78b":{"__comp":"17896441","content":"6b97dc00"},"/service-bridge/1.8.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-2e4":{"__comp":"17896441","content":"f5716509"},"/service-bridge/1.8.x/troubleshooting-944":{"__comp":"14eb3368","__props":"44fe5a99"},"/service-bridge/1.8.x/troubleshooting/cluster-onboarding-810":{"__comp":"17896441","content":"673dacb6"},"/service-bridge/1.8.x/troubleshooting/configuration-status-0db":{"__comp":"17896441","content":"e2a059da"},"/service-bridge/1.8.x/troubleshooting/debug-container-028":{"__comp":"17896441","content":"2c80977b"},"/service-bridge/1.8.x/troubleshooting/gateway-troubleshooting-540":{"__comp":"17896441","content":"b6dd7c95"},"/service-bridge/1.8.x/troubleshooting/identify-underperforming-services-e30":{"__comp":"17896441","content":"da03ef5b"},"/service-bridge/1.8.x/troubleshooting/Maximum-header-size-exceed-8e0":{"__comp":"17896441","content":"57af8f29"},"/service-bridge/1.8.x/troubleshooting/Multiple-Transfer-encoding-chunked-5b4":{"__comp":"17896441","content":"517d0707"},"/service-bridge/1.8.x/troubleshooting/troubleshooting-814":{"__comp":"17896441","content":"87af1f66"},"/service-bridge/1.8.x/troubleshooting/tsb-ui-metrics-389":{"__comp":"17896441","content":"f1e979f3"},"/service-bridge/1.8.x/wokingwithsupport/workingWithTetrateSupport-351":{"__comp":"17896441","content":"7f665294"},"/service-bridge/1.9.x-01c":{"__comp":"a7bd4aaa","__props":"fc7de41d"},"/service-bridge/1.9.x/tags-97e":{"__comp":"3720c009","__props":"275286ce"},"/service-bridge/1.9.x/tags/featured-80d":{"__comp":"df203c0f","__props":"9f103cbd"},"/service-bridge/1.9.x/tags/tsb-concepts-997":{"__comp":"df203c0f","__props":"4bff8653"},"/service-bridge/1.9.x/tags/tsb-quickstart-2e6":{"__comp":"df203c0f","__props":"7582dd15"},"/service-bridge/1.9.x-8a5":{"__comp":"a94703ab"},"/service-bridge/1.9.x/-300":{"__comp":"17896441","content":"893a3cd0"},"/service-bridge/1.9.x/category/working-with-tetrate-customer-support-3cb":{"__comp":"14eb3368","__props":"fd430aeb"},"/service-bridge/1.9.x/cheatsheet/-966":{"__comp":"17896441","content":"482e9f02"},"/service-bridge/1.9.x/cheatsheet/sheets/gateways-management-642":{"__comp":"17896441","content":"a3f2a6b0"},"/service-bridge/1.9.x/cheatsheet/sheets/kubectl-5f4":{"__comp":"17896441","content":"e539d7c1"},"/service-bridge/1.9.x/cheatsheet/sheets/security-management-cb2":{"__comp":"17896441","content":"16669fa6"},"/service-bridge/1.9.x/cheatsheet/sheets/tctl-dca":{"__comp":"17896441","content":"141cba40"},"/service-bridge/1.9.x/cheatsheet/sheets/traffic-management-c38":{"__comp":"17896441","content":"90e1e50e"},"/service-bridge/1.9.x/cheatsheet/sheets/tsb-concepts-d6a":{"__comp":"17896441","content":"d3e671ce"},"/service-bridge/1.9.x/cheatsheet/sheets/tsb-quickstart-82b":{"__comp":"17896441","content":"d1c79f79"},"/service-bridge/1.9.x/cheatsheet/sheets/tsb-terminology-ffd":{"__comp":"17896441","content":"56573edf"},"/service-bridge/1.9.x/concepts/-5be":{"__comp":"17896441","content":"be5b53f2"},"/service-bridge/1.9.x/concepts/architecture-ed9":{"__comp":"17896441","content":"ea7421e0"},"/service-bridge/1.9.x/concepts/configuration-dataflow-681":{"__comp":"17896441","content":"4f1b26a4"},"/service-bridge/1.9.x/concepts/glossary-1ff":{"__comp":"17896441","content":"6c4af4be"},"/service-bridge/1.9.x/concepts/observability-fcc":{"__comp":"17896441","content":"87f48726"},"/service-bridge/1.9.x/concepts/operators/-1ef":{"__comp":"17896441","content":"6412f605"},"/service-bridge/1.9.x/concepts/operators/control-plane-b27":{"__comp":"17896441","content":"a8263b12"},"/service-bridge/1.9.x/concepts/operators/data-plane-526":{"__comp":"17896441","content":"04564775"},"/service-bridge/1.9.x/concepts/operators/management-plane-af5":{"__comp":"17896441","content":"d0539583"},"/service-bridge/1.9.x/concepts/security-9a8":{"__comp":"17896441","content":"f6d7e255"},"/service-bridge/1.9.x/concepts/service-mesh-c6f":{"__comp":"17896441","content":"8fd89e93"},"/service-bridge/1.9.x/concepts/terminology-e25":{"__comp":"17896441","content":"fd9dee61"},"/service-bridge/1.9.x/concepts/traffic-management-e3d":{"__comp":"17896441","content":"6add5267"},"/service-bridge/1.9.x/concepts/tsb-and-istio-d3d":{"__comp":"17896441","content":"156d4ae8"},"/service-bridge/1.9.x/design-guides/-ab6":{"__comp":"17896441","content":"9e5ad600"},"/service-bridge/1.9.x/design-guides/app-onboarding/-aa8":{"__comp":"17896441","content":"a53cbda4"},"/service-bridge/1.9.x/design-guides/app-onboarding/cross-cluster-b3d":{"__comp":"17896441","content":"fcefb69a"},"/service-bridge/1.9.x/design-guides/app-onboarding/deploy-service-197":{"__comp":"17896441","content":"81764242"},"/service-bridge/1.9.x/design-guides/app-onboarding/gateway-security-381":{"__comp":"17896441","content":"9cf147eb"},"/service-bridge/1.9.x/design-guides/app-onboarding/high-availability-a80":{"__comp":"17896441","content":"6ab32c44"},"/service-bridge/1.9.x/design-guides/app-onboarding/introduction-423":{"__comp":"17896441","content":"e4846830"},"/service-bridge/1.9.x/design-guides/app-onboarding/monitor-397":{"__comp":"17896441","content":"768864d3"},"/service-bridge/1.9.x/design-guides/app-onboarding/prepare-01d":{"__comp":"17896441","content":"05f8b4e7"},"/service-bridge/1.9.x/design-guides/app-onboarding/promote-service-6a7":{"__comp":"17896441","content":"6ad82cd7"},"/service-bridge/1.9.x/design-guides/app-onboarding/security-ba2":{"__comp":"17896441","content":"f67ded98"},"/service-bridge/1.9.x/design-guides/ha-dr-mp/-8d4":{"__comp":"17896441","content":"ecb9bcf1"},"/service-bridge/1.9.x/design-guides/ha-dr-mp/dr-managementplane-9ef":{"__comp":"17896441","content":"fb6fe5d9"},"/service-bridge/1.9.x/design-guides/ha-dr-mp/ha-managementplane-60f":{"__comp":"17896441","content":"0ee34c2a"},"/service-bridge/1.9.x/design-guides/ha-dr-mp/introduction-06c":{"__comp":"17896441","content":"8eed107e"},"/service-bridge/1.9.x/design-guides/ha-dr-mp/scenarios-979":{"__comp":"17896441","content":"9150e705"},"/service-bridge/1.9.x/design-guides/ha-multicluster/-26b":{"__comp":"17896441","content":"92d5f5da"},"/service-bridge/1.9.x/design-guides/ha-multicluster/cluster-failover-291":{"__comp":"17896441","content":"51eb4bb1"},"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-1-20b":{"__comp":"17896441","content":"1d272c78"},"/service-bridge/1.9.x/design-guides/ha-multicluster/demo-2-1ec":{"__comp":"17896441","content":"d9d3cadf"},"/service-bridge/1.9.x/design-guides/ha-multicluster/edge-failover-c86":{"__comp":"17896441","content":"d2ef3e85"},"/service-bridge/1.9.x/design-guides/ha-multicluster/introduction-2be":{"__comp":"17896441","content":"9685b065"},"/service-bridge/1.9.x/design-guides/ha-multicluster/operations-5ba":{"__comp":"17896441","content":"8c78cf64"},"/service-bridge/1.9.x/howto-017":{"__comp":"14eb3368","__props":"d8e136a5"},"/service-bridge/1.9.x/howto/authorization/-55b":{"__comp":"17896441","content":"067c4c53"},"/service-bridge/1.9.x/howto/authorization/ingress-gateway-fed":{"__comp":"17896441","content":"4ce8e184"},"/service-bridge/1.9.x/howto/authorization/sidecar-f57":{"__comp":"17896441","content":"074aecbc"},"/service-bridge/1.9.x/howto/authorization/tier1-gateway-98c":{"__comp":"17896441","content":"1248070f"},"/service-bridge/1.9.x/howto/authorization/tls-verification-e9c":{"__comp":"17896441","content":"a275284f"},"/service-bridge/1.9.x/howto/gateway-f49":{"__comp":"14eb3368","__props":"96dc2cb1"},"/service-bridge/1.9.x/howto/gateway/app-ingress-43a":{"__comp":"17896441","content":"e5b59ce4"},"/service-bridge/1.9.x/howto/gateway/application-gateway-with-openapi-annotations-886":{"__comp":"17896441","content":"8b2f9043"},"/service-bridge/1.9.x/howto/gateway/configure-and-route-nonhttp-traffic-e51":{"__comp":"17896441","content":"414ca014"},"/service-bridge/1.9.x/howto/gateway/configure-oidc-983":{"__comp":"17896441","content":"8d506751"},"/service-bridge/1.9.x/howto/gateway/distributed-ingress-86d":{"__comp":"17896441","content":"82ae10e1"},"/service-bridge/1.9.x/howto/gateway/egress-gateways-697":{"__comp":"17896441","content":"b562c079"},"/service-bridge/1.9.x/howto/gateway/end-user-auth-keycloak-579":{"__comp":"17896441","content":"15185783"},"/service-bridge/1.9.x/howto/gateway/host-based-egress-access-control-18f":{"__comp":"17896441","content":"0c74d55e"},"/service-bridge/1.9.x/howto/gateway/https-with-proxy-protocol-3ab":{"__comp":"17896441","content":"9ed664b7"},"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-failover-priority-4b5":{"__comp":"17896441","content":"17217f52"},"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-8b7":{"__comp":"17896441","content":"af702ff2"},"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-2d6":{"__comp":"17896441","content":"788791c6"},"/service-bridge/1.9.x/howto/gateway/multi-cluster-traffic-shifting-7ff":{"__comp":"17896441","content":"794cc8fb"},"/service-bridge/1.9.x/howto/gateway/service-identity-propagation-832":{"__comp":"17896441","content":"1495b33e"},"/service-bridge/1.9.x/howto/gateway/shared-ingress-68e":{"__comp":"17896441","content":"e3a39534"},"/service-bridge/1.9.x/howto/gateway/subset-based-routing-using-igw-and-service-route-eed":{"__comp":"17896441","content":"3d54864f"},"/service-bridge/1.9.x/howto/gateway/unified-gateway-82b":{"__comp":"17896441","content":"dc4db134"},"/service-bridge/1.9.x/howto/gateway/unified-gateway-upgrade-48e":{"__comp":"17896441","content":"09d0a5b5"},"/service-bridge/1.9.x/howto/gitops-8b5":{"__comp":"14eb3368","__props":"8e5b5b5e"},"/service-bridge/1.9.x/howto/gitops/argo-rollouts-f55":{"__comp":"17896441","content":"af9576eb"},"/service-bridge/1.9.x/howto/gitops/flagger-e7f":{"__comp":"17896441","content":"e0365d08"},"/service-bridge/1.9.x/howto/gitops/flux-b00":{"__comp":"17896441","content":"c8761800"},"/service-bridge/1.9.x/howto/gitops/gitops-c03":{"__comp":"17896441","content":"5ba90833"},"/service-bridge/1.9.x/howto/hpa-using-skywalking-566":{"__comp":"17896441","content":"3d3638a9"},"/service-bridge/1.9.x/howto/network-policies-ab0":{"__comp":"17896441","content":"c262cdfe"},"/service-bridge/1.9.x/howto/promql-using-skywalking-a35":{"__comp":"17896441","content":"0fbcc896"},"/service-bridge/1.9.x/howto/rate-limiting/-8a1":{"__comp":"17896441","content":"5d12f0ab"},"/service-bridge/1.9.x/howto/rate-limiting/external-rate-limiting-1e3":{"__comp":"17896441","content":"da1b6cae"},"/service-bridge/1.9.x/howto/rate-limiting/ingress-gateway-481":{"__comp":"17896441","content":"33ace08e"},"/service-bridge/1.9.x/howto/rate-limiting/internal-rate-limiting-d16":{"__comp":"17896441","content":"5bf59600"},"/service-bridge/1.9.x/howto/rate-limiting/service-to-service-d4e":{"__comp":"17896441","content":"76d9508c"},"/service-bridge/1.9.x/howto/rate-limiting/tier1-gateway-b35":{"__comp":"17896441","content":"b6335ffa"},"/service-bridge/1.9.x/howto/rate-limiting/tls-validation-3bb":{"__comp":"17896441","content":"517ce797"},"/service-bridge/1.9.x/howto/security-domains-08a":{"__comp":"17896441","content":"01ff7d31"},"/service-bridge/1.9.x/howto/service-accounts-4a4":{"__comp":"17896441","content":"3fc5f1bc"},"/service-bridge/1.9.x/howto/traffic-168":{"__comp":"14eb3368","__props":"fa75cd4b"},"/service-bridge/1.9.x/howto/traffic/canary-releases-f51":{"__comp":"17896441","content":"ea6701e3"},"/service-bridge/1.9.x/howto/traffic/configure-multi-port-service-route-107":{"__comp":"17896441","content":"1a3d5080"},"/service-bridge/1.9.x/howto/traffic/external-site-https-692":{"__comp":"17896441","content":"bf15fff8"},"/service-bridge/1.9.x/howto/traffic/load-balance-6c5":{"__comp":"17896441","content":"eb8000e8"},"/service-bridge/1.9.x/howto/traffic/migrating-VM-monoliths-d0d":{"__comp":"17896441","content":"54c97ba8"},"/service-bridge/1.9.x/howto/traffic/splitting-service-traffic-between-k8s-vms-6b8":{"__comp":"17896441","content":"81838bb1"},"/service-bridge/1.9.x/howto/waf-b30":{"__comp":"17896441","content":"b07ac6e5"},"/service-bridge/1.9.x/howto/wasm-bd3":{"__comp":"14eb3368","__props":"3b4154e8"},"/service-bridge/1.9.x/howto/wasm/wasm-extension-f0a":{"__comp":"17896441","content":"117dec76"},"/service-bridge/1.9.x/howto/wasm/wasm-overview-a3e":{"__comp":"17896441","content":"efaa337c"},"/service-bridge/1.9.x/howto/wasm/wasm-proxy-349":{"__comp":"17896441","content":"4f4e75d8"},"/service-bridge/1.9.x/howto/wasm/wasm-try-65c":{"__comp":"17896441","content":"a27fbc10"},"/service-bridge/1.9.x/knowledge-base-e1a":{"__comp":"14eb3368","__props":"a89d4e71"},"/service-bridge/1.9.x/knowledge-base/faq-405":{"__comp":"17896441","content":"d09a95c7"},"/service-bridge/1.9.x/knowledge-base/gitops-a06":{"__comp":"17896441","content":"26fdfda6"},"/service-bridge/1.9.x/operations-423":{"__comp":"14eb3368","__props":"26ccbadb"},"/service-bridge/1.9.x/operations/configuration-promotion-aed":{"__comp":"17896441","content":"649270d0"},"/service-bridge/1.9.x/operations/configure-log-levels-b5b":{"__comp":"17896441","content":"623d2b37"},"/service-bridge/1.9.x/operations/elasticsearch-9eb":{"__comp":"14eb3368","__props":"5bcb6bf6"},"/service-bridge/1.9.x/operations/elasticsearch/elasticsearch-role-f15":{"__comp":"17896441","content":"8b877453"},"/service-bridge/1.9.x/operations/elasticsearch/wipe-elastic-e25":{"__comp":"17896441","content":"645d7973"},"/service-bridge/1.9.x/operations/features-b71":{"__comp":"14eb3368","__props":"019453a6"},"/service-bridge/1.9.x/operations/features/configure-cluster-external-addresses-ad7":{"__comp":"17896441","content":"53f77020"},"/service-bridge/1.9.x/operations/features/configure-gitops-659":{"__comp":"17896441","content":"0f320fa9"},"/service-bridge/1.9.x/operations/features/deletion-protection-755":{"__comp":"17896441","content":"380f10cc"},"/service-bridge/1.9.x/operations/features/edge-dns-resolution-4da":{"__comp":"17896441","content":"b14450a1"},"/service-bridge/1.9.x/operations/features/enable-config-protection-088":{"__comp":"17896441","content":"6e8de50a"},"/service-bridge/1.9.x/operations/features/gateway-deletion-webhook-4f8":{"__comp":"17896441","content":"9e774a70"},"/service-bridge/1.9.x/operations/features/internal-wasm-extensions-1fa":{"__comp":"17896441","content":"f19157f8"},"/service-bridge/1.9.x/operations/features/istio-cni-e05":{"__comp":"17896441","content":"debbc4b9"},"/service-bridge/1.9.x/operations/features/label-annotation-2b0":{"__comp":"17896441","content":"df28b5cf"},"/service-bridge/1.9.x/operations/features/streaming-log-c41":{"__comp":"17896441","content":"33e25052"},"/service-bridge/1.9.x/operations/features/tier1-in-app-cluster-667":{"__comp":"17896441","content":"873e8716"},"/service-bridge/1.9.x/operations/features/tls-origin-multi-cluster-c91":{"__comp":"17896441","content":"df933a7f"},"/service-bridge/1.9.x/operations/graceful-connection-drain-31f":{"__comp":"17896441","content":"b60e3e31"},"/service-bridge/1.9.x/operations/kube-customization-9a1":{"__comp":"17896441","content":"a5cb6772"},"/service-bridge/1.9.x/operations/lower-istio-resources-a8f":{"__comp":"17896441","content":"4c0defcf"},"/service-bridge/1.9.x/operations/migrate-organization-a22":{"__comp":"17896441","content":"f97dacd5"},"/service-bridge/1.9.x/operations/multiple-iam-keys-39d":{"__comp":"17896441","content":"18abb07b"},"/service-bridge/1.9.x/operations/postgresql-b6c":{"__comp":"14eb3368","__props":"4fa84d71"},"/service-bridge/1.9.x/operations/postgresql/auditlog-retention-6d3":{"__comp":"17896441","content":"c14ee80a"},"/service-bridge/1.9.x/operations/postgresql/azure-credentials-1f2":{"__comp":"17896441","content":"393051af"},"/service-bridge/1.9.x/operations/postgresql/backup-and-restore-28d":{"__comp":"17896441","content":"10ae1a0c"},"/service-bridge/1.9.x/operations/postgresql/managing-kubegres-fc7":{"__comp":"17896441","content":"bb25e637"},"/service-bridge/1.9.x/operations/telemetry-bad":{"__comp":"14eb3368","__props":"d029f560"},"/service-bridge/1.9.x/operations/telemetry/alerting-guidelines-e21":{"__comp":"17896441","content":"13b7238c"},"/service-bridge/1.9.x/operations/telemetry/distributed-tracing-b31":{"__comp":"17896441","content":"ce3d80e9"},"/service-bridge/1.9.x/operations/telemetry/key-metrics-142":{"__comp":"17896441","content":"0636ec76"},"/service-bridge/1.9.x/operations/telemetry/new-relic-f1d":{"__comp":"17896441","content":"0a7206f4"},"/service-bridge/1.9.x/operations/telemetry/red-metrics-508":{"__comp":"17896441","content":"96019d3c"},"/service-bridge/1.9.x/operations/telemetry/telemetry-architecture-4e4":{"__comp":"17896441","content":"fea306f7"},"/service-bridge/1.9.x/operations/users-715":{"__comp":"14eb3368","__props":"ac44e306"},"/service-bridge/1.9.x/operations/users/admin-password-5d5":{"__comp":"17896441","content":"e637f5a4"},"/service-bridge/1.9.x/operations/users/configuring-ldap-65d":{"__comp":"17896441","content":"e940c821"},"/service-bridge/1.9.x/operations/users/new-user-local-idp-4ed":{"__comp":"17896441","content":"5ffcd631"},"/service-bridge/1.9.x/operations/users/oidc-azure-f67":{"__comp":"17896441","content":"3014ea68"},"/service-bridge/1.9.x/operations/users/roles-and-permissions-393":{"__comp":"17896441","content":"6a44e320"},"/service-bridge/1.9.x/operations/users/user-synchronization-600":{"__comp":"17896441","content":"c507847c"},"/service-bridge/1.9.x/operations/vault-a0a":{"__comp":"14eb3368","__props":"be8a72d5"},"/service-bridge/1.9.x/operations/vault/elasticsearch-456":{"__comp":"17896441","content":"a0130d83"},"/service-bridge/1.9.x/operations/vault/istiod-ca-483":{"__comp":"17896441","content":"dae26c67"},"/service-bridge/1.9.x/operations/vault/postgresql-b34":{"__comp":"17896441","content":"ef12ef65"},"/service-bridge/1.9.x/quickstart-710":{"__comp":"14eb3368","__props":"fe0442cd"},"/service-bridge/1.9.x/quickstart/apps-179":{"__comp":"17896441","content":"92da5931"},"/service-bridge/1.9.x/quickstart/config-groups-43b":{"__comp":"17896441","content":"96b80b82"},"/service-bridge/1.9.x/quickstart/deploy-sample-app-605":{"__comp":"17896441","content":"17fc9241"},"/service-bridge/1.9.x/quickstart/ingress-gateway-a63":{"__comp":"17896441","content":"23d2f25d"},"/service-bridge/1.9.x/quickstart/introduction-684":{"__comp":"17896441","content":"2fbe33a7"},"/service-bridge/1.9.x/quickstart/observability-696":{"__comp":"17896441","content":"957a6949"},"/service-bridge/1.9.x/quickstart/permissions-b04":{"__comp":"17896441","content":"1399fac0"},"/service-bridge/1.9.x/quickstart/security-c29":{"__comp":"17896441","content":"f0eb8188"},"/service-bridge/1.9.x/quickstart/tenant-776":{"__comp":"17896441","content":"115d5e9b"},"/service-bridge/1.9.x/quickstart/traffic-shifting-276":{"__comp":"17896441","content":"db5c254e"},"/service-bridge/1.9.x/quickstart/workspace-71f":{"__comp":"17896441","content":"0420d491"},"/service-bridge/1.9.x/reference-995":{"__comp":"14eb3368","__props":"38d57c6b"},"/service-bridge/1.9.x/reference/cli-4ed":{"__comp":"14eb3368","__props":"0c3b0915"},"/service-bridge/1.9.x/reference/cli/guide/index-6df":{"__comp":"17896441","content":"ada39fe6"},"/service-bridge/1.9.x/reference/cli/guide/toc-a2d":{"__comp":"14eb3368","__props":"f3e4ca51"},"/service-bridge/1.9.x/reference/cli/reference-c97":{"__comp":"14eb3368","__props":"4d118c33"},"/service-bridge/1.9.x/reference/cli/reference/apply-dde":{"__comp":"17896441","content":"6ed7c04a"},"/service-bridge/1.9.x/reference/cli/reference/collect-c46":{"__comp":"17896441","content":"e85a88ff"},"/service-bridge/1.9.x/reference/cli/reference/completion-d5d":{"__comp":"17896441","content":"6d6a2146"},"/service-bridge/1.9.x/reference/cli/reference/config-87e":{"__comp":"17896441","content":"69652c79"},"/service-bridge/1.9.x/reference/cli/reference/delete-0eb":{"__comp":"17896441","content":"9981da25"},"/service-bridge/1.9.x/reference/cli/reference/edit-c91":{"__comp":"17896441","content":"f8d6b418"},"/service-bridge/1.9.x/reference/cli/reference/experimental-549":{"__comp":"17896441","content":"41b09d9c"},"/service-bridge/1.9.x/reference/cli/reference/get-1d1":{"__comp":"17896441","content":"f459abf0"},"/service-bridge/1.9.x/reference/cli/reference/index-44c":{"__comp":"17896441","content":"a562e81b"},"/service-bridge/1.9.x/reference/cli/reference/install-8cf":{"__comp":"17896441","content":"2ed975e3"},"/service-bridge/1.9.x/reference/cli/reference/login-0bd":{"__comp":"17896441","content":"de71a080"},"/service-bridge/1.9.x/reference/cli/reference/ui-0ff":{"__comp":"17896441","content":"526365f4"},"/service-bridge/1.9.x/reference/cli/reference/validate-e67":{"__comp":"17896441","content":"8adf3fde"},"/service-bridge/1.9.x/reference/cli/reference/version-7eb":{"__comp":"17896441","content":"8b4532ed"},"/service-bridge/1.9.x/reference/cli/reference/whoami-746":{"__comp":"17896441","content":"8e4918d9"},"/service-bridge/1.9.x/reference/cli/reference/workload-entry-annotations-fca":{"__comp":"17896441","content":"8a070c40"},"/service-bridge/1.9.x/reference/grpc-api-088":{"__comp":"14eb3368","__props":"109b0706"},"/service-bridge/1.9.x/reference/grpc-api/guide-74b":{"__comp":"17896441","content":"83ec7da6"},"/service-bridge/1.9.x/reference/grpc-api/reference-141":{"__comp":"14eb3368","__props":"77eb6ff4"},"/service-bridge/1.9.x/reference/k8s-api-5e5":{"__comp":"14eb3368","__props":"0ab35e63"},"/service-bridge/1.9.x/reference/k8s-api/guide-d90":{"__comp":"17896441","content":"3e3abc1c"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen-499":{"__comp":"14eb3368","__props":"df179c38"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-867":{"__comp":"17896441","content":"06215192"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-65c":{"__comp":"17896441","content":"2d546b5c"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-ea6":{"__comp":"17896441","content":"f4ce647b"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-10f":{"__comp":"17896441","content":"a3cbc440"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-235":{"__comp":"17896441","content":"b448404c"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-da5":{"__comp":"17896441","content":"8f2c9374"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-c70":{"__comp":"17896441","content":"41e66716"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-1ce":{"__comp":"17896441","content":"2a82e64d"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-eed":{"__comp":"17896441","content":"d034c633"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-766":{"__comp":"17896441","content":"a2b47c03"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-859":{"__comp":"17896441","content":"685f5db1"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-c6d":{"__comp":"17896441","content":"c423c312"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-a92":{"__comp":"17896441","content":"9f997cb6"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-2f6":{"__comp":"17896441","content":"e09aa11f"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-b74":{"__comp":"17896441","content":"10049e36"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-dbb":{"__comp":"17896441","content":"4caf7c18"},"/service-bridge/1.9.x/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-957":{"__comp":"14eb3368","__props":"a3d89946"},"/service-bridge/1.9.x/reference/operators-43a":{"__comp":"14eb3368","__props":"c53d7e8f"},"/service-bridge/1.9.x/reference/rest-api/guide-19d":{"__comp":"17896441","content":"cf7320bb"},"/service-bridge/1.9.x/reference/samples-56f":{"__comp":"14eb3368","__props":"2000a31a"},"/service-bridge/1.9.x/reference/samples/httpbin-032":{"__comp":"17896441","content":"6aca1c16"},"/service-bridge/1.9.x/reference/samples/opa-039":{"__comp":"17896441","content":"7c9e4826"},"/service-bridge/1.9.x/reference/samples/sleep-service-a46":{"__comp":"17896441","content":"a389770d"},"/service-bridge/1.9.x/reference/workload-onboarding-35e":{"__comp":"14eb3368","__props":"7b37e76a"},"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-agent-6a2":{"__comp":"14eb3368","__props":"08d2a325"},"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-authorization-d87":{"__comp":"14eb3368","__props":"65e5eb3c"},"/service-bridge/1.9.x/reference/workload-onboarding/onboarding-runtime-185":{"__comp":"14eb3368","__props":"975d9e08"},"/service-bridge/1.9.x/reference/yaml-api-865":{"__comp":"14eb3368","__props":"26e92433"},"/service-bridge/1.9.x/reference/yaml-api/guide-bd9":{"__comp":"17896441","content":"2dfd014e"},"/service-bridge/1.9.x/reference/yaml-api/reference-8bf":{"__comp":"14eb3368","__props":"519b15da"},"/service-bridge/1.9.x/refs/audit/v1/audit-227":{"__comp":"17896441","content":"bcbecac3"},"/service-bridge/1.9.x/refs/audit/v1/grpc-3f3":{"__comp":"14eb3368","__props":"8ba977e3"},"/service-bridge/1.9.x/refs/iam/v2/grpc-edf":{"__comp":"14eb3368","__props":"0532c633"},"/service-bridge/1.9.x/refs/iam/v2/oauth_service-2e3":{"__comp":"17896441","content":"8e308cbf"},"/service-bridge/1.9.x/refs/iam/v2/oidc_service-ef3":{"__comp":"17896441","content":"a7a05f99"},"/service-bridge/1.9.x/refs/install-08b":{"__comp":"14eb3368","__props":"88ae9827"},"/service-bridge/1.9.x/refs/install/common/common_config-979":{"__comp":"17896441","content":"74e68507"},"/service-bridge/1.9.x/refs/install/controlplane/v1alpha1/spec-116":{"__comp":"17896441","content":"427ce144"},"/service-bridge/1.9.x/refs/install/dataplane/v1alpha1/spec-bbd":{"__comp":"17896441","content":"5f4fc3be"},"/service-bridge/1.9.x/refs/install/kubernetes/k8s-cab":{"__comp":"17896441","content":"20b275d1"},"/service-bridge/1.9.x/refs/install/managementplane/v1alpha1/spec-b31":{"__comp":"17896441","content":"76ebe9f6"},"/service-bridge/1.9.x/refs/istio.io/api/operator/v1alpha1/operator-f12":{"__comp":"17896441","content":"c9eb3cd5"},"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/agent_configuration-d28":{"__comp":"17896441","content":"fcfc58fc"},"/service-bridge/1.9.x/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-404":{"__comp":"17896441","content":"412cc116"},"/service-bridge/1.9.x/refs/onboarding/config/authorization/aws/v1alpha1/aws-829":{"__comp":"17896441","content":"7839b154"},"/service-bridge/1.9.x/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-345":{"__comp":"17896441","content":"d66561d0"},"/service-bridge/1.9.x/refs/onboarding/config/authorization/v1alpha1/policy-897":{"__comp":"17896441","content":"78e350ef"},"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/jwt_issuer-801":{"__comp":"17896441","content":"01fa5598"},"/service-bridge/1.9.x/refs/onboarding/config/install/v1alpha1/workload_configuration-f00":{"__comp":"17896441","content":"f1065438"},"/service-bridge/1.9.x/refs/onboarding/config/runtime/v1alpha1/registration-1fb":{"__comp":"17896441","content":"f758702c"},"/service-bridge/1.9.x/refs/onboarding/config/types/config/v1alpha1/transport_security-d28":{"__comp":"17896441","content":"10c6e708"},"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/condition-f3e":{"__comp":"17896441","content":"0ca38cfd"},"/service-bridge/1.9.x/refs/onboarding/config/types/core/v1alpha1/namespaced_name-ad0":{"__comp":"17896441","content":"4c460ab8"},"/service-bridge/1.9.x/refs/onboarding/config/types/identity/aws/v1alpha1/aws-b48":{"__comp":"17896441","content":"5e2ca7d6"},"/service-bridge/1.9.x/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-636":{"__comp":"17896441","content":"36658a02"},"/service-bridge/1.9.x/refs/onboarding/config/types/identity/v1alpha1/identity-bfb":{"__comp":"17896441","content":"27325e39"},"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/hostinfo-38f":{"__comp":"17896441","content":"b001939b"},"/service-bridge/1.9.x/refs/onboarding/config/types/registration/v1alpha1/registration-312":{"__comp":"17896441","content":"269da90f"},"/service-bridge/1.9.x/refs/tsb/application/v2/api-83c":{"__comp":"17896441","content":"2c4dc16d"},"/service-bridge/1.9.x/refs/tsb/application/v2/application-aff":{"__comp":"17896441","content":"90617cc4"},"/service-bridge/1.9.x/refs/tsb/application/v2/application_service-ee5":{"__comp":"17896441","content":"cf74a804"},"/service-bridge/1.9.x/refs/tsb/application/v2/grpc-32b":{"__comp":"14eb3368","__props":"c6208f05"},"/service-bridge/1.9.x/refs/tsb/application/v2/openapi_extensions-fac":{"__comp":"17896441","content":"698e6a8e"},"/service-bridge/1.9.x/refs/tsb/application/v2/yaml-b7f":{"__comp":"14eb3368","__props":"fcd3f5f4"},"/service-bridge/1.9.x/refs/tsb/auth/v2/auth-18a":{"__comp":"17896441","content":"1724ef1c"},"/service-bridge/1.9.x/refs/tsb/auth/v2/yaml-fa7":{"__comp":"14eb3368","__props":"6cb45aaa"},"/service-bridge/1.9.x/refs/tsb/extension/v2/grpc-2dd":{"__comp":"14eb3368","__props":"e2167f4d"},"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_extension-3e6":{"__comp":"17896441","content":"a56d1563"},"/service-bridge/1.9.x/refs/tsb/extension/v2/wasm_service-db9":{"__comp":"17896441","content":"3f26a03e"},"/service-bridge/1.9.x/refs/tsb/extension/v2/yaml-2e5":{"__comp":"14eb3368","__props":"0fe81830"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/auth-7f8":{"__comp":"17896441","content":"cacc2f6c"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/eastwest_gateway-f39":{"__comp":"17896441","content":"3399a3fd"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/egress_gateway-f9c":{"__comp":"17896441","content":"4200a709"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway-022":{"__comp":"17896441","content":"ddc30092"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_common-20b":{"__comp":"17896441","content":"570db48a"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_group-54d":{"__comp":"17896441","content":"ef3be61a"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/gateway_service-3f7":{"__comp":"17896441","content":"3f2af64a"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/grpc-5da":{"__comp":"14eb3368","__props":"6a748c3f"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/ingress_gateway-f40":{"__comp":"17896441","content":"cabb44d5"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/istio_gateway_direct-d74":{"__comp":"17896441","content":"b0046a7f"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/tier1_gateway-397":{"__comp":"17896441","content":"26153011"},"/service-bridge/1.9.x/refs/tsb/gateway/v2/yaml-b29":{"__comp":"14eb3368","__props":"de9bb0ad"},"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/grpc-811":{"__comp":"14eb3368","__props":"0b470a07"},"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_internal_group-463":{"__comp":"17896441","content":"d3d83646"},"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istio_istiointernal_direct-616":{"__comp":"17896441","content":"186add3e"},"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/istiointernal_service-d73":{"__comp":"17896441","content":"f0bfee23"},"/service-bridge/1.9.x/refs/tsb/istiointernal/v2/yaml-426":{"__comp":"14eb3368","__props":"cadace7a"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/grpc-887":{"__comp":"14eb3368","__props":"895329c6"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric-116":{"__comp":"17896441","content":"54f09d2c"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/metric_service-8cc":{"__comp":"17896441","content":"3b0260d8"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source-22c":{"__comp":"17896441","content":"b2bc1887"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/source_service-7d6":{"__comp":"17896441","content":"a452c8c3"},"/service-bridge/1.9.x/refs/tsb/observability/telemetry/v2/yaml-6e8":{"__comp":"14eb3368","__props":"895af063"},"/service-bridge/1.9.x/refs/tsb/q/v2/approvals_service-d83":{"__comp":"17896441","content":"af91ccdc"},"/service-bridge/1.9.x/refs/tsb/q/v2/grpc-152":{"__comp":"14eb3368","__props":"8778eab2"},"/service-bridge/1.9.x/refs/tsb/q/v2/permissions_service-f88":{"__comp":"17896441","content":"b455a76d"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/access_bindings-eae":{"__comp":"17896441","content":"a4d93f17"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/api_access_bindings-101":{"__comp":"17896441","content":"e8e2c174"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/application_access_bindings-2a9":{"__comp":"17896441","content":"c9233195"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/binding-745":{"__comp":"17896441","content":"c0a41e7e"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/gateway_access_bindings-653":{"__comp":"17896441","content":"a048178c"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/grpc-b99":{"__comp":"14eb3368","__props":"2a30ad61"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/istio_internal_access_bindings-aaf":{"__comp":"17896441","content":"0e29c777"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/organization_access_bindings-2af":{"__comp":"17896441","content":"9154144b"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/permissions-650":{"__comp":"17896441","content":"52cac16b"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/policy_service-1d6":{"__comp":"17896441","content":"7f170e3a"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/role-957":{"__comp":"17896441","content":"afe03298"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/role_service-ed4":{"__comp":"17896441","content":"6dba4673"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/security_access_bindings-bd1":{"__comp":"17896441","content":"d3e3542a"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/tenant_access_bindings-6af":{"__comp":"17896441","content":"0e2eb375"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/traffic_access_bindings-84b":{"__comp":"17896441","content":"5676cab4"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/workspace_access_bindings-d8e":{"__comp":"17896441","content":"d6d58d60"},"/service-bridge/1.9.x/refs/tsb/rbac/v2/yaml-52f":{"__comp":"14eb3368","__props":"af604a9f"},"/service-bridge/1.9.x/refs/tsb/registry/v2/grpc-fe5":{"__comp":"14eb3368","__props":"6a9dee43"},"/service-bridge/1.9.x/refs/tsb/registry/v2/lookup_service-c84":{"__comp":"17896441","content":"74243297"},"/service-bridge/1.9.x/refs/tsb/registry/v2/registration_service-925":{"__comp":"17896441","content":"ec24a493"},"/service-bridge/1.9.x/refs/tsb/registry/v2/service-605":{"__comp":"17896441","content":"c21ffc05"},"/service-bridge/1.9.x/refs/tsb/registry/v2/yaml-486":{"__comp":"14eb3368","__props":"c89fc917"},"/service-bridge/1.9.x/refs/tsb/security/v2/grpc-c49":{"__comp":"14eb3368","__props":"a138dc9f"},"/service-bridge/1.9.x/refs/tsb/security/v2/istio_security_direct-bd1":{"__comp":"17896441","content":"3b25803f"},"/service-bridge/1.9.x/refs/tsb/security/v2/security_group-597":{"__comp":"17896441","content":"584dac2a"},"/service-bridge/1.9.x/refs/tsb/security/v2/security_service-02f":{"__comp":"17896441","content":"fa3a05e3"},"/service-bridge/1.9.x/refs/tsb/security/v2/security_setting-9a5":{"__comp":"17896441","content":"f2a6ac66"},"/service-bridge/1.9.x/refs/tsb/security/v2/service_security_setting-2ce":{"__comp":"17896441","content":"cfdfb912"},"/service-bridge/1.9.x/refs/tsb/security/v2/waf_settings-6a5":{"__comp":"17896441","content":"07934c0b"},"/service-bridge/1.9.x/refs/tsb/security/v2/yaml-fe0":{"__comp":"14eb3368","__props":"b2aaeb30"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/grpc-800":{"__comp":"14eb3368","__props":"6f4f82fe"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/istio_traffic_direct-b86":{"__comp":"17896441","content":"90dd3792"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/service_route-f0b":{"__comp":"17896441","content":"ede2a415"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_group-ea8":{"__comp":"17896441","content":"ac071c5f"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_service-f3f":{"__comp":"17896441","content":"e3b0e305"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/traffic_setting-c08":{"__comp":"17896441","content":"0979420e"},"/service-bridge/1.9.x/refs/tsb/traffic/v2/yaml-83d":{"__comp":"14eb3368","__props":"eb8c9d3e"},"/service-bridge/1.9.x/refs/tsb/types/v2/types-1c8":{"__comp":"17896441","content":"c3725d23"},"/service-bridge/1.9.x/refs/tsb/types/v2/yaml-2c6":{"__comp":"14eb3368","__props":"3f8359c6"},"/service-bridge/1.9.x/refs/tsb/v2/cluster-9cd":{"__comp":"17896441","content":"ebca8eb3"},"/service-bridge/1.9.x/refs/tsb/v2/cluster_service-28a":{"__comp":"17896441","content":"eda07900"},"/service-bridge/1.9.x/refs/tsb/v2/grpc-1e0":{"__comp":"14eb3368","__props":"bf660602"},"/service-bridge/1.9.x/refs/tsb/v2/info-c87":{"__comp":"17896441","content":"18544947"},"/service-bridge/1.9.x/refs/tsb/v2/organization-70b":{"__comp":"17896441","content":"47803c86"},"/service-bridge/1.9.x/refs/tsb/v2/organization_service-178":{"__comp":"17896441","content":"a6ec950c"},"/service-bridge/1.9.x/refs/tsb/v2/organization_setting-521":{"__comp":"17896441","content":"72dfa945"},"/service-bridge/1.9.x/refs/tsb/v2/status-369":{"__comp":"17896441","content":"5c8d2717"},"/service-bridge/1.9.x/refs/tsb/v2/status_service-77c":{"__comp":"17896441","content":"3baecf44"},"/service-bridge/1.9.x/refs/tsb/v2/team-1f4":{"__comp":"17896441","content":"4a92ae2a"},"/service-bridge/1.9.x/refs/tsb/v2/team_service-2e1":{"__comp":"17896441","content":"6cbd2614"},"/service-bridge/1.9.x/refs/tsb/v2/tenant-3b5":{"__comp":"17896441","content":"fb243264"},"/service-bridge/1.9.x/refs/tsb/v2/tenant_service-051":{"__comp":"17896441","content":"01a1a675"},"/service-bridge/1.9.x/refs/tsb/v2/tenant_setting-9ea":{"__comp":"17896441","content":"8706fc86"},"/service-bridge/1.9.x/refs/tsb/v2/workspace-414":{"__comp":"17896441","content":"a7b72e21"},"/service-bridge/1.9.x/refs/tsb/v2/workspace_service-04c":{"__comp":"17896441","content":"63c04f74"},"/service-bridge/1.9.x/refs/tsb/v2/workspace_setting-d6f":{"__comp":"17896441","content":"2190564c"},"/service-bridge/1.9.x/refs/tsb/v2/yaml-ac1":{"__comp":"14eb3368","__props":"30db4aaa"},"/service-bridge/1.9.x/release-notes-d83":{"__comp":"17896441","content":"06cbded6"},"/service-bridge/1.9.x/release-notes-announcements/-a3d":{"__comp":"17896441","content":"126f9b74"},"/service-bridge/1.9.x/release-notes-announcements/feature-status-7fb":{"__comp":"17896441","content":"0425c71e"},"/service-bridge/1.9.x/release-notes-announcements/support-policy-f12":{"__comp":"17896441","content":"cdc97d7b"},"/service-bridge/1.9.x/setup-2d1":{"__comp":"14eb3368","__props":"89c33007"},"/service-bridge/1.9.x/setup/aws-988":{"__comp":"14eb3368","__props":"a93b3a77"},"/service-bridge/1.9.x/setup/aws/container-marketplace-01c":{"__comp":"17896441","content":"cbaaca7d"},"/service-bridge/1.9.x/setup/aws/vpc-dd8":{"__comp":"17896441","content":"61747e9f"},"/service-bridge/1.9.x/setup/certificate-129":{"__comp":"14eb3368","__props":"641a9279"},"/service-bridge/1.9.x/setup/certificate/automated-certificate-management-dc8":{"__comp":"17896441","content":"fabd5efb"},"/service-bridge/1.9.x/setup/certificate/certificate-requirements-a10":{"__comp":"17896441","content":"0f827259"},"/service-bridge/1.9.x/setup/certificate/certificate-setup-34d":{"__comp":"17896441","content":"680f00e2"},"/service-bridge/1.9.x/setup/components-fa2":{"__comp":"17896441","content":"2f1fe10a"},"/service-bridge/1.9.x/setup/firewall-information-017":{"__comp":"17896441","content":"e3061229"},"/service-bridge/1.9.x/setup/helm/-492":{"__comp":"17896441","content":"f5518976"},"/service-bridge/1.9.x/setup/helm/controlplane-18c":{"__comp":"17896441","content":"4859ecf5"},"/service-bridge/1.9.x/setup/helm/dataplane-ebe":{"__comp":"17896441","content":"f64afaae"},"/service-bridge/1.9.x/setup/helm/helm-ac9":{"__comp":"17896441","content":"6dc0fe29"},"/service-bridge/1.9.x/setup/helm/managementplane-82a":{"__comp":"17896441","content":"6aefdf1c"},"/service-bridge/1.9.x/setup/helm/uninstallation-add":{"__comp":"17896441","content":"7dc99d33"},"/service-bridge/1.9.x/setup/helm/upgrade-bc3":{"__comp":"17896441","content":"6314f530"},"/service-bridge/1.9.x/setup/isolation-boundaries-dd6":{"__comp":"17896441","content":"06ebda84"},"/service-bridge/1.9.x/setup/isolation-boundaries-installation-5a1":{"__comp":"17896441","content":"57b6b189"},"/service-bridge/1.9.x/setup/migrate-tctl-to-helm-dec":{"__comp":"17896441","content":"8b093ccf"},"/service-bridge/1.9.x/setup/remote-registry-f8a":{"__comp":"17896441","content":"fc255917"},"/service-bridge/1.9.x/setup/requirements-and-download-0cb":{"__comp":"17896441","content":"b6ae3bee"},"/service-bridge/1.9.x/setup/resource-planning-f66":{"__comp":"17896441","content":"14cc63cf"},"/service-bridge/1.9.x/setup/security-context-a1b":{"__comp":"17896441","content":"a9e9d418"},"/service-bridge/1.9.x/setup/self-managed/-148":{"__comp":"17896441","content":"0e25476f"},"/service-bridge/1.9.x/setup/self-managed/demo-installation-4b8":{"__comp":"17896441","content":"b4227fd7"},"/service-bridge/1.9.x/setup/self-managed/management-plane-installation-ab8":{"__comp":"17896441","content":"97aff1a9"},"/service-bridge/1.9.x/setup/self-managed/onboarding-clusters-4fa":{"__comp":"17896441","content":"8e96eae8"},"/service-bridge/1.9.x/setup/self-managed/uninstallation-e71":{"__comp":"17896441","content":"e8699e98"},"/service-bridge/1.9.x/setup/self-managed/upgrade-4fb":{"__comp":"17896441","content":"ee6c7a6d"},"/service-bridge/1.9.x/setup/tctl-connect-f2f":{"__comp":"17896441","content":"f0880c2a"},"/service-bridge/1.9.x/setup/upgrade-best-practices-5d5":{"__comp":"17896441","content":"647f198c"},"/service-bridge/1.9.x/setup/upgrades-7d5":{"__comp":"14eb3368","__props":"5736683f"},"/service-bridge/1.9.x/setup/upgrades/cni-upgrade-d00":{"__comp":"17896441","content":"608191ee"},"/service-bridge/1.9.x/setup/upgrades/gateway-upgrade-fd0":{"__comp":"17896441","content":"400b5ea0"},"/service-bridge/1.9.x/setup/upgrades/non-revisioned-to-revisioned-a79":{"__comp":"17896441","content":"6e7bf777"},"/service-bridge/1.9.x/setup/upgrades/revisioned-to-revisioned-988":{"__comp":"17896441","content":"741034d8"},"/service-bridge/1.9.x/setup/workload-onboarding-847":{"__comp":"14eb3368","__props":"b3bb38f9"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/-c11":{"__comp":"17896441","content":"0e3b2643"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/ecs-workloads-47e":{"__comp":"17896441","content":"f40b83d6"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/managing-342":{"__comp":"17896441","content":"4ba0c005"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/on-premise-workloads-bb4":{"__comp":"17896441","content":"d06380c2"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/onboarding-20b":{"__comp":"17896441","content":"aadd7827"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/overview-7e9":{"__comp":"17896441","content":"04b38c20"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/setup-ae3":{"__comp":"17896441","content":"28d95712"},"/service-bridge/1.9.x/setup/workload-onboarding/guides/troubleshooting-685":{"__comp":"17896441","content":"a0b4edd1"},"/service-bridge/1.9.x/setup/workload-onboarding/onboarding-vms-cf0":{"__comp":"17896441","content":"5fe5cd67"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart-0ad":{"__comp":"14eb3368","__props":"3af81891"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/-43c":{"__comp":"17896441","content":"60965671"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-cb5":{"__comp":"17896441","content":"9083911b"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-abf":{"__comp":"17896441","content":"f77d67d0"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-132":{"__comp":"17896441","content":"cc173750"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-e47":{"__comp":"17896441","content":"5abf7f8d"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-0b3":{"__comp":"17896441","content":"54af0f26"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-7e0":{"__comp":"17896441","content":"1e366134"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/-b6c":{"__comp":"17896441","content":"79c37854"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-1dd":{"__comp":"17896441","content":"e0199160"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-35e":{"__comp":"17896441","content":"e871938d"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/-d52":{"__comp":"17896441","content":"3d211261"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-vm-9a4":{"__comp":"17896441","content":"949d2c95"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-541":{"__comp":"17896441","content":"19928dfb"},"/service-bridge/1.9.x/setup/workload-onboarding/quickstart/on-premise/onboard-vm-ba2":{"__comp":"17896441","content":"c537eaef"},"/service-bridge/1.9.x/troubleshooting-389":{"__comp":"14eb3368","__props":"8959d10c"},"/service-bridge/1.9.x/troubleshooting/cluster-onboarding-027":{"__comp":"17896441","content":"6df1dc8e"},"/service-bridge/1.9.x/troubleshooting/configuration-status-8eb":{"__comp":"17896441","content":"8cad4096"},"/service-bridge/1.9.x/troubleshooting/debug-container-119":{"__comp":"17896441","content":"9d0408d7"},"/service-bridge/1.9.x/troubleshooting/gateway-troubleshooting-f88":{"__comp":"17896441","content":"f1d78f65"},"/service-bridge/1.9.x/troubleshooting/identify-underperforming-services-f4f":{"__comp":"17896441","content":"960e1afb"},"/service-bridge/1.9.x/troubleshooting/Maximum-header-size-exceed-8dc":{"__comp":"17896441","content":"3bf10ec6"},"/service-bridge/1.9.x/troubleshooting/Multiple-Transfer-encoding-chunked-51f":{"__comp":"17896441","content":"f422510f"},"/service-bridge/1.9.x/troubleshooting/troubleshooting-401":{"__comp":"17896441","content":"8d58259d"},"/service-bridge/1.9.x/troubleshooting/tsb-ui-metrics-33c":{"__comp":"17896441","content":"c89df767"},"/service-bridge/1.9.x/workingwithsupport/workingWithTetrateSupport-598":{"__comp":"17896441","content":"114506a4"},"/service-bridge/next-4b5":{"__comp":"a7bd4aaa","__props":"7b199bb3"},"/service-bridge/next/tags-1b5":{"__comp":"3720c009","__props":"bfe6e1c0"},"/service-bridge/next/tags/featured-9f8":{"__comp":"df203c0f","__props":"58ccbf71"},"/service-bridge/next/tags/tsb-concepts-cd8":{"__comp":"df203c0f","__props":"22c6650c"},"/service-bridge/next/tags/tsb-quickstart-fde":{"__comp":"df203c0f","__props":"234bd398"},"/service-bridge/next-bb3":{"__comp":"a94703ab"},"/service-bridge/next/-294":{"__comp":"17896441","content":"da0f4f3b"},"/service-bridge/next/category/working-with-tetrate-customer-support-d20":{"__comp":"14eb3368","__props":"46996d88"},"/service-bridge/next/cheatsheet/-6d9":{"__comp":"17896441","content":"14ecf531"},"/service-bridge/next/cheatsheet/sheets/gateways-management-ad0":{"__comp":"17896441","content":"97a7fba6"},"/service-bridge/next/cheatsheet/sheets/kubectl-ef0":{"__comp":"17896441","content":"1b3a521b"},"/service-bridge/next/cheatsheet/sheets/security-management-25e":{"__comp":"17896441","content":"955b81f0"},"/service-bridge/next/cheatsheet/sheets/tctl-0ad":{"__comp":"17896441","content":"60aeb6b0"},"/service-bridge/next/cheatsheet/sheets/traffic-management-f41":{"__comp":"17896441","content":"1a68fde7"},"/service-bridge/next/cheatsheet/sheets/tsb-concepts-680":{"__comp":"17896441","content":"bc465ad6"},"/service-bridge/next/cheatsheet/sheets/tsb-quickstart-fe0":{"__comp":"17896441","content":"ac1f6b65"},"/service-bridge/next/cheatsheet/sheets/tsb-terminology-902":{"__comp":"17896441","content":"7150b41b"},"/service-bridge/next/concepts/-4da":{"__comp":"17896441","content":"cd43c50d"},"/service-bridge/next/concepts/architecture-157":{"__comp":"17896441","content":"5f731dfc"},"/service-bridge/next/concepts/configuration-dataflow-b44":{"__comp":"17896441","content":"d7cc4ca2"},"/service-bridge/next/concepts/configuration-inheritance-4cf":{"__comp":"17896441","content":"e469ce30"},"/service-bridge/next/concepts/glossary-443":{"__comp":"17896441","content":"6761038d"},"/service-bridge/next/concepts/observability-d2d":{"__comp":"17896441","content":"337ec615"},"/service-bridge/next/concepts/operators/-70b":{"__comp":"17896441","content":"cd2cf4dc"},"/service-bridge/next/concepts/operators/control-plane-f4f":{"__comp":"17896441","content":"3d791e94"},"/service-bridge/next/concepts/operators/management-plane-fa2":{"__comp":"17896441","content":"0f2a4fae"},"/service-bridge/next/concepts/security-f6e":{"__comp":"17896441","content":"66ae44a2"},"/service-bridge/next/concepts/service-mesh-769":{"__comp":"17896441","content":"ddde7118"},"/service-bridge/next/concepts/terminology-bd6":{"__comp":"17896441","content":"59cc7bdf"},"/service-bridge/next/concepts/traffic-management-25b":{"__comp":"17896441","content":"374cdd99"},"/service-bridge/next/concepts/tsb-and-ambient-059":{"__comp":"17896441","content":"377c34b5"},"/service-bridge/next/concepts/tsb-and-istio-d48":{"__comp":"17896441","content":"ded2ba12"},"/service-bridge/next/design-guides/-f07":{"__comp":"17896441","content":"b5be760a"},"/service-bridge/next/design-guides/app-onboarding/-08a":{"__comp":"17896441","content":"c85d92aa"},"/service-bridge/next/design-guides/app-onboarding/cross-cluster-eb5":{"__comp":"17896441","content":"06e89ece"},"/service-bridge/next/design-guides/app-onboarding/deploy-service-503":{"__comp":"17896441","content":"89dcf66c"},"/service-bridge/next/design-guides/app-onboarding/gateway-security-beb":{"__comp":"17896441","content":"c1d0bc1f"},"/service-bridge/next/design-guides/app-onboarding/high-availability-39f":{"__comp":"17896441","content":"8e5ae86c"},"/service-bridge/next/design-guides/app-onboarding/introduction-aa4":{"__comp":"17896441","content":"c566e8a7"},"/service-bridge/next/design-guides/app-onboarding/monitor-988":{"__comp":"17896441","content":"654c0c07"},"/service-bridge/next/design-guides/app-onboarding/prepare-2a8":{"__comp":"17896441","content":"29ee9a83"},"/service-bridge/next/design-guides/app-onboarding/promote-service-b9c":{"__comp":"17896441","content":"c8dbf4c6"},"/service-bridge/next/design-guides/app-onboarding/security-a91":{"__comp":"17896441","content":"6db45325"},"/service-bridge/next/design-guides/ha-dr-mp/-e3c":{"__comp":"17896441","content":"dbe87919"},"/service-bridge/next/design-guides/ha-dr-mp/active-standby/automated-synchronization-e34":{"__comp":"17896441","content":"c4fccddb"},"/service-bridge/next/design-guides/ha-dr-mp/active-standby/manual-backup-restore-20d":{"__comp":"17896441","content":"e67c7537"},"/service-bridge/next/design-guides/ha-dr-mp/active-standby/troubleshoot-2bb":{"__comp":"17896441","content":"a302f516"},"/service-bridge/next/design-guides/ha-dr-mp/before-you-begin-134":{"__comp":"17896441","content":"1735cf3d"},"/service-bridge/next/design-guides/ha-dr-mp/best-practices-0ea":{"__comp":"17896441","content":"6622b42f"},"/service-bridge/next/design-guides/ha-dr-mp/introduction-adb":{"__comp":"17896441","content":"9b6ed7ab"},"/service-bridge/next/design-guides/ha-dr-mp/manual/reinstall-aea":{"__comp":"17896441","content":"3a6cb274"},"/service-bridge/next/design-guides/ha-dr-mp/operating/monitor-3d7":{"__comp":"17896441","content":"d0e71946"},"/service-bridge/next/design-guides/ha-dr-mp/operating/troubleshoot-e28":{"__comp":"17896441","content":"a3eb415b"},"/service-bridge/next/design-guides/ha-dr-mp/scenarios-42e":{"__comp":"17896441","content":"b974bc14"},"/service-bridge/next/design-guides/ha-multicluster/-b90":{"__comp":"17896441","content":"c78c70f3"},"/service-bridge/next/design-guides/ha-multicluster/cluster-failover-ed8":{"__comp":"17896441","content":"9497b40c"},"/service-bridge/next/design-guides/ha-multicluster/demo-1-694":{"__comp":"17896441","content":"9255a9dd"},"/service-bridge/next/design-guides/ha-multicluster/demo-2-541":{"__comp":"17896441","content":"b8377558"},"/service-bridge/next/design-guides/ha-multicluster/edge-failover-b3b":{"__comp":"17896441","content":"aadad1d6"},"/service-bridge/next/design-guides/ha-multicluster/introduction-370":{"__comp":"17896441","content":"a7c3457a"},"/service-bridge/next/design-guides/ha-multicluster/operations-127":{"__comp":"17896441","content":"39fa1934"},"/service-bridge/next/howto-f93":{"__comp":"14eb3368","__props":"06cd4039"},"/service-bridge/next/howto/authorization/-65d":{"__comp":"17896441","content":"41169ef1"},"/service-bridge/next/howto/authorization/ingress-gateway-9b9":{"__comp":"17896441","content":"5c14a969"},"/service-bridge/next/howto/authorization/sidecar-292":{"__comp":"17896441","content":"b7cd80f5"},"/service-bridge/next/howto/authorization/tier1-gateway-4bb":{"__comp":"17896441","content":"0a3728af"},"/service-bridge/next/howto/authorization/tls-verification-53e":{"__comp":"17896441","content":"e6bf80c9"},"/service-bridge/next/howto/gateway-d17":{"__comp":"14eb3368","__props":"9401881e"},"/service-bridge/next/howto/gateway/app-ingress-b76":{"__comp":"17896441","content":"43b2390f"},"/service-bridge/next/howto/gateway/application-gateway-with-openapi-annotations-8d9":{"__comp":"17896441","content":"ad304b2c"},"/service-bridge/next/howto/gateway/configure-and-route-nonhttp-traffic-21e":{"__comp":"17896441","content":"38f8acf7"},"/service-bridge/next/howto/gateway/configure-oidc-5bb":{"__comp":"17896441","content":"7bf3db19"},"/service-bridge/next/howto/gateway/distributed-ingress-524":{"__comp":"17896441","content":"ceecbc25"},"/service-bridge/next/howto/gateway/end-user-auth-keycloak-914":{"__comp":"17896441","content":"6ef8343a"},"/service-bridge/next/howto/gateway/host-based-egress-access-control-444":{"__comp":"17896441","content":"62f7b563"},"/service-bridge/next/howto/gateway/https-with-proxy-protocol-d02":{"__comp":"17896441","content":"f7a5a240"},"/service-bridge/next/howto/gateway/multi-cluster-traffic-failover-priority-4d3":{"__comp":"17896441","content":"91453ec9"},"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-df7":{"__comp":"17896441","content":"8471990a"},"/service-bridge/next/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-fa7":{"__comp":"17896441","content":"870d6ff8"},"/service-bridge/next/howto/gateway/multi-cluster-traffic-shifting-a33":{"__comp":"17896441","content":"41c14a98"},"/service-bridge/next/howto/gateway/oas-validation-55e":{"__comp":"17896441","content":"58b346b4"},"/service-bridge/next/howto/gateway/service-identity-propagation-c7e":{"__comp":"17896441","content":"98691e50"},"/service-bridge/next/howto/gateway/shared-ingress-d77":{"__comp":"17896441","content":"0f723814"},"/service-bridge/next/howto/gateway/subset-based-routing-using-igw-and-service-route-3ee":{"__comp":"17896441","content":"ecc94156"},"/service-bridge/next/howto/gateway/unfied-gateway-management-via-mp-d1d":{"__comp":"17896441","content":"37858310"},"/service-bridge/next/howto/gateway/unified-gateway-d66":{"__comp":"17896441","content":"f7f9229c"},"/service-bridge/next/howto/gateway/unified-gateway-upgrade-b3b":{"__comp":"17896441","content":"a8fb932f"},"/service-bridge/next/howto/gateway/weighted-distribution-and-fallback-5de":{"__comp":"17896441","content":"0c948f26"},"/service-bridge/next/howto/gitops-072":{"__comp":"14eb3368","__props":"529e837b"},"/service-bridge/next/howto/gitops/argo-rollouts-ef7":{"__comp":"17896441","content":"aec5814a"},"/service-bridge/next/howto/gitops/clusterrole-d4e":{"__comp":"17896441","content":"3c75d444"},"/service-bridge/next/howto/gitops/flagger-55d":{"__comp":"17896441","content":"9810bf6b"},"/service-bridge/next/howto/gitops/flux-612":{"__comp":"17896441","content":"5ce99e8d"},"/service-bridge/next/howto/gitops/gitops-170":{"__comp":"17896441","content":"00dd8e5c"},"/service-bridge/next/howto/hpa-using-oap-e9a":{"__comp":"17896441","content":"d579c62a"},"/service-bridge/next/howto/network-policies-1bd":{"__comp":"17896441","content":"6c46fd54"},"/service-bridge/next/howto/promql-using-oap-d28":{"__comp":"17896441","content":"3a843cdd"},"/service-bridge/next/howto/rate-limiting/-74e":{"__comp":"17896441","content":"54811341"},"/service-bridge/next/howto/rate-limiting/external-rate-limiting-0fc":{"__comp":"17896441","content":"b4fbbfcb"},"/service-bridge/next/howto/rate-limiting/ingress-gateway-bfe":{"__comp":"17896441","content":"582089f1"},"/service-bridge/next/howto/rate-limiting/internal-rate-limiting-a54":{"__comp":"17896441","content":"0873210a"},"/service-bridge/next/howto/rate-limiting/service-to-service-0da":{"__comp":"17896441","content":"e6abb804"},"/service-bridge/next/howto/rate-limiting/tier1-gateway-1c9":{"__comp":"17896441","content":"fc0daf52"},"/service-bridge/next/howto/rate-limiting/tls-validation-1be":{"__comp":"17896441","content":"1a2f7cd6"},"/service-bridge/next/howto/security-domains-70d":{"__comp":"17896441","content":"183c0d86"},"/service-bridge/next/howto/service-accounts-150":{"__comp":"17896441","content":"8cc17dbe"},"/service-bridge/next/howto/traffic-bd9":{"__comp":"14eb3368","__props":"c023c5e8"},"/service-bridge/next/howto/traffic/canary-releases-5ee":{"__comp":"17896441","content":"4bc5aae3"},"/service-bridge/next/howto/traffic/configure-multi-port-service-route-6b2":{"__comp":"17896441","content":"42f10288"},"/service-bridge/next/howto/traffic/gateway-mtls-d18":{"__comp":"17896441","content":"dd4d7c20"},"/service-bridge/next/howto/traffic/load-balance-1bf":{"__comp":"17896441","content":"12312565"},"/service-bridge/next/howto/traffic/migrating-VM-monoliths-c0c":{"__comp":"17896441","content":"510ebeec"},"/service-bridge/next/howto/traffic/splitting-service-traffic-between-k8s-vms-c66":{"__comp":"17896441","content":"0519f40f"},"/service-bridge/next/howto/waf-d5d":{"__comp":"17896441","content":"d514c959"},"/service-bridge/next/howto/wasm-5fc":{"__comp":"14eb3368","__props":"99f14015"},"/service-bridge/next/howto/wasm/wasm-extension-79b":{"__comp":"17896441","content":"8a8511b9"},"/service-bridge/next/howto/wasm/wasm-overview-e41":{"__comp":"17896441","content":"95817dde"},"/service-bridge/next/howto/wasm/wasm-proxy-0dd":{"__comp":"17896441","content":"08fcb7c2"},"/service-bridge/next/howto/wasm/wasm-try-1ce":{"__comp":"17896441","content":"10eaca38"},"/service-bridge/next/knowledge-base-491":{"__comp":"14eb3368","__props":"48a0235c"},"/service-bridge/next/knowledge-base/faq-167":{"__comp":"17896441","content":"2518acb0"},"/service-bridge/next/knowledge-base/gitops-23e":{"__comp":"17896441","content":"78479a19"},"/service-bridge/next/operations-e6d":{"__comp":"14eb3368","__props":"7aef01f9"},"/service-bridge/next/operations/configuration-promotion-24f":{"__comp":"17896441","content":"35b7cad9"},"/service-bridge/next/operations/configure-log-levels-011":{"__comp":"17896441","content":"2be0d110"},"/service-bridge/next/operations/elasticsearch-ba4":{"__comp":"14eb3368","__props":"c55190b5"},"/service-bridge/next/operations/elasticsearch/elasticsearch-role-ec8":{"__comp":"17896441","content":"a378b4f7"},"/service-bridge/next/operations/elasticsearch/wipe-elastic-522":{"__comp":"17896441","content":"40be59f0"},"/service-bridge/next/operations/features-839":{"__comp":"14eb3368","__props":"5286bd3f"},"/service-bridge/next/operations/features/configure-cluster-external-addresses-8f4":{"__comp":"17896441","content":"5ae3b384"},"/service-bridge/next/operations/features/configure-gitops-107":{"__comp":"17896441","content":"563af2c4"},"/service-bridge/next/operations/features/deletion-protection-7a7":{"__comp":"17896441","content":"1bd62b16"},"/service-bridge/next/operations/features/edge-dns-resolution-33f":{"__comp":"17896441","content":"3defb21e"},"/service-bridge/next/operations/features/enable-config-protection-c34":{"__comp":"17896441","content":"a151c2a7"},"/service-bridge/next/operations/features/gateway-deletion-webhook-db1":{"__comp":"17896441","content":"9ecb8f0c"},"/service-bridge/next/operations/features/internal-wasm-extensions-70b":{"__comp":"17896441","content":"7111ec88"},"/service-bridge/next/operations/features/istio-cni-6a5":{"__comp":"17896441","content":"68f5c4c0"},"/service-bridge/next/operations/features/label-annotation-f32":{"__comp":"17896441","content":"33cd0b2b"},"/service-bridge/next/operations/features/streaming-log-34c":{"__comp":"17896441","content":"4147796e"},"/service-bridge/next/operations/features/tier1-in-app-cluster-a7f":{"__comp":"17896441","content":"5011829b"},"/service-bridge/next/operations/features/tls-origin-multi-cluster-4ec":{"__comp":"17896441","content":"07db89b1"},"/service-bridge/next/operations/graceful-connection-drain-a75":{"__comp":"17896441","content":"f1f3d2f2"},"/service-bridge/next/operations/kube-customization-f30":{"__comp":"17896441","content":"14f63511"},"/service-bridge/next/operations/lower-istio-resources-fa2":{"__comp":"17896441","content":"48329dd8"},"/service-bridge/next/operations/migrate-organization-c6b":{"__comp":"17896441","content":"afd5ef19"},"/service-bridge/next/operations/multiple-iam-keys-627":{"__comp":"17896441","content":"16c3079f"},"/service-bridge/next/operations/postgresql-7e1":{"__comp":"14eb3368","__props":"bbd85fcb"},"/service-bridge/next/operations/postgresql/auditlog-retention-5c2":{"__comp":"17896441","content":"6b2049bf"},"/service-bridge/next/operations/postgresql/azure-credentials-5fc":{"__comp":"17896441","content":"8a104b8e"},"/service-bridge/next/operations/postgresql/backup-and-restore-28e":{"__comp":"17896441","content":"40343663"},"/service-bridge/next/operations/postgresql/managing-kubegres-73c":{"__comp":"17896441","content":"57f73bfd"},"/service-bridge/next/operations/telemetry-dff":{"__comp":"14eb3368","__props":"1202aa4f"},"/service-bridge/next/operations/telemetry/alerting-guidelines-19d":{"__comp":"17896441","content":"c5562c33"},"/service-bridge/next/operations/telemetry/distributed-tracing-d47":{"__comp":"17896441","content":"44466b80"},"/service-bridge/next/operations/telemetry/key-metrics-a0d":{"__comp":"17896441","content":"623aa1a2"},"/service-bridge/next/operations/telemetry/new-relic-9cd":{"__comp":"17896441","content":"304b5c37"},"/service-bridge/next/operations/telemetry/red-metrics-740":{"__comp":"17896441","content":"08735d73"},"/service-bridge/next/operations/telemetry/telemetry-architecture-303":{"__comp":"17896441","content":"e0627c5f"},"/service-bridge/next/operations/users-f5a":{"__comp":"14eb3368","__props":"38f2d848"},"/service-bridge/next/operations/users/admin-password-cfb":{"__comp":"17896441","content":"073ad08d"},"/service-bridge/next/operations/users/configuring-ldap-dff":{"__comp":"17896441","content":"ca42eac5"},"/service-bridge/next/operations/users/new-user-local-idp-0cc":{"__comp":"17896441","content":"b1d31ab3"},"/service-bridge/next/operations/users/oidc-azure-719":{"__comp":"17896441","content":"858aa3d6"},"/service-bridge/next/operations/users/tsb-fqns-8da":{"__comp":"17896441","content":"32d0b0b8"},"/service-bridge/next/operations/users/user-synchronization-ce4":{"__comp":"17896441","content":"af2831dd"},"/service-bridge/next/operations/users/users-roles-and-permissions-e47":{"__comp":"17896441","content":"db263acb"},"/service-bridge/next/operations/vault-507":{"__comp":"14eb3368","__props":"010c9526"},"/service-bridge/next/operations/vault/elasticsearch-e5a":{"__comp":"17896441","content":"37285fb9"},"/service-bridge/next/operations/vault/istiod-ca-e0f":{"__comp":"17896441","content":"3bec870e"},"/service-bridge/next/operations/vault/postgresql-d86":{"__comp":"17896441","content":"3c3a09de"},"/service-bridge/next/quickstart-8ef":{"__comp":"14eb3368","__props":"bb143690"},"/service-bridge/next/quickstart/apps-6b5":{"__comp":"17896441","content":"887c8d6b"},"/service-bridge/next/quickstart/config-groups-96f":{"__comp":"17896441","content":"1e820038"},"/service-bridge/next/quickstart/deploy-sample-app-16b":{"__comp":"17896441","content":"d2a2781a"},"/service-bridge/next/quickstart/ingress-gateway-212":{"__comp":"17896441","content":"7c662ff8"},"/service-bridge/next/quickstart/introduction-b44":{"__comp":"17896441","content":"6fb7b5f0"},"/service-bridge/next/quickstart/observability-de5":{"__comp":"17896441","content":"a2b516d2"},"/service-bridge/next/quickstart/permissions-5b2":{"__comp":"17896441","content":"3a979227"},"/service-bridge/next/quickstart/security-e54":{"__comp":"17896441","content":"4cddd0f4"},"/service-bridge/next/quickstart/tenant-e18":{"__comp":"17896441","content":"5f9a5442"},"/service-bridge/next/quickstart/traffic-shifting-517":{"__comp":"17896441","content":"1e94c2d8"},"/service-bridge/next/quickstart/workspace-4d5":{"__comp":"17896441","content":"26c3c763"},"/service-bridge/next/reference-edc":{"__comp":"14eb3368","__props":"0076bf0f"},"/service-bridge/next/reference/cli-45b":{"__comp":"14eb3368","__props":"e42593ca"},"/service-bridge/next/reference/cli/guide/index-a97":{"__comp":"17896441","content":"b2b086c3"},"/service-bridge/next/reference/cli/guide/toc-c56":{"__comp":"14eb3368","__props":"61288820"},"/service-bridge/next/reference/cli/reference-9ce":{"__comp":"14eb3368","__props":"32995692"},"/service-bridge/next/reference/cli/reference/apply-839":{"__comp":"17896441","content":"b7002e5a"},"/service-bridge/next/reference/cli/reference/audit-be8":{"__comp":"17896441","content":"e623b714"},"/service-bridge/next/reference/cli/reference/collect-82f":{"__comp":"17896441","content":"120c1f27"},"/service-bridge/next/reference/cli/reference/completion-2d5":{"__comp":"17896441","content":"a808857d"},"/service-bridge/next/reference/cli/reference/config-534":{"__comp":"17896441","content":"7bde2f9d"},"/service-bridge/next/reference/cli/reference/debug-6ca":{"__comp":"17896441","content":"c8322ffa"},"/service-bridge/next/reference/cli/reference/delete-d46":{"__comp":"17896441","content":"3a9d8da4"},"/service-bridge/next/reference/cli/reference/edit-aad":{"__comp":"17896441","content":"02c3cb1e"},"/service-bridge/next/reference/cli/reference/experimental-7d2":{"__comp":"17896441","content":"4f7b4c59"},"/service-bridge/next/reference/cli/reference/get-297":{"__comp":"17896441","content":"f7e196a3"},"/service-bridge/next/reference/cli/reference/index-6a8":{"__comp":"17896441","content":"53f65bb7"},"/service-bridge/next/reference/cli/reference/install-66d":{"__comp":"17896441","content":"734fcc29"},"/service-bridge/next/reference/cli/reference/login-3db":{"__comp":"17896441","content":"6e75d441"},"/service-bridge/next/reference/cli/reference/service-account-6b4":{"__comp":"17896441","content":"320af265"},"/service-bridge/next/reference/cli/reference/status-fd7":{"__comp":"17896441","content":"95b5f825"},"/service-bridge/next/reference/cli/reference/ui-3df":{"__comp":"17896441","content":"7bc7dead"},"/service-bridge/next/reference/cli/reference/validate-6ad":{"__comp":"17896441","content":"3ca6b710"},"/service-bridge/next/reference/cli/reference/version-5be":{"__comp":"17896441","content":"752a22a6"},"/service-bridge/next/reference/cli/reference/whoami-8bd":{"__comp":"17896441","content":"1a112b26"},"/service-bridge/next/reference/cli/reference/workload-entry-annotations-21f":{"__comp":"17896441","content":"31d50142"},"/service-bridge/next/reference/grpc-api-831":{"__comp":"14eb3368","__props":"b647ace3"},"/service-bridge/next/reference/grpc-api/guide-c90":{"__comp":"17896441","content":"eec9cbf5"},"/service-bridge/next/reference/grpc-api/reference-5a3":{"__comp":"14eb3368","__props":"cbdc46a5"},"/service-bridge/next/reference/k8s-api-d98":{"__comp":"14eb3368","__props":"c4f9f45d"},"/service-bridge/next/reference/k8s-api/guide-99e":{"__comp":"17896441","content":"035aa0b9"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen-e70":{"__comp":"14eb3368","__props":"e03f46e4"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-547":{"__comp":"17896441","content":"0ea8c8c0"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-feb":{"__comp":"17896441","content":"556b833d"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-d31":{"__comp":"17896441","content":"0ac91703"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-bcc":{"__comp":"17896441","content":"2a2e6f9d"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io-1a3":{"__comp":"17896441","content":"53835300"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-02b":{"__comp":"17896441","content":"c8b7c3d4"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-315":{"__comp":"17896441","content":"9aba021b"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io-f6b":{"__comp":"17896441","content":"05887cd2"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-61d":{"__comp":"17896441","content":"37fd805b"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api-087":{"__comp":"17896441","content":"6de62742"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-3b1":{"__comp":"17896441","content":"586b1056"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig-8d5":{"__comp":"17896441","content":"26271678"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-e52":{"__comp":"17896441","content":"a2e3d252"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-8c4":{"__comp":"17896441","content":"f1158d4b"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-6f1":{"__comp":"17896441","content":"dd0a946e"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-e04":{"__comp":"17896441","content":"05b9c640"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-8fc":{"__comp":"17896441","content":"7752c5bd"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-2c7":{"__comp":"17896441","content":"65589740"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user-cb1":{"__comp":"17896441","content":"4e947938"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-042":{"__comp":"17896441","content":"8dc1f89e"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-4cf":{"__comp":"17896441","content":"a9ca7279"},"/service-bridge/next/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-67e":{"__comp":"14eb3368","__props":"453067f0"},"/service-bridge/next/reference/operators-c58":{"__comp":"14eb3368","__props":"f5aa75be"},"/service-bridge/next/reference/rest-api/guide-7ad":{"__comp":"17896441","content":"e54c2dfb"},"/service-bridge/next/reference/samples-ee6":{"__comp":"14eb3368","__props":"cf9c681c"},"/service-bridge/next/reference/samples/httpbin-2ed":{"__comp":"17896441","content":"4ef42de6"},"/service-bridge/next/reference/samples/opa-108":{"__comp":"17896441","content":"b2ed36ae"},"/service-bridge/next/reference/samples/sleep-service-6fd":{"__comp":"17896441","content":"603b27d9"},"/service-bridge/next/reference/workload-onboarding-04d":{"__comp":"14eb3368","__props":"33de02e4"},"/service-bridge/next/reference/workload-onboarding/onboarding-agent-b45":{"__comp":"14eb3368","__props":"40cd1571"},"/service-bridge/next/reference/workload-onboarding/onboarding-authorization-b1a":{"__comp":"14eb3368","__props":"86175ec6"},"/service-bridge/next/reference/workload-onboarding/onboarding-runtime-8e5":{"__comp":"14eb3368","__props":"9fa2f6ff"},"/service-bridge/next/reference/yaml-api-7af":{"__comp":"14eb3368","__props":"fe14559c"},"/service-bridge/next/reference/yaml-api/guide-afd":{"__comp":"17896441","content":"036d6cd4"},"/service-bridge/next/reference/yaml-api/reference-ee1":{"__comp":"14eb3368","__props":"a95198ba"},"/service-bridge/next/refs/audit/v1/audit-c2f":{"__comp":"17896441","content":"28e986a1"},"/service-bridge/next/refs/audit/v1/grpc-464":{"__comp":"14eb3368","__props":"34c1ecac"},"/service-bridge/next/refs/iam/v2/grpc-10a":{"__comp":"14eb3368","__props":"90e47deb"},"/service-bridge/next/refs/iam/v2/oauth_service-e55":{"__comp":"17896441","content":"57a39f82"},"/service-bridge/next/refs/iam/v2/oidc_service-c9b":{"__comp":"17896441","content":"27a16c3f"},"/service-bridge/next/refs/install-a33":{"__comp":"14eb3368","__props":"2671c056"},"/service-bridge/next/refs/install/common/common_config-5f0":{"__comp":"17896441","content":"6fc9a668"},"/service-bridge/next/refs/install/controlplane/v1alpha1/spec-a15":{"__comp":"17896441","content":"a8576736"},"/service-bridge/next/refs/install/controlplane/v1alpha1/status-953":{"__comp":"17896441","content":"8c59df1c"},"/service-bridge/next/refs/install/dataplane/v1alpha1/spec-8db":{"__comp":"17896441","content":"0c2c5631"},"/service-bridge/next/refs/install/kubernetes/k8s-60f":{"__comp":"17896441","content":"63ed9dfd"},"/service-bridge/next/refs/install/managementplane/v1alpha1/spec-3c7":{"__comp":"17896441","content":"eb88e070"},"/service-bridge/next/refs/install/managementplane/v1alpha1/status-500":{"__comp":"17896441","content":"f190d3af"},"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/agent_configuration-666":{"__comp":"17896441","content":"8b69bf3c"},"/service-bridge/next/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-a08":{"__comp":"17896441","content":"3214e697"},"/service-bridge/next/refs/onboarding/config/authorization/aws/v1alpha1/aws-4e7":{"__comp":"17896441","content":"10586e0e"},"/service-bridge/next/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-784":{"__comp":"17896441","content":"9af1eddb"},"/service-bridge/next/refs/onboarding/config/authorization/v1alpha1/policy-c1b":{"__comp":"17896441","content":"83d78b47"},"/service-bridge/next/refs/onboarding/config/install/v1alpha1/jwt_issuer-9de":{"__comp":"17896441","content":"62a5d799"},"/service-bridge/next/refs/onboarding/config/install/v1alpha1/workload_configuration-4cb":{"__comp":"17896441","content":"49c50ce2"},"/service-bridge/next/refs/onboarding/config/runtime/v1alpha1/registration-ddd":{"__comp":"17896441","content":"88597737"},"/service-bridge/next/refs/onboarding/config/types/config/v1alpha1/transport_security-a62":{"__comp":"17896441","content":"1d9261b7"},"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/condition-884":{"__comp":"17896441","content":"17408426"},"/service-bridge/next/refs/onboarding/config/types/core/v1alpha1/namespaced_name-8c9":{"__comp":"17896441","content":"28b5918c"},"/service-bridge/next/refs/onboarding/config/types/identity/aws/v1alpha1/aws-4d1":{"__comp":"17896441","content":"fb48a04d"},"/service-bridge/next/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-409":{"__comp":"17896441","content":"114385c5"},"/service-bridge/next/refs/onboarding/config/types/identity/v1alpha1/identity-ae7":{"__comp":"17896441","content":"d23922f5"},"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/hostinfo-1d8":{"__comp":"17896441","content":"e84166c3"},"/service-bridge/next/refs/onboarding/config/types/registration/v1alpha1/registration-cb1":{"__comp":"17896441","content":"37e7c9ae"},"/service-bridge/next/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin-ede":{"__comp":"17896441","content":"afecb657"},"/service-bridge/next/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin-15d":{"__comp":"17896441","content":"e8d4c7f4"},"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service-e43":{"__comp":"17896441","content":"307ee384"},"/service-bridge/next/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service-a66":{"__comp":"17896441","content":"961635bc"},"/service-bridge/next/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration-afd":{"__comp":"17896441","content":"ed0ba047"},"/service-bridge/next/refs/onboarding/private/component/plane/generator/v1alpha1/version-445":{"__comp":"17896441","content":"64c0f79a"},"/service-bridge/next/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token-f8d":{"__comp":"17896441","content":"dc084f49"},"/service-bridge/next/refs/onboarding/private/install/v1alpha1/spec-4fb":{"__comp":"17896441","content":"94e9a1bd"},"/service-bridge/next/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service-eda":{"__comp":"17896441","content":"2f65e3f1"},"/service-bridge/next/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service-d75":{"__comp":"17896441","content":"fece4fb2"},"/service-bridge/next/refs/onboarding/private/protocol/registration/v1alpha1/registration_service-019":{"__comp":"17896441","content":"738d99ca"},"/service-bridge/next/refs/onboarding/private/protocol/session/v1alpha1/session_service-605":{"__comp":"17896441","content":"58d169fd"},"/service-bridge/next/refs/onboarding/private/types/config/v1alpha1/transport_security-e41":{"__comp":"17896441","content":"8cccc3d2"},"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/ec2-81f":{"__comp":"17896441","content":"78643eb7"},"/service-bridge/next/refs/onboarding/private/types/credential/aws/v1alpha1/sts-c62":{"__comp":"17896441","content":"37da6ef1"},"/service-bridge/next/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt-a12":{"__comp":"17896441","content":"ce79d6b8"},"/service-bridge/next/refs/onboarding/private/types/discovery/v1alpha1/discovery-05b":{"__comp":"17896441","content":"09856525"},"/service-bridge/next/refs/onboarding/private/types/sidecar/v1alpha1/configuration-35c":{"__comp":"17896441","content":"2060f524"},"/service-bridge/next/refs/private/iam/v1/iam-87a":{"__comp":"17896441","content":"de206643"},"/service-bridge/next/refs/test/v1/echo-cfc":{"__comp":"17896441","content":"77cc394b"},"/service-bridge/next/refs/tsb/application/v2/api-add":{"__comp":"17896441","content":"88f9fd9f"},"/service-bridge/next/refs/tsb/application/v2/application-d56":{"__comp":"17896441","content":"248a7aa3"},"/service-bridge/next/refs/tsb/application/v2/application_service-5a5":{"__comp":"17896441","content":"5f7a5c96"},"/service-bridge/next/refs/tsb/application/v2/grpc-b0a":{"__comp":"14eb3368","__props":"481f326f"},"/service-bridge/next/refs/tsb/application/v2/openapi_extensions-cf6":{"__comp":"17896441","content":"3a4b5a30"},"/service-bridge/next/refs/tsb/application/v2/yaml-fad":{"__comp":"14eb3368","__props":"0273d591"},"/service-bridge/next/refs/tsb/auth/v2/auth-d45":{"__comp":"17896441","content":"b6858591"},"/service-bridge/next/refs/tsb/auth/v2/yaml-4d9":{"__comp":"14eb3368","__props":"36b3a3fc"},"/service-bridge/next/refs/tsb/dashboard/v1/dashboard_service-4e8":{"__comp":"17896441","content":"a64dafeb"},"/service-bridge/next/refs/tsb/dashboard/v1/grpc-629":{"__comp":"14eb3368","__props":"f13a4efe"},"/service-bridge/next/refs/tsb/diagnostic/v2/diagnostic_service-db5":{"__comp":"17896441","content":"7b0dd22a"},"/service-bridge/next/refs/tsb/diagnostic/v2/grpc-7b5":{"__comp":"14eb3368","__props":"7d91250a"},"/service-bridge/next/refs/tsb/extension/v2/grpc-f35":{"__comp":"14eb3368","__props":"57f992f1"},"/service-bridge/next/refs/tsb/extension/v2/wasm_extension-c46":{"__comp":"17896441","content":"68a4940c"},"/service-bridge/next/refs/tsb/extension/v2/wasm_service-320":{"__comp":"17896441","content":"9b31e299"},"/service-bridge/next/refs/tsb/extension/v2/yaml-d4c":{"__comp":"14eb3368","__props":"7ebbfd9f"},"/service-bridge/next/refs/tsb/gateway/v2/auth-551":{"__comp":"17896441","content":"65ac9930"},"/service-bridge/next/refs/tsb/gateway/v2/eastwest_gateway-195":{"__comp":"17896441","content":"3c296809"},"/service-bridge/next/refs/tsb/gateway/v2/egress_gateway-d0f":{"__comp":"17896441","content":"a137e637"},"/service-bridge/next/refs/tsb/gateway/v2/gateway-c82":{"__comp":"17896441","content":"04a9c9fb"},"/service-bridge/next/refs/tsb/gateway/v2/gateway_common-5ed":{"__comp":"17896441","content":"7b5225fc"},"/service-bridge/next/refs/tsb/gateway/v2/gateway_group-f65":{"__comp":"17896441","content":"638990fb"},"/service-bridge/next/refs/tsb/gateway/v2/gateway_service-8af":{"__comp":"17896441","content":"cf01a667"},"/service-bridge/next/refs/tsb/gateway/v2/grpc-90a":{"__comp":"14eb3368","__props":"158b6748"},"/service-bridge/next/refs/tsb/gateway/v2/ingress_gateway-51c":{"__comp":"17896441","content":"acdedb08"},"/service-bridge/next/refs/tsb/gateway/v2/istio_gateway_direct-247":{"__comp":"17896441","content":"3d31207b"},"/service-bridge/next/refs/tsb/gateway/v2/tier1_gateway-4a4":{"__comp":"17896441","content":"4037bd6e"},"/service-bridge/next/refs/tsb/gateway/v2/yaml-c07":{"__comp":"14eb3368","__props":"274a9d82"},"/service-bridge/next/refs/tsb/istiointernal/v2/grpc-5d3":{"__comp":"14eb3368","__props":"ae33650f"},"/service-bridge/next/refs/tsb/istiointernal/v2/istio_internal_group-a0f":{"__comp":"17896441","content":"87fb2b5c"},"/service-bridge/next/refs/tsb/istiointernal/v2/istio_istiointernal_direct-c7e":{"__comp":"17896441","content":"436037e1"},"/service-bridge/next/refs/tsb/istiointernal/v2/istiointernal_service-7b3":{"__comp":"17896441","content":"cc6cafc5"},"/service-bridge/next/refs/tsb/istiointernal/v2/yaml-710":{"__comp":"14eb3368","__props":"c7efd4d8"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/grpc-75c":{"__comp":"14eb3368","__props":"3ffa122c"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric-c7e":{"__comp":"17896441","content":"ddac4a9c"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/metric_service-2f0":{"__comp":"17896441","content":"b48c4f09"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/source-8ae":{"__comp":"17896441","content":"8012df74"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/source_service-3fc":{"__comp":"17896441","content":"9bfb2702"},"/service-bridge/next/refs/tsb/observability/telemetry/v2/yaml-da4":{"__comp":"14eb3368","__props":"e31a84ec"},"/service-bridge/next/refs/tsb/profile/v2/grpc-88e":{"__comp":"14eb3368","__props":"e26eaebb"},"/service-bridge/next/refs/tsb/profile/v2/profile-e55":{"__comp":"17896441","content":"257fff07"},"/service-bridge/next/refs/tsb/profile/v2/profile_service-ee4":{"__comp":"17896441","content":"b72b5b4c"},"/service-bridge/next/refs/tsb/profile/v2/yaml-972":{"__comp":"14eb3368","__props":"dca9b665"},"/service-bridge/next/refs/tsb/q/v2/approvals_service-5b3":{"__comp":"17896441","content":"1fd5a933"},"/service-bridge/next/refs/tsb/q/v2/grpc-0c4":{"__comp":"14eb3368","__props":"6384f04a"},"/service-bridge/next/refs/tsb/q/v2/permissions_service-109":{"__comp":"17896441","content":"87a0e8f6"},"/service-bridge/next/refs/tsb/rbac/v2/access_bindings-bd7":{"__comp":"17896441","content":"5a7bc876"},"/service-bridge/next/refs/tsb/rbac/v2/api_access_bindings-b99":{"__comp":"17896441","content":"7030b983"},"/service-bridge/next/refs/tsb/rbac/v2/application_access_bindings-c4e":{"__comp":"17896441","content":"0043252d"},"/service-bridge/next/refs/tsb/rbac/v2/binding-17b":{"__comp":"17896441","content":"0c2040a9"},"/service-bridge/next/refs/tsb/rbac/v2/gateway_access_bindings-7c2":{"__comp":"17896441","content":"32f36e01"},"/service-bridge/next/refs/tsb/rbac/v2/grpc-d67":{"__comp":"14eb3368","__props":"ce2e70ae"},"/service-bridge/next/refs/tsb/rbac/v2/istio_internal_access_bindings-4c7":{"__comp":"17896441","content":"6531fedb"},"/service-bridge/next/refs/tsb/rbac/v2/organization_access_bindings-35a":{"__comp":"17896441","content":"4cff0c3d"},"/service-bridge/next/refs/tsb/rbac/v2/permissions-9ef":{"__comp":"17896441","content":"e1b25346"},"/service-bridge/next/refs/tsb/rbac/v2/policy_service-6e2":{"__comp":"17896441","content":"512e5800"},"/service-bridge/next/refs/tsb/rbac/v2/role-1cd":{"__comp":"17896441","content":"7b7ae4b2"},"/service-bridge/next/refs/tsb/rbac/v2/role_service-183":{"__comp":"17896441","content":"1d0dc4ba"},"/service-bridge/next/refs/tsb/rbac/v2/security_access_bindings-dea":{"__comp":"17896441","content":"5de423ae"},"/service-bridge/next/refs/tsb/rbac/v2/tenant_access_bindings-5ad":{"__comp":"17896441","content":"76cd3d8b"},"/service-bridge/next/refs/tsb/rbac/v2/traffic_access_bindings-c4a":{"__comp":"17896441","content":"cb141059"},"/service-bridge/next/refs/tsb/rbac/v2/workspace_access_bindings-fed":{"__comp":"17896441","content":"c9fd7d63"},"/service-bridge/next/refs/tsb/rbac/v2/yaml-30e":{"__comp":"14eb3368","__props":"89be8aca"},"/service-bridge/next/refs/tsb/registry/v2/grpc-561":{"__comp":"14eb3368","__props":"3fcf88ab"},"/service-bridge/next/refs/tsb/registry/v2/lookup_service-57c":{"__comp":"17896441","content":"fa9134c2"},"/service-bridge/next/refs/tsb/registry/v2/registration_service-041":{"__comp":"17896441","content":"85316621"},"/service-bridge/next/refs/tsb/registry/v2/service-98d":{"__comp":"17896441","content":"a6ec60a0"},"/service-bridge/next/refs/tsb/registry/v2/yaml-11f":{"__comp":"14eb3368","__props":"edc2c22f"},"/service-bridge/next/refs/tsb/security/v2/grpc-c46":{"__comp":"14eb3368","__props":"104bd185"},"/service-bridge/next/refs/tsb/security/v2/istio_security_direct-5db":{"__comp":"17896441","content":"05510768"},"/service-bridge/next/refs/tsb/security/v2/security_group-c38":{"__comp":"17896441","content":"3f0ed8cd"},"/service-bridge/next/refs/tsb/security/v2/security_service-8bc":{"__comp":"17896441","content":"365ddca3"},"/service-bridge/next/refs/tsb/security/v2/security_setting-18a":{"__comp":"17896441","content":"51647a56"},"/service-bridge/next/refs/tsb/security/v2/service_security_setting-980":{"__comp":"17896441","content":"941bfad6"},"/service-bridge/next/refs/tsb/security/v2/waf_settings-33e":{"__comp":"17896441","content":"5a05b2f6"},"/service-bridge/next/refs/tsb/security/v2/yaml-169":{"__comp":"14eb3368","__props":"03c0d966"},"/service-bridge/next/refs/tsb/segmentation/v1/grpc-a9a":{"__comp":"14eb3368","__props":"e4f94384"},"/service-bridge/next/refs/tsb/segmentation/v1/membership-060":{"__comp":"17896441","content":"f2144d63"},"/service-bridge/next/refs/tsb/segmentation/v1/policy-35e":{"__comp":"17896441","content":"b225885b"},"/service-bridge/next/refs/tsb/segmentation/v1/rules-4ae":{"__comp":"17896441","content":"ca2f4c7c"},"/service-bridge/next/refs/tsb/segmentation/v1/service-b66":{"__comp":"17896441","content":"74b397b3"},"/service-bridge/next/refs/tsb/segmentation/v1/yaml-5bf":{"__comp":"14eb3368","__props":"fd958da3"},"/service-bridge/next/refs/tsb/traffic/v2/grpc-bd3":{"__comp":"14eb3368","__props":"339524db"},"/service-bridge/next/refs/tsb/traffic/v2/istio_traffic_direct-257":{"__comp":"17896441","content":"ada617db"},"/service-bridge/next/refs/tsb/traffic/v2/service_route-3ec":{"__comp":"17896441","content":"ad4461b2"},"/service-bridge/next/refs/tsb/traffic/v2/service_traffic_setting-d21":{"__comp":"17896441","content":"f0bbd7f7"},"/service-bridge/next/refs/tsb/traffic/v2/traffic_group-220":{"__comp":"17896441","content":"25bf1d3d"},"/service-bridge/next/refs/tsb/traffic/v2/traffic_service-224":{"__comp":"17896441","content":"1f57b2f8"},"/service-bridge/next/refs/tsb/traffic/v2/traffic_setting-687":{"__comp":"17896441","content":"5c206b89"},"/service-bridge/next/refs/tsb/traffic/v2/yaml-6e8":{"__comp":"14eb3368","__props":"861c76a8"},"/service-bridge/next/refs/tsb/types/v2/types-bcc":{"__comp":"17896441","content":"4740cd1f"},"/service-bridge/next/refs/tsb/types/v2/yaml-05d":{"__comp":"14eb3368","__props":"46eef56e"},"/service-bridge/next/refs/tsb/v2/api-661":{"__comp":"17896441","content":"b63cd214"},"/service-bridge/next/refs/tsb/v2/cluster-611":{"__comp":"17896441","content":"9bc14ce8"},"/service-bridge/next/refs/tsb/v2/cluster_service-b27":{"__comp":"17896441","content":"f62860a6"},"/service-bridge/next/refs/tsb/v2/grpc-fa9":{"__comp":"14eb3368","__props":"2bd2cd97"},"/service-bridge/next/refs/tsb/v2/info-575":{"__comp":"17896441","content":"4f28a6dd"},"/service-bridge/next/refs/tsb/v2/organization-df7":{"__comp":"17896441","content":"39fa2f31"},"/service-bridge/next/refs/tsb/v2/organization_service-dbb":{"__comp":"17896441","content":"a1349e7f"},"/service-bridge/next/refs/tsb/v2/organization_setting-521":{"__comp":"17896441","content":"1b79036b"},"/service-bridge/next/refs/tsb/v2/status-83d":{"__comp":"17896441","content":"fa676858"},"/service-bridge/next/refs/tsb/v2/status_service-511":{"__comp":"17896441","content":"9134ac37"},"/service-bridge/next/refs/tsb/v2/team-a94":{"__comp":"17896441","content":"5326049a"},"/service-bridge/next/refs/tsb/v2/team_service-ea8":{"__comp":"17896441","content":"fad445e1"},"/service-bridge/next/refs/tsb/v2/tenant-8a3":{"__comp":"17896441","content":"fa28f9c8"},"/service-bridge/next/refs/tsb/v2/tenant_service-e93":{"__comp":"17896441","content":"7a2fed51"},"/service-bridge/next/refs/tsb/v2/tenant_setting-e49":{"__comp":"17896441","content":"148c18f9"},"/service-bridge/next/refs/tsb/v2/workspace-5c4":{"__comp":"17896441","content":"9272f0ab"},"/service-bridge/next/refs/tsb/v2/workspace_service-a36":{"__comp":"17896441","content":"0bb4c045"},"/service-bridge/next/refs/tsb/v2/workspace_setting-f8e":{"__comp":"17896441","content":"c3de49f1"},"/service-bridge/next/refs/tsb/v2/yaml-1b5":{"__comp":"14eb3368","__props":"15caf63a"},"/service-bridge/next/release-notes-2c6":{"__comp":"17896441","content":"ae0eb984"},"/service-bridge/next/release-notes-announcements-c04":{"__comp":"14eb3368","__props":"3389ffef"},"/service-bridge/next/release-notes-announcements/announcement-8dd":{"__comp":"17896441","content":"cb594c86"},"/service-bridge/next/release-notes-announcements/feature-status-b88":{"__comp":"17896441","content":"c2f41a6d"},"/service-bridge/next/release-notes-announcements/support-policy-143":{"__comp":"17896441","content":"5b1d3641"},"/service-bridge/next/setup-969":{"__comp":"14eb3368","__props":"41693aae"},"/service-bridge/next/setup/aws-3f6":{"__comp":"14eb3368","__props":"c2dace94"},"/service-bridge/next/setup/aws/container-marketplace-1ad":{"__comp":"17896441","content":"4556949b"},"/service-bridge/next/setup/aws/vpc-dbf":{"__comp":"17896441","content":"66b26396"},"/service-bridge/next/setup/certificate-1e0":{"__comp":"14eb3368","__props":"b0bddd54"},"/service-bridge/next/setup/certificate/automated-certificate-management-ffc":{"__comp":"17896441","content":"2b1386ed"},"/service-bridge/next/setup/certificate/certificate-requirements-9c5":{"__comp":"17896441","content":"b8c0b34e"},"/service-bridge/next/setup/certificate/certificate-setup-6a0":{"__comp":"17896441","content":"b9deea99"},"/service-bridge/next/setup/components-c2b":{"__comp":"17896441","content":"45facafd"},"/service-bridge/next/setup/fips-6cf":{"__comp":"17896441","content":"cce60511"},"/service-bridge/next/setup/firewall-information-a82":{"__comp":"17896441","content":"b7d62ceb"},"/service-bridge/next/setup/helm/-938":{"__comp":"17896441","content":"898970fe"},"/service-bridge/next/setup/helm/controlplane-b4e":{"__comp":"17896441","content":"da3a8962"},"/service-bridge/next/setup/helm/helm-f9c":{"__comp":"17896441","content":"928811dc"},"/service-bridge/next/setup/helm/managementplane-718":{"__comp":"17896441","content":"ffdfc10f"},"/service-bridge/next/setup/helm/uninstallation-1e0":{"__comp":"17896441","content":"879e44bb"},"/service-bridge/next/setup/helm/upgrade-cbd":{"__comp":"17896441","content":"de2f1b11"},"/service-bridge/next/setup/isolation-boundaries-cb5":{"__comp":"17896441","content":"2c75241e"},"/service-bridge/next/setup/isolation-boundaries-installation-977":{"__comp":"17896441","content":"f85e031e"},"/service-bridge/next/setup/migrate-tctl-to-helm-744":{"__comp":"17896441","content":"11752b77"},"/service-bridge/next/setup/remote-registry-50e":{"__comp":"17896441","content":"4f268e22"},"/service-bridge/next/setup/requirements-and-download-414":{"__comp":"17896441","content":"f5a9618b"},"/service-bridge/next/setup/resource-planning-bb5":{"__comp":"17896441","content":"eba0b438"},"/service-bridge/next/setup/security-context-fa7":{"__comp":"17896441","content":"98f872b5"},"/service-bridge/next/setup/self-managed/-453":{"__comp":"17896441","content":"31f1889e"},"/service-bridge/next/setup/self-managed/demo-installation-0c7":{"__comp":"17896441","content":"0f063a09"},"/service-bridge/next/setup/self-managed/management-plane-installation-b65":{"__comp":"17896441","content":"faef8211"},"/service-bridge/next/setup/self-managed/onboarding-clusters-4d0":{"__comp":"17896441","content":"be8bf647"},"/service-bridge/next/setup/self-managed/uninstallation-61b":{"__comp":"17896441","content":"cf5ef03e"},"/service-bridge/next/setup/self-managed/upgrade-caf":{"__comp":"17896441","content":"c0701876"},"/service-bridge/next/setup/tctl-connect-5f4":{"__comp":"17896441","content":"470a45f1"},"/service-bridge/next/setup/upgrade-best-practices-560":{"__comp":"17896441","content":"d4ae3c45"},"/service-bridge/next/setup/upgrades-c50":{"__comp":"14eb3368","__props":"632d8be6"},"/service-bridge/next/setup/upgrades/cni-upgrade-c47":{"__comp":"17896441","content":"927ab661"},"/service-bridge/next/setup/upgrades/gateway-upgrade-f35":{"__comp":"17896441","content":"ab303757"},"/service-bridge/next/setup/upgrades/non-revisioned-to-revisioned-118":{"__comp":"17896441","content":"a1e2e865"},"/service-bridge/next/setup/upgrades/revisioned-to-revisioned-0ab":{"__comp":"17896441","content":"c7221b2e"},"/service-bridge/next/setup/workload-onboarding-e85":{"__comp":"14eb3368","__props":"661924fb"},"/service-bridge/next/setup/workload-onboarding/guides/-521":{"__comp":"17896441","content":"7645b66f"},"/service-bridge/next/setup/workload-onboarding/guides/ecs-workloads-85c":{"__comp":"17896441","content":"4c13a267"},"/service-bridge/next/setup/workload-onboarding/guides/managing-3ab":{"__comp":"17896441","content":"422daaff"},"/service-bridge/next/setup/workload-onboarding/guides/on-premise-workloads-940":{"__comp":"17896441","content":"2bca4088"},"/service-bridge/next/setup/workload-onboarding/guides/onboarding-274":{"__comp":"17896441","content":"79ef96ec"},"/service-bridge/next/setup/workload-onboarding/guides/overview-0ad":{"__comp":"17896441","content":"a367c8a3"},"/service-bridge/next/setup/workload-onboarding/guides/setup-f23":{"__comp":"17896441","content":"8f6c159b"},"/service-bridge/next/setup/workload-onboarding/guides/troubleshooting-89f":{"__comp":"17896441","content":"ae518f3d"},"/service-bridge/next/setup/workload-onboarding/onboarding-vms-ff6":{"__comp":"17896441","content":"6233352d"},"/service-bridge/next/setup/workload-onboarding/quickstart-3bf":{"__comp":"14eb3368","__props":"b72431af"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/-488":{"__comp":"17896441","content":"6dbacd90"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-026":{"__comp":"17896441","content":"c891a3fa"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-2c9":{"__comp":"17896441","content":"8ba5f89e"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-84f":{"__comp":"17896441","content":"1c18e0a6"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-0ff":{"__comp":"17896441","content":"2204614f"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-460":{"__comp":"17896441","content":"140072dd"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-813":{"__comp":"17896441","content":"6fc5aa31"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/-db3":{"__comp":"17896441","content":"07b1c2a5"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-41d":{"__comp":"17896441","content":"27c0870e"},"/service-bridge/next/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-9e8":{"__comp":"17896441","content":"086d1dc2"},"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/-2a9":{"__comp":"17896441","content":"d9e0a5ee"},"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-vm-734":{"__comp":"17896441","content":"668b8184"},"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-70a":{"__comp":"17896441","content":"9ac5d56f"},"/service-bridge/next/setup/workload-onboarding/quickstart/on-premise/onboard-vm-7b4":{"__comp":"17896441","content":"afd9de24"},"/service-bridge/next/troubleshooting-734":{"__comp":"14eb3368","__props":"b9e9b60e"},"/service-bridge/next/troubleshooting/cluster-onboarding-b3e":{"__comp":"17896441","content":"5a9219e5"},"/service-bridge/next/troubleshooting/component-status-1d9":{"__comp":"17896441","content":"14f93826"},"/service-bridge/next/troubleshooting/configuration-status-17a":{"__comp":"17896441","content":"49d2383f"},"/service-bridge/next/troubleshooting/gateway-troubleshooting-589":{"__comp":"17896441","content":"06527be9"},"/service-bridge/next/troubleshooting/identify-underperforming-services-2a3":{"__comp":"17896441","content":"935668a0"},"/service-bridge/next/troubleshooting/Maximum-header-size-exceed-f5f":{"__comp":"17896441","content":"3cd39340"},"/service-bridge/next/troubleshooting/Multiple-Transfer-encoding-chunked-baa":{"__comp":"17896441","content":"5d880e25"},"/service-bridge/next/troubleshooting/proxy-tools-348":{"__comp":"17896441","content":"654093e1"},"/service-bridge/next/troubleshooting/troubleshooting-dd3":{"__comp":"17896441","content":"2923610f"},"/service-bridge/next/troubleshooting/tsb-ui-metrics-0b9":{"__comp":"17896441","content":"91d1b09e"},"/service-bridge/next/workingwithsupport/workingWithTetrateSupport-c60":{"__comp":"17896441","content":"b5cbd8f9"},"/service-bridge-49b":{"__comp":"a7bd4aaa","__props":"c58f135d"},"/service-bridge/tags-451":{"__comp":"3720c009","__props":"94fef7a3"},"/service-bridge/tags/featured-c84":{"__comp":"df203c0f","__props":"d83f762e"},"/service-bridge/tags/tsb-concepts-1f6":{"__comp":"df203c0f","__props":"35d2e356"},"/service-bridge/tags/tsb-quickstart-9c9":{"__comp":"df203c0f","__props":"b2cdbdf6"},"/service-bridge-337":{"__comp":"a94703ab"},"/service-bridge/-686":{"__comp":"17896441","content":"9b006afc"},"/service-bridge/category/working-with-tetrate-customer-support-c02":{"__comp":"14eb3368","__props":"e2aba6cb"},"/service-bridge/cheatsheet/-896":{"__comp":"17896441","content":"997b29e6"},"/service-bridge/cheatsheet/sheets/gateways-management-285":{"__comp":"17896441","content":"66505db3"},"/service-bridge/cheatsheet/sheets/kubectl-468":{"__comp":"17896441","content":"cece06b2"},"/service-bridge/cheatsheet/sheets/security-management-4ec":{"__comp":"17896441","content":"f077c483"},"/service-bridge/cheatsheet/sheets/tctl-175":{"__comp":"17896441","content":"b09f3f93"},"/service-bridge/cheatsheet/sheets/traffic-management-a92":{"__comp":"17896441","content":"3e0f7de2"},"/service-bridge/cheatsheet/sheets/tsb-concepts-288":{"__comp":"17896441","content":"d6b97431"},"/service-bridge/cheatsheet/sheets/tsb-quickstart-0df":{"__comp":"17896441","content":"5bf9dfc5"},"/service-bridge/cheatsheet/sheets/tsb-terminology-009":{"__comp":"17896441","content":"5b23651f"},"/service-bridge/concepts/-ded":{"__comp":"17896441","content":"bc317bf7"},"/service-bridge/concepts/architecture-170":{"__comp":"17896441","content":"d5d003c5"},"/service-bridge/concepts/configuration-dataflow-547":{"__comp":"17896441","content":"a33cfe43"},"/service-bridge/concepts/configuration-inheritance-5b0":{"__comp":"17896441","content":"c09e6b51"},"/service-bridge/concepts/glossary-a15":{"__comp":"17896441","content":"7d921e40"},"/service-bridge/concepts/observability-ee2":{"__comp":"17896441","content":"109abd04"},"/service-bridge/concepts/operators/-7ff":{"__comp":"17896441","content":"ad412eaf"},"/service-bridge/concepts/operators/control-plane-10c":{"__comp":"17896441","content":"f0705c51"},"/service-bridge/concepts/operators/management-plane-bca":{"__comp":"17896441","content":"61c5cb33"},"/service-bridge/concepts/security-4d1":{"__comp":"17896441","content":"08a51c11"},"/service-bridge/concepts/service-mesh-382":{"__comp":"17896441","content":"17f5e071"},"/service-bridge/concepts/terminology-d87":{"__comp":"17896441","content":"705fb5fe"},"/service-bridge/concepts/traffic-management-b22":{"__comp":"17896441","content":"d0e90f28"},"/service-bridge/concepts/tsb-and-istio-d1b":{"__comp":"17896441","content":"f8c1fed8"},"/service-bridge/design-guides/-4b0":{"__comp":"17896441","content":"a35b56b1"},"/service-bridge/design-guides/app-onboarding/-a9f":{"__comp":"17896441","content":"f2923ade"},"/service-bridge/design-guides/app-onboarding/cross-cluster-a86":{"__comp":"17896441","content":"4cb2cf3b"},"/service-bridge/design-guides/app-onboarding/deploy-service-ac2":{"__comp":"17896441","content":"14f2ac85"},"/service-bridge/design-guides/app-onboarding/gateway-security-71b":{"__comp":"17896441","content":"88543f57"},"/service-bridge/design-guides/app-onboarding/high-availability-aa8":{"__comp":"17896441","content":"ce3998c4"},"/service-bridge/design-guides/app-onboarding/introduction-96b":{"__comp":"17896441","content":"7811bba1"},"/service-bridge/design-guides/app-onboarding/monitor-e83":{"__comp":"17896441","content":"4f462609"},"/service-bridge/design-guides/app-onboarding/prepare-982":{"__comp":"17896441","content":"2875a5f7"},"/service-bridge/design-guides/app-onboarding/promote-service-9f0":{"__comp":"17896441","content":"bd6f7201"},"/service-bridge/design-guides/app-onboarding/security-d8e":{"__comp":"17896441","content":"8dec60f1"},"/service-bridge/design-guides/ha-dr-mp/-907":{"__comp":"17896441","content":"1d602862"},"/service-bridge/design-guides/ha-dr-mp/active-standby/automated-synchronization-101":{"__comp":"17896441","content":"f89914bd"},"/service-bridge/design-guides/ha-dr-mp/active-standby/manual-backup-restore-10f":{"__comp":"17896441","content":"b68768a8"},"/service-bridge/design-guides/ha-dr-mp/active-standby/troubleshoot-996":{"__comp":"17896441","content":"d514d70b"},"/service-bridge/design-guides/ha-dr-mp/before-you-begin-9fd":{"__comp":"17896441","content":"ee46118b"},"/service-bridge/design-guides/ha-dr-mp/best-practices-c0c":{"__comp":"17896441","content":"93647dfe"},"/service-bridge/design-guides/ha-dr-mp/introduction-732":{"__comp":"17896441","content":"3a779c2e"},"/service-bridge/design-guides/ha-dr-mp/manual/reinstall-3bb":{"__comp":"17896441","content":"50c93133"},"/service-bridge/design-guides/ha-dr-mp/operating/monitor-cb6":{"__comp":"17896441","content":"01087a99"},"/service-bridge/design-guides/ha-dr-mp/operating/troubleshoot-920":{"__comp":"17896441","content":"9bc0bb41"},"/service-bridge/design-guides/ha-dr-mp/scenarios-747":{"__comp":"17896441","content":"58426366"},"/service-bridge/design-guides/ha-multicluster/-6f2":{"__comp":"17896441","content":"1409d0d7"},"/service-bridge/design-guides/ha-multicluster/cluster-failover-338":{"__comp":"17896441","content":"5ce96005"},"/service-bridge/design-guides/ha-multicluster/demo-1-95e":{"__comp":"17896441","content":"a688f9aa"},"/service-bridge/design-guides/ha-multicluster/demo-2-e3e":{"__comp":"17896441","content":"7fb8d2e8"},"/service-bridge/design-guides/ha-multicluster/edge-failover-8a4":{"__comp":"17896441","content":"4f5b165e"},"/service-bridge/design-guides/ha-multicluster/introduction-f9b":{"__comp":"17896441","content":"757dd5fc"},"/service-bridge/design-guides/ha-multicluster/operations-21f":{"__comp":"17896441","content":"0e95169e"},"/service-bridge/howto-841":{"__comp":"14eb3368","__props":"1cff4b33"},"/service-bridge/howto/authorization/-b7f":{"__comp":"17896441","content":"ac12193a"},"/service-bridge/howto/authorization/ingress-gateway-ccf":{"__comp":"17896441","content":"526cab4c"},"/service-bridge/howto/authorization/sidecar-ac8":{"__comp":"17896441","content":"e41f742e"},"/service-bridge/howto/authorization/tier1-gateway-315":{"__comp":"17896441","content":"ba5fa47f"},"/service-bridge/howto/authorization/tls-verification-da6":{"__comp":"17896441","content":"d9f96cf9"},"/service-bridge/howto/gateway-f3a":{"__comp":"14eb3368","__props":"0723c9e2"},"/service-bridge/howto/gateway/app-ingress-8c7":{"__comp":"17896441","content":"61bb8c46"},"/service-bridge/howto/gateway/application-gateway-with-openapi-annotations-6eb":{"__comp":"17896441","content":"965faaf9"},"/service-bridge/howto/gateway/configure-and-route-nonhttp-traffic-4c9":{"__comp":"17896441","content":"acc4bc9d"},"/service-bridge/howto/gateway/configure-oidc-604":{"__comp":"17896441","content":"e5e47001"},"/service-bridge/howto/gateway/distributed-ingress-0d4":{"__comp":"17896441","content":"f57e024f"},"/service-bridge/howto/gateway/end-user-auth-keycloak-9da":{"__comp":"17896441","content":"c83b357c"},"/service-bridge/howto/gateway/host-based-egress-access-control-5cb":{"__comp":"17896441","content":"6c4eb511"},"/service-bridge/howto/gateway/https-with-proxy-protocol-558":{"__comp":"17896441","content":"ac7a2dd1"},"/service-bridge/howto/gateway/multi-cluster-traffic-failover-priority-94d":{"__comp":"17896441","content":"f7fa029d"},"/service-bridge/howto/gateway/multi-cluster-traffic-routing-using-tier2gw-516":{"__comp":"17896441","content":"636a5c8a"},"/service-bridge/howto/gateway/multi-cluster-traffic-routing-with-eastwest-gateway-9a6":{"__comp":"17896441","content":"20073baa"},"/service-bridge/howto/gateway/multi-cluster-traffic-shifting-f47":{"__comp":"17896441","content":"f3bbc562"},"/service-bridge/howto/gateway/oas-validation-e1e":{"__comp":"17896441","content":"6c122d5c"},"/service-bridge/howto/gateway/service-identity-propagation-9e0":{"__comp":"17896441","content":"0e76040c"},"/service-bridge/howto/gateway/shared-ingress-ae8":{"__comp":"17896441","content":"9155d962"},"/service-bridge/howto/gateway/subset-based-routing-using-igw-and-service-route-32b":{"__comp":"17896441","content":"2ce3b6f8"},"/service-bridge/howto/gateway/unfied-gateway-management-via-mp-e85":{"__comp":"17896441","content":"8eaaefac"},"/service-bridge/howto/gateway/unified-gateway-a99":{"__comp":"17896441","content":"278ba062"},"/service-bridge/howto/gateway/unified-gateway-upgrade-f81":{"__comp":"17896441","content":"2fc2c155"},"/service-bridge/howto/gateway/weighted-distribution-and-fallback-758":{"__comp":"17896441","content":"10bd84e8"},"/service-bridge/howto/gitops-190":{"__comp":"14eb3368","__props":"3ea1a167"},"/service-bridge/howto/gitops/argo-rollouts-34a":{"__comp":"17896441","content":"0d7430c3"},"/service-bridge/howto/gitops/clusterrole-d42":{"__comp":"17896441","content":"83ee9b28"},"/service-bridge/howto/gitops/flagger-753":{"__comp":"17896441","content":"ac51c276"},"/service-bridge/howto/gitops/flux-1e1":{"__comp":"17896441","content":"aff743be"},"/service-bridge/howto/gitops/gitops-313":{"__comp":"17896441","content":"40906145"},"/service-bridge/howto/hpa-using-skywalking-7f0":{"__comp":"17896441","content":"c759b15a"},"/service-bridge/howto/network-policies-a23":{"__comp":"17896441","content":"e0eccbc9"},"/service-bridge/howto/promql-using-skywalking-f5b":{"__comp":"17896441","content":"432482e9"},"/service-bridge/howto/rate-limiting/-38e":{"__comp":"17896441","content":"50690ad4"},"/service-bridge/howto/rate-limiting/external-rate-limiting-f9a":{"__comp":"17896441","content":"036b753f"},"/service-bridge/howto/rate-limiting/ingress-gateway-6b8":{"__comp":"17896441","content":"852f8c85"},"/service-bridge/howto/rate-limiting/internal-rate-limiting-aa8":{"__comp":"17896441","content":"f656b44f"},"/service-bridge/howto/rate-limiting/service-to-service-7c4":{"__comp":"17896441","content":"040ad056"},"/service-bridge/howto/rate-limiting/tier1-gateway-bd1":{"__comp":"17896441","content":"773aceef"},"/service-bridge/howto/rate-limiting/tls-validation-c04":{"__comp":"17896441","content":"62592e96"},"/service-bridge/howto/security-domains-460":{"__comp":"17896441","content":"f3d3ce01"},"/service-bridge/howto/service-accounts-020":{"__comp":"17896441","content":"c4e9bec4"},"/service-bridge/howto/traffic-907":{"__comp":"14eb3368","__props":"525e0f00"},"/service-bridge/howto/traffic/canary-releases-6fe":{"__comp":"17896441","content":"b3564314"},"/service-bridge/howto/traffic/configure-multi-port-service-route-079":{"__comp":"17896441","content":"25bee4c9"},"/service-bridge/howto/traffic/gateway-mtls-e90":{"__comp":"17896441","content":"e2a6c3f8"},"/service-bridge/howto/traffic/load-balance-21e":{"__comp":"17896441","content":"420dd5c2"},"/service-bridge/howto/traffic/migrating-VM-monoliths-ceb":{"__comp":"17896441","content":"9e24b183"},"/service-bridge/howto/traffic/splitting-service-traffic-between-k8s-vms-e03":{"__comp":"17896441","content":"d5852747"},"/service-bridge/howto/waf-6fb":{"__comp":"17896441","content":"9ca817d5"},"/service-bridge/howto/wasm-b2f":{"__comp":"14eb3368","__props":"e4ebe3ae"},"/service-bridge/howto/wasm/wasm-extension-051":{"__comp":"17896441","content":"5d9e4268"},"/service-bridge/howto/wasm/wasm-overview-556":{"__comp":"17896441","content":"dc5dc24d"},"/service-bridge/howto/wasm/wasm-proxy-eb1":{"__comp":"17896441","content":"1feec529"},"/service-bridge/howto/wasm/wasm-try-ee4":{"__comp":"17896441","content":"0e80956c"},"/service-bridge/knowledge-base-bc3":{"__comp":"14eb3368","__props":"137ced21"},"/service-bridge/knowledge-base/faq-873":{"__comp":"17896441","content":"684794e0"},"/service-bridge/knowledge-base/gitops-945":{"__comp":"17896441","content":"4f78d3c2"},"/service-bridge/operations-e83":{"__comp":"14eb3368","__props":"0252476e"},"/service-bridge/operations/configuration-promotion-94f":{"__comp":"17896441","content":"a1e9edef"},"/service-bridge/operations/configure-log-levels-33f":{"__comp":"17896441","content":"4679f4b8"},"/service-bridge/operations/elasticsearch-df8":{"__comp":"14eb3368","__props":"b6deb551"},"/service-bridge/operations/elasticsearch/elasticsearch-role-d5f":{"__comp":"17896441","content":"a270de6f"},"/service-bridge/operations/elasticsearch/wipe-elastic-3d1":{"__comp":"17896441","content":"7a448d0c"},"/service-bridge/operations/features-e7f":{"__comp":"14eb3368","__props":"0edb2a0a"},"/service-bridge/operations/features/configure-cluster-external-addresses-74b":{"__comp":"17896441","content":"896f2405"},"/service-bridge/operations/features/configure-gitops-11a":{"__comp":"17896441","content":"86f23685"},"/service-bridge/operations/features/deletion-protection-975":{"__comp":"17896441","content":"36986d48"},"/service-bridge/operations/features/edge-dns-resolution-180":{"__comp":"17896441","content":"e72731f7"},"/service-bridge/operations/features/enable-config-protection-bd5":{"__comp":"17896441","content":"ac66e332"},"/service-bridge/operations/features/gateway-deletion-webhook-e2b":{"__comp":"17896441","content":"53babb18"},"/service-bridge/operations/features/internal-wasm-extensions-40d":{"__comp":"17896441","content":"689fc6b7"},"/service-bridge/operations/features/istio-cni-da5":{"__comp":"17896441","content":"caf5570e"},"/service-bridge/operations/features/label-annotation-67c":{"__comp":"17896441","content":"384d0e08"},"/service-bridge/operations/features/streaming-log-1cf":{"__comp":"17896441","content":"36547aff"},"/service-bridge/operations/features/tier1-in-app-cluster-6f8":{"__comp":"17896441","content":"446d1c18"},"/service-bridge/operations/features/tls-origin-multi-cluster-1ef":{"__comp":"17896441","content":"6826edbf"},"/service-bridge/operations/graceful-connection-drain-3cc":{"__comp":"17896441","content":"706efd88"},"/service-bridge/operations/kube-customization-4d4":{"__comp":"17896441","content":"9d22647b"},"/service-bridge/operations/lower-istio-resources-ed5":{"__comp":"17896441","content":"b25903ec"},"/service-bridge/operations/migrate-organization-72e":{"__comp":"17896441","content":"445e5eda"},"/service-bridge/operations/multiple-iam-keys-0b0":{"__comp":"17896441","content":"4fcaea58"},"/service-bridge/operations/postgresql-2d5":{"__comp":"14eb3368","__props":"36911801"},"/service-bridge/operations/postgresql/auditlog-retention-25d":{"__comp":"17896441","content":"c3d54a28"},"/service-bridge/operations/postgresql/azure-credentials-f61":{"__comp":"17896441","content":"caa03b01"},"/service-bridge/operations/postgresql/backup-and-restore-0b8":{"__comp":"17896441","content":"9f6b31c1"},"/service-bridge/operations/postgresql/managing-kubegres-790":{"__comp":"17896441","content":"013072af"},"/service-bridge/operations/telemetry-dd9":{"__comp":"14eb3368","__props":"30a04540"},"/service-bridge/operations/telemetry/alerting-guidelines-1fc":{"__comp":"17896441","content":"51d367ac"},"/service-bridge/operations/telemetry/distributed-tracing-8eb":{"__comp":"17896441","content":"e08f8ff5"},"/service-bridge/operations/telemetry/key-metrics-b29":{"__comp":"17896441","content":"5a36c0da"},"/service-bridge/operations/telemetry/new-relic-c0d":{"__comp":"17896441","content":"4411e01d"},"/service-bridge/operations/telemetry/red-metrics-03b":{"__comp":"17896441","content":"787989a8"},"/service-bridge/operations/telemetry/telemetry-architecture-a2a":{"__comp":"17896441","content":"bf001d4f"},"/service-bridge/operations/users-4e1":{"__comp":"14eb3368","__props":"1ac8bfbe"},"/service-bridge/operations/users/admin-password-ac9":{"__comp":"17896441","content":"435c4f42"},"/service-bridge/operations/users/configuring-ldap-ab1":{"__comp":"17896441","content":"e1eda0ae"},"/service-bridge/operations/users/new-user-local-idp-e57":{"__comp":"17896441","content":"9da47bcf"},"/service-bridge/operations/users/oidc-azure-ab5":{"__comp":"17896441","content":"039df4ea"},"/service-bridge/operations/users/tsb-fqns-436":{"__comp":"17896441","content":"290c8075"},"/service-bridge/operations/users/user-synchronization-10f":{"__comp":"17896441","content":"408592d1"},"/service-bridge/operations/users/users-roles-and-permissions-d7d":{"__comp":"17896441","content":"1c6c92c2"},"/service-bridge/operations/vault-640":{"__comp":"14eb3368","__props":"cdd7753e"},"/service-bridge/operations/vault/elasticsearch-abd":{"__comp":"17896441","content":"b6cf020a"},"/service-bridge/operations/vault/istiod-ca-136":{"__comp":"17896441","content":"93613351"},"/service-bridge/operations/vault/postgresql-1e4":{"__comp":"17896441","content":"17875173"},"/service-bridge/quickstart-205":{"__comp":"14eb3368","__props":"9793a51c"},"/service-bridge/quickstart/apps-11d":{"__comp":"17896441","content":"27efeb8d"},"/service-bridge/quickstart/config-groups-3cb":{"__comp":"17896441","content":"5a55a532"},"/service-bridge/quickstart/deploy-sample-app-343":{"__comp":"17896441","content":"1092da9c"},"/service-bridge/quickstart/ingress-gateway-4b5":{"__comp":"17896441","content":"f2ffe01b"},"/service-bridge/quickstart/introduction-c3f":{"__comp":"17896441","content":"c0d26a61"},"/service-bridge/quickstart/observability-0c8":{"__comp":"17896441","content":"ee2d18ae"},"/service-bridge/quickstart/permissions-996":{"__comp":"17896441","content":"3a6ab09d"},"/service-bridge/quickstart/security-5a5":{"__comp":"17896441","content":"f9355839"},"/service-bridge/quickstart/tenant-155":{"__comp":"17896441","content":"376207fb"},"/service-bridge/quickstart/traffic-shifting-732":{"__comp":"17896441","content":"867fdbae"},"/service-bridge/quickstart/workspace-44f":{"__comp":"17896441","content":"6e741e54"},"/service-bridge/reference-964":{"__comp":"14eb3368","__props":"9587a7a2"},"/service-bridge/reference/cli-920":{"__comp":"14eb3368","__props":"478fc62c"},"/service-bridge/reference/cli/guide/index-c34":{"__comp":"17896441","content":"a3151e49"},"/service-bridge/reference/cli/guide/toc-609":{"__comp":"14eb3368","__props":"7bc075eb"},"/service-bridge/reference/cli/reference-5fd":{"__comp":"14eb3368","__props":"5589bac2"},"/service-bridge/reference/cli/reference/apply-000":{"__comp":"17896441","content":"d860f72a"},"/service-bridge/reference/cli/reference/audit-1bf":{"__comp":"17896441","content":"b1482f7b"},"/service-bridge/reference/cli/reference/collect-b30":{"__comp":"17896441","content":"f985f669"},"/service-bridge/reference/cli/reference/completion-709":{"__comp":"17896441","content":"13ef7316"},"/service-bridge/reference/cli/reference/config-906":{"__comp":"17896441","content":"c8f41744"},"/service-bridge/reference/cli/reference/debug-8e8":{"__comp":"17896441","content":"27440c8e"},"/service-bridge/reference/cli/reference/delete-56d":{"__comp":"17896441","content":"82b1ac79"},"/service-bridge/reference/cli/reference/edit-381":{"__comp":"17896441","content":"c246adb3"},"/service-bridge/reference/cli/reference/experimental-254":{"__comp":"17896441","content":"ef973734"},"/service-bridge/reference/cli/reference/get-354":{"__comp":"17896441","content":"e1c14ca6"},"/service-bridge/reference/cli/reference/index-720":{"__comp":"17896441","content":"41ac0881"},"/service-bridge/reference/cli/reference/install-9c6":{"__comp":"17896441","content":"ae0bc265"},"/service-bridge/reference/cli/reference/login-1fb":{"__comp":"17896441","content":"2712f3ad"},"/service-bridge/reference/cli/reference/service-account-56a":{"__comp":"17896441","content":"befc3617"},"/service-bridge/reference/cli/reference/status-3c3":{"__comp":"17896441","content":"9bbf8641"},"/service-bridge/reference/cli/reference/ui-0c3":{"__comp":"17896441","content":"8342661e"},"/service-bridge/reference/cli/reference/validate-410":{"__comp":"17896441","content":"04b74742"},"/service-bridge/reference/cli/reference/version-04c":{"__comp":"17896441","content":"e7fd9a22"},"/service-bridge/reference/cli/reference/whoami-556":{"__comp":"17896441","content":"be7046e0"},"/service-bridge/reference/cli/reference/workload-entry-annotations-049":{"__comp":"17896441","content":"e1fecf6f"},"/service-bridge/reference/grpc-api-69c":{"__comp":"14eb3368","__props":"d019a50e"},"/service-bridge/reference/grpc-api/guide-884":{"__comp":"17896441","content":"ad8d0989"},"/service-bridge/reference/grpc-api/reference-3e0":{"__comp":"14eb3368","__props":"41472a81"},"/service-bridge/reference/k8s-api-4de":{"__comp":"14eb3368","__props":"41d26cff"},"/service-bridge/reference/k8s-api/guide-f1a":{"__comp":"17896441","content":"f9fc64f1"},"/service-bridge/reference/k8s-api/tsb-crds-gen-e8f":{"__comp":"14eb3368","__props":"180e9c39"},"/service-bridge/reference/k8s-api/tsb-crds-gen/application-tsb-tetrate-io-7f9":{"__comp":"17896441","content":"f50a4ff1"},"/service-bridge/reference/k8s-api/tsb-crds-gen/extension-tsb-tetrate-io-f0c":{"__comp":"17896441","content":"a519c974"},"/service-bridge/reference/k8s-api/tsb-crds-gen/gateway-tsb-tetrate-io-5d7":{"__comp":"17896441","content":"eded0ab9"},"/service-bridge/reference/k8s-api/tsb-crds-gen/istiointernal-tsb-tetrate-io-c4d":{"__comp":"17896441","content":"bd1e1d17"},"/service-bridge/reference/k8s-api/tsb-crds-gen/profile-tsb-tetrate-io-c84":{"__comp":"17896441","content":"5a5c4720"},"/service-bridge/reference/k8s-api/tsb-crds-gen/rbac-tsb-tetrate-io-523":{"__comp":"17896441","content":"eead7173"},"/service-bridge/reference/k8s-api/tsb-crds-gen/security-tsb-tetrate-io-f4c":{"__comp":"17896441","content":"24234f9d"},"/service-bridge/reference/k8s-api/tsb-crds-gen/segmentation-tsb-tetrate-io-186":{"__comp":"17896441","content":"6ed8dcbe"},"/service-bridge/reference/k8s-api/tsb-crds-gen/traffic-tsb-tetrate-io-d96":{"__comp":"17896441","content":"a8f3f710"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/api-87f":{"__comp":"17896441","content":"eb128830"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/cluster-887":{"__comp":"17896441","content":"840ec2f4"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/clusteronboardingconfig-87f":{"__comp":"17896441","content":"dc0e2bb3"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organization-f10":{"__comp":"17896441","content":"75910eb0"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/organizationsetting-511":{"__comp":"17896441","content":"4f174281"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/serviceaccount-f57":{"__comp":"17896441","content":"a03d45f5"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/team-008":{"__comp":"17896441","content":"c1a043d2"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenant-05d":{"__comp":"17896441","content":"e9954154"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/tenantsetting-bce":{"__comp":"17896441","content":"0015a17e"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/user-5c1":{"__comp":"17896441","content":"4d80266e"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspace-a7f":{"__comp":"17896441","content":"f7965eba"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb-tetrate-io/workspacesetting-28c":{"__comp":"17896441","content":"1fdfedf5"},"/service-bridge/reference/k8s-api/tsb-crds-gen/tsb.tetrate.io/v2-0ba":{"__comp":"14eb3368","__props":"bebc14ff"},"/service-bridge/reference/operators-d59":{"__comp":"14eb3368","__props":"9bad085b"},"/service-bridge/reference/rest-api/guide-171":{"__comp":"17896441","content":"4302c4c2"},"/service-bridge/reference/samples-1ee":{"__comp":"14eb3368","__props":"4e435c1e"},"/service-bridge/reference/samples/httpbin-b49":{"__comp":"17896441","content":"4aaa19ea"},"/service-bridge/reference/samples/opa-e3f":{"__comp":"17896441","content":"6234a040"},"/service-bridge/reference/samples/sleep-service-cfa":{"__comp":"17896441","content":"f03d0c00"},"/service-bridge/reference/workload-onboarding-440":{"__comp":"14eb3368","__props":"44cab975"},"/service-bridge/reference/workload-onboarding/onboarding-agent-874":{"__comp":"14eb3368","__props":"8b5f7dff"},"/service-bridge/reference/workload-onboarding/onboarding-authorization-ed1":{"__comp":"14eb3368","__props":"b58e9237"},"/service-bridge/reference/workload-onboarding/onboarding-runtime-281":{"__comp":"14eb3368","__props":"618f9b0a"},"/service-bridge/reference/yaml-api-828":{"__comp":"14eb3368","__props":"645cd078"},"/service-bridge/reference/yaml-api/guide-59e":{"__comp":"17896441","content":"3bbb4d90"},"/service-bridge/reference/yaml-api/reference-e27":{"__comp":"14eb3368","__props":"303741b2"},"/service-bridge/refs/audit/v1/audit-f79":{"__comp":"17896441","content":"2bccee42"},"/service-bridge/refs/audit/v1/grpc-92a":{"__comp":"14eb3368","__props":"e2d3a61f"},"/service-bridge/refs/iam/v2/grpc-89c":{"__comp":"14eb3368","__props":"1def90cf"},"/service-bridge/refs/iam/v2/oauth_service-3f0":{"__comp":"17896441","content":"fd06d4e2"},"/service-bridge/refs/iam/v2/oidc_service-4f3":{"__comp":"17896441","content":"918da351"},"/service-bridge/refs/install-ac6":{"__comp":"14eb3368","__props":"a3d667af"},"/service-bridge/refs/install/common/common_config-88a":{"__comp":"17896441","content":"2f548106"},"/service-bridge/refs/install/controlplane/v1alpha1/spec-a81":{"__comp":"17896441","content":"86e3bb58"},"/service-bridge/refs/install/controlplane/v1alpha1/status-fca":{"__comp":"17896441","content":"829ef224"},"/service-bridge/refs/install/dataplane/v1alpha1/spec-934":{"__comp":"17896441","content":"b13f77ae"},"/service-bridge/refs/install/kubernetes/k8s-13e":{"__comp":"17896441","content":"e98e4d41"},"/service-bridge/refs/install/managementplane/v1alpha1/spec-90d":{"__comp":"17896441","content":"3cab703f"},"/service-bridge/refs/install/managementplane/v1alpha1/status-1eb":{"__comp":"17896441","content":"c4d821c7"},"/service-bridge/refs/onboarding/config/agent/v1alpha1/agent_configuration-0b5":{"__comp":"17896441","content":"0bf036fd"},"/service-bridge/refs/onboarding/config/agent/v1alpha1/onboarding_configuration-de0":{"__comp":"17896441","content":"69ec189e"},"/service-bridge/refs/onboarding/config/authorization/aws/v1alpha1/aws-458":{"__comp":"17896441","content":"d242b60f"},"/service-bridge/refs/onboarding/config/authorization/jwt/v1alpha1/jwt-14f":{"__comp":"17896441","content":"4b2de0d6"},"/service-bridge/refs/onboarding/config/authorization/v1alpha1/policy-df5":{"__comp":"17896441","content":"8178bfee"},"/service-bridge/refs/onboarding/config/install/v1alpha1/jwt_issuer-9c2":{"__comp":"17896441","content":"5609b3ff"},"/service-bridge/refs/onboarding/config/install/v1alpha1/workload_configuration-0a5":{"__comp":"17896441","content":"115d4d2e"},"/service-bridge/refs/onboarding/config/runtime/v1alpha1/registration-420":{"__comp":"17896441","content":"4aac2e39"},"/service-bridge/refs/onboarding/config/types/config/v1alpha1/transport_security-0bb":{"__comp":"17896441","content":"921ceaae"},"/service-bridge/refs/onboarding/config/types/core/v1alpha1/condition-1f0":{"__comp":"17896441","content":"8ed5241e"},"/service-bridge/refs/onboarding/config/types/core/v1alpha1/namespaced_name-50d":{"__comp":"17896441","content":"e1640f9b"},"/service-bridge/refs/onboarding/config/types/identity/aws/v1alpha1/aws-9df":{"__comp":"17896441","content":"a977074c"},"/service-bridge/refs/onboarding/config/types/identity/jwt/v1alpha1/jwt-76d":{"__comp":"17896441","content":"5dedfc04"},"/service-bridge/refs/onboarding/config/types/identity/v1alpha1/identity-586":{"__comp":"17896441","content":"effa75ef"},"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/hostinfo-b3d":{"__comp":"17896441","content":"cfdfa154"},"/service-bridge/refs/onboarding/config/types/registration/v1alpha1/registration-171":{"__comp":"17896441","content":"df186a93"},"/service-bridge/refs/onboarding/private/component/agent/plugin/credential/v1alpha1/plugin-b2b":{"__comp":"17896441","content":"c3c00ec8"},"/service-bridge/refs/onboarding/private/component/agent/plugin/hostinfo/v1alpha1/plugin-e53":{"__comp":"17896441","content":"9da1deb8"},"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_configuration_service-fdd":{"__comp":"17896441","content":"8e16e168"},"/service-bridge/refs/onboarding/private/component/agent/sidecarcontroller/v1alpha1/sidecar_info_service-4ee":{"__comp":"17896441","content":"2e837f9c"},"/service-bridge/refs/onboarding/private/component/plane/config/v1alpha1/onboarding_plane_instance_configuration-e9f":{"__comp":"17896441","content":"88d5f459"},"/service-bridge/refs/onboarding/private/component/plane/generator/v1alpha1/version-278":{"__comp":"17896441","content":"446eabbd"},"/service-bridge/refs/onboarding/private/component/plane/token/v1alpha1/onboarding_token-02f":{"__comp":"17896441","content":"80833eab"},"/service-bridge/refs/onboarding/private/install/v1alpha1/spec-907":{"__comp":"17896441","content":"3f8df9b5"},"/service-bridge/refs/onboarding/private/protocol/authorization/v1alpha1/authorization_service-935":{"__comp":"17896441","content":"3fdccde4"},"/service-bridge/refs/onboarding/private/protocol/discovery/v1alpha1/discovery_service-485":{"__comp":"17896441","content":"cbc4e2b9"},"/service-bridge/refs/onboarding/private/protocol/registration/v1alpha1/registration_service-637":{"__comp":"17896441","content":"242bca94"},"/service-bridge/refs/onboarding/private/protocol/session/v1alpha1/session_service-d31":{"__comp":"17896441","content":"dea02884"},"/service-bridge/refs/onboarding/private/types/config/v1alpha1/transport_security-dd4":{"__comp":"17896441","content":"e032f0ef"},"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/ec2-698":{"__comp":"17896441","content":"1bd01224"},"/service-bridge/refs/onboarding/private/types/credential/aws/v1alpha1/sts-c11":{"__comp":"17896441","content":"3782cd01"},"/service-bridge/refs/onboarding/private/types/credential/jwt/v1alpha1/jwt-7be":{"__comp":"17896441","content":"7829d449"},"/service-bridge/refs/onboarding/private/types/discovery/v1alpha1/discovery-7ad":{"__comp":"17896441","content":"7296dd28"},"/service-bridge/refs/onboarding/private/types/sidecar/v1alpha1/configuration-549":{"__comp":"17896441","content":"65043cac"},"/service-bridge/refs/private/iam/v1/iam-c07":{"__comp":"17896441","content":"b59cc367"},"/service-bridge/refs/test/v1/echo-ff6":{"__comp":"17896441","content":"c4e401e2"},"/service-bridge/refs/tsb/application/v2/api-f71":{"__comp":"17896441","content":"dbb1a60e"},"/service-bridge/refs/tsb/application/v2/application-e35":{"__comp":"17896441","content":"f3da22a0"},"/service-bridge/refs/tsb/application/v2/application_service-b06":{"__comp":"17896441","content":"6d39837a"},"/service-bridge/refs/tsb/application/v2/grpc-d78":{"__comp":"14eb3368","__props":"3deed2a6"},"/service-bridge/refs/tsb/application/v2/openapi_extensions-bb0":{"__comp":"17896441","content":"65bf9492"},"/service-bridge/refs/tsb/application/v2/yaml-489":{"__comp":"14eb3368","__props":"bceff424"},"/service-bridge/refs/tsb/auth/v2/auth-0f6":{"__comp":"17896441","content":"743b18bf"},"/service-bridge/refs/tsb/auth/v2/yaml-0cd":{"__comp":"14eb3368","__props":"e4f2e4c9"},"/service-bridge/refs/tsb/dashboard/v1/dashboard_service-d6d":{"__comp":"17896441","content":"26a05306"},"/service-bridge/refs/tsb/dashboard/v1/grpc-26f":{"__comp":"14eb3368","__props":"66fdf57b"},"/service-bridge/refs/tsb/diagnostic/v2/diagnostic_service-1c0":{"__comp":"17896441","content":"35d8abe3"},"/service-bridge/refs/tsb/diagnostic/v2/grpc-9c8":{"__comp":"14eb3368","__props":"aab6dc06"},"/service-bridge/refs/tsb/extension/v2/grpc-072":{"__comp":"14eb3368","__props":"bbc72aec"},"/service-bridge/refs/tsb/extension/v2/wasm_extension-336":{"__comp":"17896441","content":"6fd7f91f"},"/service-bridge/refs/tsb/extension/v2/wasm_service-d20":{"__comp":"17896441","content":"c381f102"},"/service-bridge/refs/tsb/extension/v2/yaml-722":{"__comp":"14eb3368","__props":"c6ec2fb6"},"/service-bridge/refs/tsb/gateway/v2/auth-46c":{"__comp":"17896441","content":"5b8a98e0"},"/service-bridge/refs/tsb/gateway/v2/eastwest_gateway-923":{"__comp":"17896441","content":"e92c9f6f"},"/service-bridge/refs/tsb/gateway/v2/egress_gateway-478":{"__comp":"17896441","content":"8930937c"},"/service-bridge/refs/tsb/gateway/v2/gateway-6bf":{"__comp":"17896441","content":"3bc30d73"},"/service-bridge/refs/tsb/gateway/v2/gateway_common-028":{"__comp":"17896441","content":"74c8ede2"},"/service-bridge/refs/tsb/gateway/v2/gateway_group-048":{"__comp":"17896441","content":"eb6b9c04"},"/service-bridge/refs/tsb/gateway/v2/gateway_service-1ce":{"__comp":"17896441","content":"079717ad"},"/service-bridge/refs/tsb/gateway/v2/grpc-883":{"__comp":"14eb3368","__props":"ed2b8677"},"/service-bridge/refs/tsb/gateway/v2/ingress_gateway-d11":{"__comp":"17896441","content":"af536908"},"/service-bridge/refs/tsb/gateway/v2/istio_gateway_direct-8bf":{"__comp":"17896441","content":"29cada54"},"/service-bridge/refs/tsb/gateway/v2/tier1_gateway-da9":{"__comp":"17896441","content":"2fd0684d"},"/service-bridge/refs/tsb/gateway/v2/yaml-c98":{"__comp":"14eb3368","__props":"d647b67c"},"/service-bridge/refs/tsb/istiointernal/v2/grpc-3d3":{"__comp":"14eb3368","__props":"eb4f879e"},"/service-bridge/refs/tsb/istiointernal/v2/istio_internal_group-a6a":{"__comp":"17896441","content":"291bc1e7"},"/service-bridge/refs/tsb/istiointernal/v2/istio_istiointernal_direct-d4c":{"__comp":"17896441","content":"eda6a434"},"/service-bridge/refs/tsb/istiointernal/v2/istiointernal_service-d5f":{"__comp":"17896441","content":"4b12423d"},"/service-bridge/refs/tsb/istiointernal/v2/yaml-502":{"__comp":"14eb3368","__props":"25d5f36c"},"/service-bridge/refs/tsb/observability/telemetry/v2/grpc-2cd":{"__comp":"14eb3368","__props":"b1148a1e"},"/service-bridge/refs/tsb/observability/telemetry/v2/metric-8ce":{"__comp":"17896441","content":"f414a007"},"/service-bridge/refs/tsb/observability/telemetry/v2/metric_service-57c":{"__comp":"17896441","content":"5aa75480"},"/service-bridge/refs/tsb/observability/telemetry/v2/source-e4f":{"__comp":"17896441","content":"c9ed2f69"},"/service-bridge/refs/tsb/observability/telemetry/v2/source_service-369":{"__comp":"17896441","content":"ecb116c0"},"/service-bridge/refs/tsb/observability/telemetry/v2/yaml-e9a":{"__comp":"14eb3368","__props":"46f46045"},"/service-bridge/refs/tsb/profile/v2/grpc-d62":{"__comp":"14eb3368","__props":"c5b497b2"},"/service-bridge/refs/tsb/profile/v2/profile-84f":{"__comp":"17896441","content":"97cf425e"},"/service-bridge/refs/tsb/profile/v2/profile_service-f12":{"__comp":"17896441","content":"6c6b773d"},"/service-bridge/refs/tsb/profile/v2/yaml-33b":{"__comp":"14eb3368","__props":"85357b73"},"/service-bridge/refs/tsb/q/v2/approvals_service-e0e":{"__comp":"17896441","content":"6fd439dd"},"/service-bridge/refs/tsb/q/v2/grpc-6ca":{"__comp":"14eb3368","__props":"85ea0e97"},"/service-bridge/refs/tsb/q/v2/permissions_service-a2a":{"__comp":"17896441","content":"c3d6f7e3"},"/service-bridge/refs/tsb/rbac/v2/access_bindings-226":{"__comp":"17896441","content":"e7fcdf72"},"/service-bridge/refs/tsb/rbac/v2/api_access_bindings-6a9":{"__comp":"17896441","content":"9c200a6d"},"/service-bridge/refs/tsb/rbac/v2/application_access_bindings-12b":{"__comp":"17896441","content":"ed51cea0"},"/service-bridge/refs/tsb/rbac/v2/binding-1b8":{"__comp":"17896441","content":"59ec93af"},"/service-bridge/refs/tsb/rbac/v2/gateway_access_bindings-a1c":{"__comp":"17896441","content":"124caa40"},"/service-bridge/refs/tsb/rbac/v2/grpc-064":{"__comp":"14eb3368","__props":"8931169c"},"/service-bridge/refs/tsb/rbac/v2/istio_internal_access_bindings-b73":{"__comp":"17896441","content":"67920717"},"/service-bridge/refs/tsb/rbac/v2/organization_access_bindings-2bc":{"__comp":"17896441","content":"51f0ccfe"},"/service-bridge/refs/tsb/rbac/v2/permissions-5df":{"__comp":"17896441","content":"5549ff18"},"/service-bridge/refs/tsb/rbac/v2/policy_service-8ea":{"__comp":"17896441","content":"083d889d"},"/service-bridge/refs/tsb/rbac/v2/role-877":{"__comp":"17896441","content":"6d1eead7"},"/service-bridge/refs/tsb/rbac/v2/role_service-f45":{"__comp":"17896441","content":"c69ab64f"},"/service-bridge/refs/tsb/rbac/v2/security_access_bindings-155":{"__comp":"17896441","content":"231acd0f"},"/service-bridge/refs/tsb/rbac/v2/tenant_access_bindings-c4e":{"__comp":"17896441","content":"1ff8c965"},"/service-bridge/refs/tsb/rbac/v2/traffic_access_bindings-498":{"__comp":"17896441","content":"a5a117df"},"/service-bridge/refs/tsb/rbac/v2/workspace_access_bindings-3c8":{"__comp":"17896441","content":"55e246b6"},"/service-bridge/refs/tsb/rbac/v2/yaml-636":{"__comp":"14eb3368","__props":"1145ce4f"},"/service-bridge/refs/tsb/registry/v2/grpc-6ba":{"__comp":"14eb3368","__props":"e5a67fbe"},"/service-bridge/refs/tsb/registry/v2/lookup_service-5b1":{"__comp":"17896441","content":"0d58e136"},"/service-bridge/refs/tsb/registry/v2/registration_service-1a4":{"__comp":"17896441","content":"884e93b9"},"/service-bridge/refs/tsb/registry/v2/service-0b8":{"__comp":"17896441","content":"65f2cdf8"},"/service-bridge/refs/tsb/registry/v2/yaml-2c5":{"__comp":"14eb3368","__props":"cd197ccb"},"/service-bridge/refs/tsb/security/v2/grpc-0a5":{"__comp":"14eb3368","__props":"fa7bc08c"},"/service-bridge/refs/tsb/security/v2/istio_security_direct-e47":{"__comp":"17896441","content":"d997f7c6"},"/service-bridge/refs/tsb/security/v2/security_group-dbb":{"__comp":"17896441","content":"f01941da"},"/service-bridge/refs/tsb/security/v2/security_service-6e4":{"__comp":"17896441","content":"67e60501"},"/service-bridge/refs/tsb/security/v2/security_setting-0df":{"__comp":"17896441","content":"f14df8af"},"/service-bridge/refs/tsb/security/v2/service_security_setting-873":{"__comp":"17896441","content":"a26d2e14"},"/service-bridge/refs/tsb/security/v2/waf_settings-4f3":{"__comp":"17896441","content":"98c46a62"},"/service-bridge/refs/tsb/security/v2/yaml-45c":{"__comp":"14eb3368","__props":"1c4d176f"},"/service-bridge/refs/tsb/segmentation/v1/grpc-aaa":{"__comp":"14eb3368","__props":"df351c5a"},"/service-bridge/refs/tsb/segmentation/v1/membership-c6b":{"__comp":"17896441","content":"de95b080"},"/service-bridge/refs/tsb/segmentation/v1/policy-497":{"__comp":"17896441","content":"3675a1e4"},"/service-bridge/refs/tsb/segmentation/v1/rules-6f0":{"__comp":"17896441","content":"28778c0e"},"/service-bridge/refs/tsb/segmentation/v1/service-ae5":{"__comp":"17896441","content":"e5f3eff3"},"/service-bridge/refs/tsb/segmentation/v1/yaml-890":{"__comp":"14eb3368","__props":"c05f05a8"},"/service-bridge/refs/tsb/traffic/v2/grpc-b72":{"__comp":"14eb3368","__props":"6e268d65"},"/service-bridge/refs/tsb/traffic/v2/istio_traffic_direct-040":{"__comp":"17896441","content":"46608d67"},"/service-bridge/refs/tsb/traffic/v2/service_route-845":{"__comp":"17896441","content":"2ed4acc0"},"/service-bridge/refs/tsb/traffic/v2/service_traffic_setting-1b7":{"__comp":"17896441","content":"8257f5d1"},"/service-bridge/refs/tsb/traffic/v2/traffic_group-ba2":{"__comp":"17896441","content":"f20ab8a3"},"/service-bridge/refs/tsb/traffic/v2/traffic_service-cfc":{"__comp":"17896441","content":"c90b1c61"},"/service-bridge/refs/tsb/traffic/v2/traffic_setting-df0":{"__comp":"17896441","content":"831291a7"},"/service-bridge/refs/tsb/traffic/v2/yaml-74a":{"__comp":"14eb3368","__props":"49b8bd5a"},"/service-bridge/refs/tsb/types/v2/types-d31":{"__comp":"17896441","content":"76cf3f3c"},"/service-bridge/refs/tsb/types/v2/yaml-a85":{"__comp":"14eb3368","__props":"cdba762a"},"/service-bridge/refs/tsb/v2/api-7b6":{"__comp":"17896441","content":"c2779a84"},"/service-bridge/refs/tsb/v2/cluster-09e":{"__comp":"17896441","content":"6d992181"},"/service-bridge/refs/tsb/v2/cluster_service-bd0":{"__comp":"17896441","content":"f6f40d6b"},"/service-bridge/refs/tsb/v2/grpc-dd6":{"__comp":"14eb3368","__props":"ff6af7ca"},"/service-bridge/refs/tsb/v2/info-6b8":{"__comp":"17896441","content":"140c0967"},"/service-bridge/refs/tsb/v2/organization-e00":{"__comp":"17896441","content":"058b72c1"},"/service-bridge/refs/tsb/v2/organization_service-1f1":{"__comp":"17896441","content":"f13e78b1"},"/service-bridge/refs/tsb/v2/organization_setting-191":{"__comp":"17896441","content":"366a03ca"},"/service-bridge/refs/tsb/v2/status-de4":{"__comp":"17896441","content":"7cccc313"},"/service-bridge/refs/tsb/v2/status_service-ee2":{"__comp":"17896441","content":"dd889229"},"/service-bridge/refs/tsb/v2/team-88f":{"__comp":"17896441","content":"6421a5e1"},"/service-bridge/refs/tsb/v2/team_service-50c":{"__comp":"17896441","content":"1c65f2fd"},"/service-bridge/refs/tsb/v2/tenant-517":{"__comp":"17896441","content":"1f1514b2"},"/service-bridge/refs/tsb/v2/tenant_service-a86":{"__comp":"17896441","content":"9d2ed416"},"/service-bridge/refs/tsb/v2/tenant_setting-a64":{"__comp":"17896441","content":"0c88e6ea"},"/service-bridge/refs/tsb/v2/workspace-7a0":{"__comp":"17896441","content":"20aceebc"},"/service-bridge/refs/tsb/v2/workspace_service-4f4":{"__comp":"17896441","content":"72428bc7"},"/service-bridge/refs/tsb/v2/workspace_setting-9c7":{"__comp":"17896441","content":"2901323f"},"/service-bridge/refs/tsb/v2/yaml-356":{"__comp":"14eb3368","__props":"5960ffb4"},"/service-bridge/release-notes-920":{"__comp":"17896441","content":"fae6216c"},"/service-bridge/release-notes-announcements-2b5":{"__comp":"14eb3368","__props":"7c255b57"},"/service-bridge/release-notes-announcements/announcement-d68":{"__comp":"17896441","content":"4aa82cac"},"/service-bridge/release-notes-announcements/feature-status-4d9":{"__comp":"17896441","content":"e0d2c11b"},"/service-bridge/release-notes-announcements/support-policy-ebd":{"__comp":"17896441","content":"dfc677c7"},"/service-bridge/setup-c40":{"__comp":"14eb3368","__props":"e3a2d79b"},"/service-bridge/setup/aws-b24":{"__comp":"14eb3368","__props":"dce63438"},"/service-bridge/setup/aws/container-marketplace-3ed":{"__comp":"17896441","content":"85be3a74"},"/service-bridge/setup/aws/vpc-542":{"__comp":"17896441","content":"4edc2365"},"/service-bridge/setup/certificate-08c":{"__comp":"14eb3368","__props":"da1b1939"},"/service-bridge/setup/certificate/automated-certificate-management-000":{"__comp":"17896441","content":"ea3fbe1c"},"/service-bridge/setup/certificate/certificate-requirements-088":{"__comp":"17896441","content":"307f9c3d"},"/service-bridge/setup/certificate/certificate-setup-605":{"__comp":"17896441","content":"c4c714fb"},"/service-bridge/setup/components-b8e":{"__comp":"17896441","content":"d7b57a60"},"/service-bridge/setup/fips-e28":{"__comp":"17896441","content":"e2653ef4"},"/service-bridge/setup/firewall-information-6b2":{"__comp":"17896441","content":"b14d85fe"},"/service-bridge/setup/helm/-5af":{"__comp":"17896441","content":"96dbbf1b"},"/service-bridge/setup/helm/controlplane-011":{"__comp":"17896441","content":"dd4fc284"},"/service-bridge/setup/helm/helm-0e2":{"__comp":"17896441","content":"38ef3c77"},"/service-bridge/setup/helm/managementplane-b83":{"__comp":"17896441","content":"9e9d333c"},"/service-bridge/setup/helm/uninstallation-586":{"__comp":"17896441","content":"24e4589c"},"/service-bridge/setup/helm/upgrade-78a":{"__comp":"17896441","content":"19bf2410"},"/service-bridge/setup/isolation-boundaries-2f1":{"__comp":"17896441","content":"f4744169"},"/service-bridge/setup/isolation-boundaries-installation-605":{"__comp":"17896441","content":"a3fc93f4"},"/service-bridge/setup/migrate-tctl-to-helm-46b":{"__comp":"17896441","content":"5d73f576"},"/service-bridge/setup/remote-registry-154":{"__comp":"17896441","content":"94d0edeb"},"/service-bridge/setup/requirements-and-download-c5d":{"__comp":"17896441","content":"44fbc43f"},"/service-bridge/setup/resource-planning-c6f":{"__comp":"17896441","content":"195c7f48"},"/service-bridge/setup/security-context-9ec":{"__comp":"17896441","content":"e2f0c46b"},"/service-bridge/setup/self-managed/-bcb":{"__comp":"17896441","content":"45e8127f"},"/service-bridge/setup/self-managed/demo-installation-1ab":{"__comp":"17896441","content":"afbaa193"},"/service-bridge/setup/self-managed/management-plane-installation-3ab":{"__comp":"17896441","content":"b83d21ce"},"/service-bridge/setup/self-managed/onboarding-clusters-abd":{"__comp":"17896441","content":"f3a7ee63"},"/service-bridge/setup/self-managed/uninstallation-0a0":{"__comp":"17896441","content":"68290f8f"},"/service-bridge/setup/self-managed/upgrade-85c":{"__comp":"17896441","content":"ad71e513"},"/service-bridge/setup/tctl-connect-cf3":{"__comp":"17896441","content":"7bef8834"},"/service-bridge/setup/upgrade-best-practices-1c9":{"__comp":"17896441","content":"bdeadd3c"},"/service-bridge/setup/upgrades-28c":{"__comp":"14eb3368","__props":"6d030ea8"},"/service-bridge/setup/upgrades/cni-upgrade-d65":{"__comp":"17896441","content":"141a6391"},"/service-bridge/setup/upgrades/gateway-upgrade-578":{"__comp":"17896441","content":"fec135ab"},"/service-bridge/setup/upgrades/non-revisioned-to-revisioned-364":{"__comp":"17896441","content":"725bbb6f"},"/service-bridge/setup/upgrades/revisioned-to-revisioned-1e6":{"__comp":"17896441","content":"45e0d3b3"},"/service-bridge/setup/workload-onboarding-e79":{"__comp":"14eb3368","__props":"6c1c6a1e"},"/service-bridge/setup/workload-onboarding/guides/-46c":{"__comp":"17896441","content":"91f642e9"},"/service-bridge/setup/workload-onboarding/guides/ecs-workloads-b6d":{"__comp":"17896441","content":"63b9d101"},"/service-bridge/setup/workload-onboarding/guides/managing-30f":{"__comp":"17896441","content":"1c365ecf"},"/service-bridge/setup/workload-onboarding/guides/on-premise-workloads-f88":{"__comp":"17896441","content":"f348f219"},"/service-bridge/setup/workload-onboarding/guides/onboarding-ba7":{"__comp":"17896441","content":"da6e5fba"},"/service-bridge/setup/workload-onboarding/guides/overview-e03":{"__comp":"17896441","content":"1331e691"},"/service-bridge/setup/workload-onboarding/guides/setup-804":{"__comp":"17896441","content":"73e15154"},"/service-bridge/setup/workload-onboarding/guides/troubleshooting-dad":{"__comp":"17896441","content":"c575dc8b"},"/service-bridge/setup/workload-onboarding/onboarding-vms-c08":{"__comp":"17896441","content":"dc57ab53"},"/service-bridge/setup/workload-onboarding/quickstart-51c":{"__comp":"14eb3368","__props":"a3abed73"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/-a86":{"__comp":"17896441","content":"ace675f7"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/bookinfo-3ca":{"__comp":"17896441","content":"44e7c0cb"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-vm-f06":{"__comp":"17896441","content":"2747d23a"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/configure-workload-onboarding-756":{"__comp":"17896441","content":"6d91c7ae"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/enable-workload-onboarding-7b4":{"__comp":"17896441","content":"bf0d08ab"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-asg-3a3":{"__comp":"17896441","content":"73428312"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ec2/onboard-vm-bf0":{"__comp":"17896441","content":"7214ffd6"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/-85e":{"__comp":"17896441","content":"ecf302fe"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/configure-workload-onboarding-511":{"__comp":"17896441","content":"e5742bb3"},"/service-bridge/setup/workload-onboarding/quickstart/aws-ecs/onboard-ecs-5a0":{"__comp":"17896441","content":"9d9cf21b"},"/service-bridge/setup/workload-onboarding/quickstart/on-premise/-3c2":{"__comp":"17896441","content":"b2182d0d"},"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-vm-04d":{"__comp":"17896441","content":"364269c1"},"/service-bridge/setup/workload-onboarding/quickstart/on-premise/configure-workload-onboarding-5e6":{"__comp":"17896441","content":"fe59c1d7"},"/service-bridge/setup/workload-onboarding/quickstart/on-premise/onboard-vm-0d8":{"__comp":"17896441","content":"47fd25b2"},"/service-bridge/troubleshooting-1d7":{"__comp":"14eb3368","__props":"3f6b97ac"},"/service-bridge/troubleshooting/cluster-onboarding-43a":{"__comp":"17896441","content":"c7ff95f0"},"/service-bridge/troubleshooting/component-status-c7d":{"__comp":"17896441","content":"ae119996"},"/service-bridge/troubleshooting/configuration-status-9f2":{"__comp":"17896441","content":"cb51218f"},"/service-bridge/troubleshooting/gateway-troubleshooting-bf0":{"__comp":"17896441","content":"71b0e09a"},"/service-bridge/troubleshooting/identify-underperforming-services-10f":{"__comp":"17896441","content":"4fe8ca85"},"/service-bridge/troubleshooting/Maximum-header-size-exceed-1e7":{"__comp":"17896441","content":"ecba6219"},"/service-bridge/troubleshooting/Multiple-Transfer-encoding-chunked-787":{"__comp":"17896441","content":"13014403"},"/service-bridge/troubleshooting/proxy-tools-120":{"__comp":"17896441","content":"c5c09e02"},"/service-bridge/troubleshooting/troubleshooting-dcb":{"__comp":"17896441","content":"d62fadc6"},"/service-bridge/troubleshooting/tsb-ui-metrics-4ec":{"__comp":"17896441","content":"2250ee86"},"/service-bridge/workingwithsupport/workingWithTetrateSupport-13d":{"__comp":"17896441","content":"9fd4cd86"},"/-e5f":{"__comp":"1df93b7f","__context":{"plugin":"a7456010"},"config":"5e9f5e1a"}}')},345874:function(e){"use strict";e.exports=JSON.parse('{"d":"localStorage","u":""}')}},function(e){e.O(0,["86212"],function(){return e(e.s="187955")}),e.O()}]);</pre></body></html>